similar to: unexplained Replication failures...?

Hi Denis, Thanks for taking the time to answer. Yes, I may have been wrong with --forced-sync and --full-sync since the start but in fact I wanted to make sure to force replication between the servers. Here is what I have noticed: - replication works from dc00 -> dc00 but not from dc01 -> dc00: [root at dc00 ~]# samba-tool drs replicate DC01 DC00 dc=ad,dc=lasthome,dc=solace,dc=krynn

On 21/08/2020 21:40, vincent at cojot.name wrote: > On Fri, 21 Aug 2020, Rowland penny via samba wrote: > >> This works for me: >> >> rowland at devstation:~$ sudo ldapsearch -H >> ldaps://dc01.samdom.example.com -D 'SAMDOM\Administrator' -w >> 'xxxxxxxxxx' -b 'dc=samdom,dc=example,dc=com' >>

Hi All, On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 and 03 are gone), I've noticed the following errors which I am unable to fix.. Any hints? * Basic dbcheck is clean. [root at dc00 ~]# samba-tool dbcheck Checking 327 objects Checked 327 objects (0 errors) * Cross-NCS shows two errors related to a de-comissionned DC (dc02) and cannot auto-fix this.. How do I fix

On Tue, 22 Jan 2019, Rowland Penny via samba wrote: > On Tue, 22 Jan 2019 14:20:21 -0500 (EST) > "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > >> >> Hi All, >> >> On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 >> and 03 are gone), I've noticed the following errors which I am unable >> to

Hi Vincent, > I'm running in circles trying to debug replication failures on samba 4.7.6: > > dc00 : is a VM on KVM host (attached to a bridge on local LAN) > dc01 : is a similarly configured VM on another KVM host. > > I've forcibly demoted and re-promoted dc01 but I still cannot get > automatic replication to work: > > root at dc00 ~]# samba-tool drs showrepl

On Fri, 2020-08-21 at 17:51 -0400, Vincent S. Cojot via samba wrote: > Hi Rowland, > > First of all, thank you for taking the time to help me. > I tried your suggestion and all results came up empty. > > Then I did a few lapdsearch(es) and found this: > > 1) This query returns two users: > ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D >

On 21/08/2020 20:08, Rowland penny via samba wrote: > On 21/08/2020 19:28, Vincent S. Cojot via samba wrote: >> >> Hi everyone, >> >> I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to >> use with OpenShift (a container platform to which RedHat contributes >> - aka OCP). I'm also not too skilled on LDAP even though I've been

On 08/06/2019 21:32, Rowland penny via samba wrote: > On 08/06/2019 16:24, Uwe Laverenz via samba wrote: >> Hi all, >> >> when you join a linux server to an active directory with "realm" it >> uses "sssd" as default. This works well as long as you just want to >> be a simple domain member. >> >> As soon as you want a real member

Hi All, I know RHEL has bad press here but I'd like to share a different opinion (works for me) and maybe share some of my settings. BTW, Those views are my own, not those of my employer. I run a small AD at home. The setup is as follows: - two AD DCs (RHEL7.6 KVM virtual machines + Samba 4.8.7 rpms based on SPECs from TranquilIT/Fedora). - several Win10 laptops joined to the domain. -

On 10/06/2019 16:04, vincent at cojot.name wrote: > > There is probably some amount of redtape on this but AFAIK it works > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > through use of realm '(and thus sssd): > > Here's a RHEL7.6 client: > # realm list > ad.lasthome.solace.krynn > ? type: kerberos > ? realm-name:

On Tue, 22 Jan 2019 14:20:21 -0500 (EST) "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > > Hi All, > > On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 > and 03 are gone), I've noticed the following errors which I am unable > to fix.. Any hints? > > * Basic dbcheck is clean. > > [root at dc00 ~]# samba-tool

Hi Andrew, Hi Rowland, I just spent close to one hour debugging this with one OpenShift specialist from RedHat. What we figured was: 1) both of my configs work (auth and group-sync) and are in fact correct. 2) OCP group sync does not sync the groups that have no explicit 'member' Attribute or groups that are 'default' groups (E.g: 'Domain Users') where membership is

On Tue, 22 Jan 2019 15:19:10 -0500 (EST) "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > On Tue, 22 Jan 2019, Rowland Penny via samba wrote: > > > On Tue, 22 Jan 2019 14:20:21 -0500 (EST) > > "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > > > >> > >> Hi All, > >> > >>

On 21/08/2020 22:08, Rowland penny via samba wrote: > On 21/08/2020 21:40, vincent at cojot.name wrote: >> On Fri, 21 Aug 2020, Rowland penny via samba wrote: >> >>> This works for me: >>> >>> rowland at devstation:~$ sudo ldapsearch -H >>> ldaps://dc01.samdom.example.com -D 'SAMDOM\Administrator' -w >>> 'xxxxxxxxxx' -b

Hi everyone, I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to use with OpenShift (a container platform to which RedHat contributes - aka OCP). I'm also not too skilled on LDAP even though I've been running the above for over two years now.. There are typically two steps involved in connecting AD to OCP: 1) declare an OAuth configuration in OCP (requires a bind

On Wed, Jun 12, 2019 at 4:38 AM Rowland penny via samba <samba at lists.samba.org> wrote: > > On 10/06/2019 16:04, vincent at cojot.name wrote: > > > > There is probably some amount of redtape on this but AFAIK it works > > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > > through use of realm '(and thus sssd): > > > >

There is probably some amount of redtape on this but AFAIK it works fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs through use of realm '(and thus sssd): Here's a RHEL7.6 client: # realm list ad.lasthome.solace.krynn type: kerberos realm-name: AD.LASTHOME.SOLACE.KRYNN domain-name: ad.lasthome.solace.krynn configured: kerberos-member server-software:

On a 8 Core system only dom0 can set cap > 100 and vcpus > 1. On a domU ''xm sched-credit -d <domU> -c 200'' says "Error: cap is out of range". Vcpu cannot be set higher than 1 - regardless of boot/config/command line. Low performance is equivalent to the cap setting. See ''xm list --long'': (domain (domid 0) (uuid

Am 16.07.2015 um 17:18 schrieb Rowland Penny: > On 16/07/15 13:27, Reindl Harald wrote: >> >> Am 16.07.2015 um 14:02 schrieb Rowland Penny: >>> /etc/hosts should be: >>> >>> 127.0.0.1 localhost.localdomain localhost >> >> uhm no - you want 127.0.0.1 normally resolved to localhost and hence >> 127.0.0.1 localhost

On 24/07/15 13:53, mathias dufresne wrote: > The following commands work on both DC: > host -t A <short_hostname_of_other_DC> > host -t A <fqdn_hostname_of_other_DC> > > hostname and hostname --fqdn are working on both DC.The simplest way > is to not declare external IP /etc/hosts > > > SRV DNS entries which are working are: > host -t SRV >