Displaying 20 results from an estimated 3000 matches similar to: "Issues post AD migration"
2018 Apr 13
2
Issues post AD migration
Hi Rowland,
The issue seems to be due to the groups who decided not to show up in AD. Strangely, even when we added the group with the same name in the AD, it didn't resolv the issue. Even though smb.conf dictates that the user have to a member of a group with that name. Using getent group, we can see the group. Does Samba hold on to the SID of the group somehow?
Is there a way to get
2018 Apr 12
0
Issues post AD migration
On Thu, 12 Apr 2018 10:48:04 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:
> Hi Rowland,
>
> I added the following, reloaded the samba configs, joined the member
> server to the AD domain again
>
> [global]
> netbios name = FS01
> security = ADS
> workgroup = TESTDOM
> realm = TESTDOM.GROUP
> idmap config * :
2018 Apr 06
4
LDAP getent issues
Hi,
We are having some issues with LDAP authentication. Here is our setup
PDC and LDAP(samba classic) = dc01
SambaClassic domain = stdom
Member server = fs01
We migrated from TDB to LDAP. The old TDB users are able to login to the domain and access file shares without issues. Any new user created in LDAP is not able to access the shares. When trying to create shared drives for the new users
2018 Apr 08
2
FW: LDAP getent issues
On Sun, 8 Apr 2018 08:35:24 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:
> Hi Rowland,
>
> Let me start my apologizing about the missed email, must have not
> seen it.
>
> We are migrating to an AD domain , the first step was to migrate PDC
> to LDAP.
>
> So to get around the bug, do we need to create the user in both PDC
> in LDAP and also as a
2019 May 06
3
Doman join issues
On Mon, 6 May 2019 09:47:44 +0000
Praveen Ghimire via samba <samba at lists.samba.org> wrote:
> Hi Louis,
>
> Thank you for that.
>
> I don’t have a /var/lib/samba/bind-dns/dns/ , only
> have /var/lib/samba/private/dns.
>
> Apparmor is now stopped and masked. I had masked the smbd and nmbd
> post the migration, have masked the winbind now.
>
> Have
2018 Apr 08
2
FW: LDAP getent issues
On Sun, 8 Apr 2018 09:05:46 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:
> Hi Rowland,
>
> I have gone through that link a few times and have done both the TDB
> to AD and also LDAP to AD migration a few times.
>
> The AD migration is the second stage.
>
> Let me explain the situation. The Production server is a Samba 3 box
> which acts as the DC
2019 Jun 27
4
Reverse DNS
Hai Praveen,
> -----Oorspronkelijk bericht-----
> Van: Praveen Ghimire [mailto:PGhimire at sundata.com.au]
> Verzonden: donderdag 27 juni 2019 13:46
> Aan: samba at lists.samba.org
> CC: 'L.P.H. van Belle'
> Onderwerp: RE: [Samba] Reverse DNS
>
> Hi Guys,
>
> Thank you for your emails. Here is the info
>
> /etc/apparmor.d/local/usr.sbin.dhcp
>
2017 Dec 07
1
Samba 4 AD issues with RPC
Hi,
Would the Windows 2008/2012 server be looking for a particular DNS record during DCPROMO?
Both the Samba and Windows box are on the same vlan/host/subnet. The UFW has been disabled. Stupid question, do I need to install any RPC package in the Samba box?
Would disabling Bind9 using dnsupdate and dns in server roles help? The only issue I see with that is the SRV records will disappear and
2018 Apr 13
2
Issues post AD migration
Hi Rowland,
The group was in /etc/group and LDAP. Post the AD migration, the group didn’t show up in AD. We then added the group in AD, will check if it has a gid number.
If AD doesn’t have gid, can I remove the group /etc/group and assign it the same gid in AD?
The group in question was one of many which had the same issue, hence the question about importing missed groups in AD
Regards,
2018 Apr 08
2
FW: LDAP getent issues
On Sun, 8 Apr 2018 05:55:18 +0000
Praveen Ghimire via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I've gone through the following link about member server and also the
> samba 3 by example and can confirm that nsdc is not enabled.
