similar to: ldb*, -H, multiple source?

Mandi! Rowland Penny via samba In chel di` si favelave... > > There's some sintyax available to use, with ldb* tools, multiple > > ''server'', eg use multiple '-H', or write server in a roud-robin > > style? > No, there is no way built into samba-tool to do what you are asking, > you will have to script something around samba-tool, something

Mandi! Rowland Penny via samba In chel di` si favelave... > Why do you need a list of users ? Because?! ;-) I've coded some script in the past (eg, when i was using OpenLDAP and samba in NT mode) that do something on the behalf of the users, ad i was used to do a 'getent passwd' to have the list. > effect when 5.0.0 came out. I cannot see any of then being marked as >

I need to do a simple query, against some LDAP data in 'laster draft schema' format i've added to te samba/AD schema. All LDAP query return the same result on all (6) of the DC: root at vdcsv1:~# ldapsearch -H ldap://vdcsv2.ad.fvg.lnf.it -W -D CN=mta,OU=Restricted,DC=ad,DC=fvg,DC=lnf,DC=it -b DC=ad,DC=fvg,DC=lnf,DC=it "(cn=prova123)" rfc822MailMember Enter LDAP Password:

Hai Marco, Yes, best is to use the "localhost" dns setup as caching/forwarder only. All you need is for the forwarding is : zone "your.dnsdomain.tld" { type forward; forwarders { IP_DC1; IP_DC2; }; }; zone "168.192.in-addr.arpa" { type forward; forwarders { IP_DC1; IP_DC2; }; }; If you think its still to slow, remove > options attempts:2

Mandi! Rowland Penny via samba In chel di` si favelave... > I wouldn't call it a bug, it would be more of an enhancement. I mean that, sorry. A ''feature request''. > You could try patching samba-tool and if/when you get it working, > propose the patch on the samba-technical mailing list. Ahem i know no python at all... ;((( > There is '-P', but it

I'm scripting the ''replica'' of DC xID db (idmap.ldb) between DCs, following: https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings but i've two question. 1) because i've just in place the sysvol replica, i've thinked of copying the 'idmap.ldb.bak' file on sysvol share (in debian,

I was used (in SambaNT/OpenLDAP) to put on CUPS configuration the statement (/etc/cups/cups-files.conf): SystemGroup printops and add to 'printops' group some users that can manage cups. Now i'm in AD mode. I'm in 'printops' group: root at vdmpp1:~# id gaio uid=10000(gaio) gid=10513(domain users) gruppi=10513(domain

I've setup my second DC, following the samba wiki, without major trouble. Only three notes: a) i've followed the suggestion to move idmap.ldb from the first DC to the second (Rowland! Clap me! I've not sayed 'primary' and 'secondary'! ;-). After that, as suggested by the wiki, i've done a 'samba-tool ntacl sysvolreset' but: root at vdcpp1:~# samba-tool

Reding the thread in list about gluster, i've found that in your samba packages 4.5.12+dfsg-2+deb9u2~bpo8+1 there's no vfs_glusterfs module, only the manpage. root at vdmsv1:~# grep glusterfs /var/lib/dpkg/info/samba*.list /var/lib/dpkg/info/samba-vfs-modules.list:/usr/share/man/man8/vfs_glusterfs.8.gz root at vdmsv1:~# grep /vfs/ /var/lib/dpkg/info/samba*.list

Reading here i've understod that for LDAP query it is better to use SAMAccountName as 'login', but today i've found: https://docs.microsoft.com/it-it/windows/desktop/ADSchema/a-samaccountname so, 'SAMAccountName' is a compatibility field with NT mode, limited to 20 chars. Someone here use 21 chars logins? ;-) -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66

Mandi! Andrew Bartlett via samba In chel di` si favelave... > I hope this clarifies things, Super-clear! Thanks! -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t

I need to close a site. No, no people fired, i've defined sites and DC because i hope that get (re)opened, but... There's some care i need to have to remove a DC (clearly, without FSMO roles)? I've looked on wiki to 'remove a DC' but i was not able to find something... Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra

Debian stretch, louis packages 4.9.16+dfsg-0.1~stretch~1 . After some time (roughly: two weeks) my DC with FSMO roles (seems that other DC are unaffected) goes suddenly on trash: memory jump from 50% (3GB) to 100%, container start to swap and slow down (load 10-15) al the phisical server. A simple restart solve all the troubles. Some hint on how to debug that? Thanks. -- dott. Marco Gaiarin

Hai marco, Well, "My" preffered for now is systemd-networkd. Current debian still used /etc/network/ but next will be systemd as default. Ubuntu uses : /etc/netplan/ Howto configure it. wget https://raw.githubusercontent.com/thctlo/debian-scripts/master/setup-systemd-networkd.sh bash setup-systemd-networkd.sh member Nothing will be changed on the system but you end up with a

Not only NT domains, but also Samba 3.6! Wow! I'm a retro-sysadmin! ;-) I know i'm asking a rather hard thinks but... we are upgrading, but also solving some troubles. We have ''decently'' integrated some W10 1803 in a NT domain, but now with some other 1903 there's no way to make roaming profiles work. Looking at samba logs, seems that the client don't try at

I've read all docs on upgrades, from wiki to Louis notes, and i think i'm ready to upgrade. First step, move from stretch to jessie, and from 4.5 to 4.8, upgrade in place. But having a domain with 6 DCs, i'm a bit scared to upgrade all DC in one turn, and i'm think about something like: a) upgrade DC with FSMO roles, then wait 1-2 day to spot troubles b) then upgrade all DC in

Mandi! Rowland Penny via samba In chel di` si favelave... > > But my question really is: why this policy apply, if i've not enabled > > in GPO? > Probably because GPOs have no effect on a Samba AD DC, they will only > effect Windows clients. Rowland, i'm speaking about windows clients, not samba servers! I've enabled 'complexity checks' in samba servers,

Samba 4.8 (Louis debian repo), DM. Today i've had to recovery a deleted file in that share, that use 'vfs_recycle' modules: [Work] comment = Spazio di Lavoro Utente map acl inherit = Yes path = /srv/work read only = No store dos attributes = Yes vfs objects = acl_xattr recycle full_audit volume = Work full_audit:failure = none full_audit:success = mkdir rmdir read pread

As was used to (in Samba NT/LDAP), i've enabled quota on /homes, and homes are exported (as homedrive) for users. Editing quotas (with edquota) works as expected, and in windows explorer users get quota correctly reported, but a simple: repquota -a return nothing: root at vdmsv1:~# repquota -a *** Report for user quotas on device /dev/sdb1 Block grace time: 28days; Inode grace time:

I'm using 'winexe': https://sourceforge.net/projects/winexe/ but this repository, compiled against samba 4.5, and works like a charm: https://sourceforge.net/u/mstowe/winexe/ci/master/tree/ I've tried to recompile them against samba 4.8 (louis repo), and compile flawlessy, but if i try to run them: winexe[10549]: segfault at 138 ip 00007fb165a2f3a4 sp 00007ffdf432a880 error