similar to: Should Samba-tool RODC preload be run periodically?

Displaying 20 results from an estimated 7000 matches similar to: "Should Samba-tool RODC preload be run periodically?"

2017 Nov 28
2
Should Samba-tool RODC preload be run periodically?
On Wed, 2017-11-29 at 07:26 +1300, Andrew Bartlett via samba wrote: > On Tue, 2017-11-28 at 15:03 +0000, Andrej Gessel via samba wrote: > > Hello list, > > > > I run “samba-tool rodc preload” for multiple users. If one of this users change his password, should I repeat the preload call? (I suppose yes, I need to rerun) > > If I need to rerun samba-tool, can user login
2017 Nov 30
2
Should Samba-tool RODC preload be run periodically?
On Thu, 2017-11-30 at 15:46 +0000, Andrej Gessel via samba wrote: > Hello Andrew, > > thank you for the answer. > > 1) User credentials need to be preloaded with samba-tool to be > automatically replicated later if they change, its correct? No, preloading just makes the first login faster. > 2) And if user try to login on RODC without preloaded credentials, this >
2017 Nov 09
2
samba_kcc RODC failes with NT_STATUS_ACCESS_DENIED
Hello Rowland, of course it will be started by samba, I saw this output if I run "samba -i". But I can trigger this output also by starting samba_kcc manually. Andrej -----Ursprüngliche Nachricht----- Von: Rowland Penny [mailto:rpenny at samba.org] Gesendet: Donnerstag, 9. November 2017 14:04 An: samba at lists.samba.org Cc: Andrej Gessel <Andrej.Gessel at janztec.com>
2017 Mar 31
2
possible memory leak in ldb module while dbcheck on RODC
Hai Andrej, Oeps, Sorry, my mistake 4.6.x needs at least 1.1.29. But you can upgrade to 4.6.x ;-) Check again and if that problem then still exists, then i think you can better ask this one in the samba-technical list. Or if Rowland knows something more about this. One tip, wait untill tomorrow or the weekend, there wil be a new release due to the regression bug. There planning is to be
2017 Jun 13
2
skip chunk if "DRS linked attribute for GUID - DN not found"
Hello everyone, i try to use Samba RODC(4.6.5) with W2K8R2. Windows AD has around 35000 objects. My Samba machine is small one (ARM 32bit CPU) with only 2GB physical memory, so i can’t join to the domain because of expensive memory usage. To solve this Problem, i decide to replicate only critical objects and then let samba_kcc to get other objects. 1 ) Is this an possible way to use Samba AD or
2017 Nov 09
2
samba_kcc RODC failes with NT_STATUS_ACCESS_DENIED
Hello list, I run 2 Samba 4.7.1 RODCs. One in my Default-First-Site-Name and in additional Site where only Samba RODC exists. When I start samba_kcc on first RODC it run’s without errors. If I start samba_kcc on RODC in additional Site it fails with: /usr/local/samba/sbin/samba_kcc: Traceback (most recent call last): /usr/local/samba/sbin/samba_kcc: File
2017 Nov 30
0
Should Samba-tool RODC preload be run periodically?