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
>
> We are having some issues with LDAP
2018 Aug 10
3
LDAP SSL
Hi Rowland,
The test environment is totally isolated and we testing with images of the client machines.
We're just trying to iron out any issues post the PDC role move. We have a small list we are going through. The SSL bit is one of them.
Once the new environment is stable, we'll be migratingto AD.
Regards,
Praveen Ghimire
-------- Original message --------
From: Rowland Penny
2019 Feb 08
4
Permission issue
Hi Rowland,
The user's ID range would have been below 3600, the current max rid is 3506
The links have been setup following this link, then restarted the samba-ad-dc service
https://wiki.samba.org/index.php/Libnss_winbind_Links
I followed the following to configure the winbindd stuff,
https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC
template shell = /bin/bash
2019 May 06
1
Doman join issues
On Mon, 6 May 2019 11:12:17 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:
> Hi Rowland,
>
> Sorry about the confusion. It is Ubuntu 18.04 with Samba 4.7.6
>
> I have a script that installs the following
>
> apt-get install -y acl attr autoconf bind9utils bison build-essential
> \ debhelper dnsutils docbook-xml docbook-xsl flex gdb libjansson-dev \
>
2019 May 06
3
Doman join issues
Hi Rowland,
I get the same error messages even with the following smb.conf, generated by the migration process.
[global]
workgroup = LIN
realm = LIN.COM
netbios name = LINSERVER01
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
idmap_ldb:use
2017 Dec 06
3
Samba 4 AD issues with RPC
Hi Rowland,
Sorry, migration using BIND9_DLZ gives the same result
Not sure if the following from the migration is of a concern
Could not add posix attrs for AD entry for sid=S-1-5-21-3936576374-1604348213-1812465911-3034, ((21, 'Element loginShell has empty attribute in ldb message ()!'))
Could not add posix attrs for AD entry for sid=S-1-5-21-3936576374-1604348213-1812465911-3040,
2019 May 06
2
Doman join issues
Hi,
We are running test migration on the following environment in preparation for the prod migration. Any suggestions will be grealty appreciated.
OS: Ubuntu18.04
Hypervisor: Proxmox Container (LXC)
Samba Version 4.6.7
DNS: BIND9_DLZ
AD and File server in the same server. Have gone through the Samba documentation regarding this
We get the following when adding a machine (Windows 7) to the
2018 Mar 24
4
Samba NT4 to AD- LDAP
Hi Rowland,
I did that initially and that came with
Failed to connect to ldap URL 'ldap://lin-pdc.lin - LDAP client internal error: NT_STATUS_BAD_NETWORK_NAME
Hence I removed the whole ldap:// bit
After your email I tried again but using ldap://localhost and it seems to have worked. Not sure what the issue is with the fqdn. I could run ldap queries when using fqdn.
Regards,
Praveen
2018 Feb 06
4
Samba Migration and AD integration
Hi Rowland,
Thank you.
Yes to the first point.
We are using Bind9 but to continue using it is not necessarily set in stone. If using Samba Internal DNS makes more sense then we can do that too. The question is do we need to do dns-upgrade and use Internal DNS, pre-migration? Then use internal dns during the classic migration? Also, I assume the bind9 service will have to stopped if infact we
2018 Mar 12
2
LDAP: PDC to BDC replication issues
Hi,
We are having some replication issues between the our PDC and BDC LDAP servers. Here are the details
Servers:
Name: LIN-PDC1.LIN
Role: PDC
SLAPD: openldap-2.4.28
Samba: 3.6.25
Name: LIN-PDC2.LIN
Role: BDC
SLAPD: 2.4.31
Samba: 4.3.11
LDAP Method: cn=config with smbldap tools
Database: HDB
Management: PHPLAMDIN
Replication Method: refreshAndPersist
Replication:
After importing the LDIFs
2018 Feb 07
1
Samba Migration and AD integration
On Wed, 7 Feb 2018 10:02:10 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:
> Hi Rowland,
>
> Following the
> https://wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC,
> ran some tests migrating from Bind9 to Samba Internal with the
> following results
>
> Stopped the BIND, Samba-AD-DC services
>
> samba_upgradedns