similar to: reverse zones configuration

> > And I would just put 'forwarders { 172.16.1.10; };' in 'options' > I already have this entry, but for reverse lookup it does not work. Eg: dig suporte.domain.intra +short 172.16.1.15 dig -x 172.16.1.15 +short shows nothing On Mon, Mar 19, 2018 at 1:59 PM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Mon, 19 Mar 2018 13:51:00 -0300 >

hi folks, To forward everything that does not belong to AD (subdomain ad.domain.intra) to the domain "domain.intra" I configured an entry as show below in named.conf.local zone "domain.intra" IN { type forward; forward only; forwarders { 172.16.1.10; }; # ns1.domain.intra }; Within this network (172.16.1.0/24) I have dc1 (dc1.ad.domain.intra), dc2

Hi Rowland, Could you tell me what the correct permissions are for the bind9 files? On Wed, Jan 3, 2024 at 5:46?PM Elias Pereira <empbilly at gmail.com> wrote: > The only 'problem' I can see is that the group is set to 'bind' instead >> of 'root', why is this ? > > If I'm not mistaken, I did it on the wiki, but maybe I needed an older >

Hai Elias, 聽 Sorry for the late reply. I do preffer the list, and i understand why you mailt my directly, but best is to keep this on the list. The more eye that see this, the more chance you have on a reply. I must say, i personaly dont use any trust relations ships. that was long ago when i used that, so im bit rusty here. 聽 Now, i see you are using my 4.8.2 packages. so you on debian. *( or

hello, In a test environment I set up two DCs. DC1.sandom.teste.com DC2.sandom.teste.com All tests requested by the wiki were done and all ok. I tried to join a Samba DC to an existing Active Directory, but after it requests the password, the following error occurs. root at dc2 # samba-tool domain join sandom.teste.com DC -U"SERTAO\administrator" --dns-backend=BIND9_DLZ

On Wed, 17 Jan 2024 16:43:26 -0300 Elias Pereira <empbilly at gmail.com> wrote: > Okay. How do I know if the command really ran correctly? :D You ran: samba-tool drs replicate dc2 dc3 DC=ForestDnsZones,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br -d10 and got an error message. If you run: samba-tool drs replicate dc2 dc3 DC=ForestDnsZones,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br

hi, I created a lab to test adding the eduPerson schema. I took the schema from the link below and followed the wiki to add the schema. hxxps:// github.com/REFEDS/eduperson/blob/master/schema/activedirectory/eduPerson.adschema.ldf I split the ldif into 3 parts. attrs.ldif classes.ldif auxiliaryClass.ldif At first there was no error when adding the ldifs with the commands given in the wiki. To

On Fri, 19 Jan 2018 11:46:16 -0200 Elias Pereira via samba <samba at lists.samba.org> wrote: > Hello, > > - In my domain I have 2 DCs. > dc1 ... > dc2 ... > > - Both configured as bind_dlz > > I set up the reverse zone on dc1. > > The doubt: > > Do I need to configure on dc2 or is it automatically replicated? It is replicated > Another

hello folks, Elias Pereira via samba <samba at lists.samba.org> wrote: > Thanks for the link Rowland! > > I read some of the old topics on the list, regarding trust > relationship between two different domains and said that samba could > not support. I think it was 2011 topics. > > Today, with so many updates, is it already supported? > Rowland wrote: However,

hi, Still dealing with the error. In some posts on the internet, a user reported that he has more than 40k objects in samba and that's why the error occurs. When running the command "samba-tool dbcheck --cross-ncs --fix --yes" reports that it has "Checking 16529 objects (Checked 16529 objects (0 errors))". So it wouldn't be my case. Running "samba-tool drs

Rowland, AD: 4.5.8 Fileserver: 4.6.3 root at fileserver:~# samba -Version Version 4.6.3-Debian root at fileserver:~# net rpc rights list privileges SeDiskOperatorPrivilege -U "ADDC\administrator" Enter ADDC\administrator's password: SeDiskOperatorPrivilege: ADDC\Domain Admins BUILTIN\Administrators chown root:Domain\ Admins /mnt/dados >>>> ok chmod 0770

Hi Elias, > I thought it worked, but after I uninstalled the software that I deployed > via user scope, it did not reinstall. I selected the "Redeploy application" > option, but it also did not work. The user scope GPO are run with the privileges and access tokens of the logged on user, so the user have local admin rights for install and need access rights to the share you

hello, There is a group in my AD that has a user that does not exist. I can see it via RSAT. By running the command: samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes The following error occurs: Checking 10016 objects WARNING: no target object found for GUID component for one-way forward link member in object CN=ALUNOS,OU=GRUPOS,OU=CAMPUS,DC=mycompany,DC=net -

You do what you want! The point is the clients must resolve everything. You have two options: A - client resolver is non-DC DNS server: here the non-DC DNS server must be configured to forward DNS requests about AD to AD DNS servers (to DCs) B - client resolver is AD DNS server: here AD DNS server(s) used as resolver(s) must be configured to forward any non-AD DNS request to non-DC DNS server.

We have migrated away from a single MS AD to a 2 server Samba AD. We have DC1, which is a samba 4.5 server, and DC2, which is a samba 4.2 server. Everything seems to be working fine, with the exception that I can't connect to DC1 using Windows RSAT, where I can connect to DC2 without any problems. When connecting, an pretty generic error is shown: "The following domaincontroller could

> > Simple answer: > Administrator, No > Domain Admins, Yes Ok. It was already that way. root at fileserver:/etc/samba# getent group ... domain admins:x:10004: domain users:x:10000: dap:x:10003: dti:x:10001: For some reason with the administrator user is not working, I put my user as domain admin and include him as a member of unix and now I can access the security tab.

Hello guys, For those who already have an external DNS server on a separate machine, how the best way to work with Samba4 ? How to integrate this bind server with Samba configuration ways in relation to dns (samba_internal/bind_dlz)

there is the same problem. My setup is as follow: router (DHCP/Bind as forwarder dc1 and dc2) /etc/dhcpd.conf option domain-name-servers 192.168.30.2, 192.168.30.6; dc1 (192.168.30.2) / dc2 (192.168.30.6) are domain Controller with bind_dlz DNS, dc2 is update via axfr dc1 ist dns master and where I see the errors. client 192.168.30.175#55454: update 'samdom.example.com/IN' denied

hi, Does anyone on the list use the eduPerson schema in Samba4 as a DC? -- Elias Pereira

On 20/09/2020 00:30, Elias Pereira via samba wrote: > hi, > > I listed the 0ADEL entries with the command below and didn't find the > object. > # ldbsearch --cross-ncs --show-deleted -H /var/lib/samba/private/sam.ldb | > grep "\0ADEL" > > I tried to delete using the command below, but it says it doesn't exist. > # ldbdel -H