Hello Andrew, thank you for the answer. 1) User credentials need to be preloaded with samba-tool to be automatically replicated later if they change, its correct? 2) And if user try to login on RODC without preloaded credentials, this credentials will not be cached? (as described in samba wiki) We using Samba 4.7.3 for RODC. Thanks Am 28.11.2017 um 19:55 schrieb Andrew Bartlett: > On
2018 Aug 07
2
setting up a RODC
Hello Stefan, you need to use "-U" with user from Domain Admin group(maybe it works with other users too, but I didn't test it). Andrej Am 07.08.2018 um 17:00 schrieb Stefan Kania via samba: > When I start the replication from the other DC it works as you can see: > ------- > root at addc-01:~# samba-tool drs replicate rodc-01 addc-01 dc=example,dc=net > Replicate
2017 Nov 10
0
samba_kcc RODC failes with NT_STATUS_ACCESS_DENIED
Hello list, I try to fix my issue and found some more debug information: 1) I see error in this situation: Default-First-Site-Name: - TEST-DC (RWDC) Testsite2: - empty Testsite: - BUILDHOST (RODC) If I move TEST-DC to Testsite2, it fix the error, maybe because of 2). 2) python/samba/kcc/__init__.py:create_connections function try always to connect to Default-First-Site-Name, although
2017 Oct 17
2
samba 4.7.0 replication errors
On Mon, 2017-10-16 at 13:07 +0000, Andrej Gessel via samba wrote: > Hello list, > > maybe I saw the same error with backlinks. I try to use Samba 4.7.0 as rodc and perform join with "domain-critical-only"-option. Smb.conf is generated by samba. After starting joined samba I got error like this: Does it change if you don't use that option? > Failed to apply records:
2017 Mar 30
4
possible memory leak in ldb module while dbcheck on RODC
An embedded and charset-unspecified text was scrubbed... Name: memory_profiler.txt URL: <http://lists.samba.org/pipermail/samba/attachments/20170330/f5d10ac9/memory_profiler.txt>
2017 Oct 17
0
samba 4.7.0 replication errors
Hello Andrew, I cannot run complete domain join without this option, because of my hardware limitations. The join ends with " Committing SAM database" and python exception, because no more memory is available. if I run ldbsearch with --extended-dn I got this error message: search failed - Unsupported critical extension 1.2.840.113556.1.4.529 If I run ldbsearch without this option no
2015 Apr 23
2
RODC User preload fails
Hi, I installed a RODC on my mailserver to have a local authentication for mailusers on the machine which doesn't rely on a always-on-connetion to the office. The problem is now that the user-preload doesn't work so that the RODC is not able to authenticate the users itself: samba-tool rodc preload <user> --server <DC1> -U Administrator Password for [AD\Administrator]:
2018 Feb 13
1
ldb warning unique index violation on conflicts with
Hello list, I am testing Samba 4.8.0rc3 and see following output every drepl-Service run: DRS replication add DN of ad1894a9-07f8-4ae2-8e5c-2a15ed9ed8b3 is CN=BUILDHOST,OU=Domain Controllers,DC=samdom,DC=local ldb: ../lib/ldb/ldb_tdb/ldb_index.c:1837: unique index violation on @IDXDN in CN=BUILDHOST,OU=Domain Controllers,DC=samdom,DC=local, conficts with 蔁墁o癣No甬瓧k in
2018 Aug 07
0
setting up a RODC
Hi Andrej, then it works, but on a "normal" addc it works without "-U ". One more Question: When I do a "host -t srv _ldap._tcp.example.net" I only see my writeable DCs but not my RODC. So I tested with: ------ ldbsearch -H /var/lib/samba/private/sam.ldb '(invocationid=*)' --cross-ncs objectguid ------ Found a objectguid for my RODC ------- host -t CNAME
2017 Jun 07
4
domain join RODC failed
Hello, I try to test joining new RODC (samba-tool domain join unn.global RODC -U Administrator -d5) and it's fail with message: Could not find machine account in secrets database: Failed to fetch machine account password for UNN from both secrets.ldb (Could not find entry to match filter: '(&(flatname=UNN)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No
2017 Mar 31
0
possible memory leak in ldb module while dbcheck on RODC
What is the ldb version your using? You need : 1.1.29 with samba 4.5.7. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Andrej Gessel via > samba > Verzonden: vrijdag 31 maart 2017 8:55 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] possible memory leak in ldb module while dbcheck on > RODC >
2018 Aug 14
0
[Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC
2018 Aug 14
0
[Samba] [Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC
2018 Jun 26
0
[Announce] Samba 4.8.3 Available for Download
======================================================== "The dads across the soccer field looked at me as a dad just like them. And I was very grateful." Garth Brooks ======================================================== Release Announcements --------------------- This is the latest stable release of the Samba 4.8 release series. Changes since 4.8.2: