Displaying 20 results from an estimated 500 matches similar to: "unexplained Replication failures...?"
2018 May 04
1
unexplained Replication failures...?
Hi Denis,
Thanks for taking the time to answer.
Yes, I may have been wrong with --forced-sync and --full-sync since the
start but in fact I wanted to make sure to force replication between the
servers.
Here is what I have noticed:
- replication works from dc00 -> dc00 but not from dc01 -> dc00:
[root at dc00 ~]# samba-tool drs replicate DC01 DC00
dc=ad,dc=lasthome,dc=solace,dc=krynn
2020 Aug 21
4
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
On 21/08/2020 21:40, vincent at cojot.name wrote:
> On Fri, 21 Aug 2020, Rowland penny via samba wrote:
>
>> This works for me:
>>
>> rowland at devstation:~$ sudo ldapsearch -H
>> ldaps://dc01.samdom.example.com -D 'SAMDOM\Administrator' -w
>> 'xxxxxxxxxx' -b 'dc=samdom,dc=example,dc=com'
>>
2019 Jan 22
2
dbtool --cross-ncs and undeletable errors..
Hi All,
On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 and 03
are gone), I've noticed the following errors which I am unable to fix.. Any hints?
* Basic dbcheck is clean.
[root at dc00 ~]# samba-tool dbcheck
Checking 327 objects
Checked 327 objects (0 errors)
* Cross-NCS shows two errors related to a de-comissionned DC (dc02) and
cannot auto-fix this.. How do I fix
2019 Jan 22
2
dbtool --cross-ncs and undeletable errors..
On Tue, 22 Jan 2019, Rowland Penny via samba wrote:
> On Tue, 22 Jan 2019 14:20:21 -0500 (EST)
> "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote:
>
>>
>> Hi All,
>>
>> On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02
>> and 03 are gone), I've noticed the following errors which I am unable
>> to
2018 May 04
0
unexplained Replication failures...?
Hi Vincent,
> I'm running in circles trying to debug replication failures on samba 4.7.6:
>
> dc00 : is a VM on KVM host (attached to a bridge on local LAN)
> dc01 : is a similarly configured VM on another KVM host.
>
> I've forcibly demoted and re-promoted dc01 but I still cannot get
> automatic replication to work:
>
> root at dc00 ~]# samba-tool drs showrepl
2020 Aug 21
2
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
On Fri, 2020-08-21 at 17:51 -0400, Vincent S. Cojot via samba wrote:
> Hi Rowland,
>
> First of all, thank you for taking the time to help me.
> I tried your suggestion and all results came up empty.
>
> Then I did a few lapdsearch(es) and found this:
>
> 1) This query returns two users:
> ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D
>
2020 Aug 21
2
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
On 21/08/2020 20:08, Rowland penny via samba wrote:
> On 21/08/2020 19:28, Vincent S. Cojot via samba wrote:
>>
>> Hi everyone,
>>
>> I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to
>> use with OpenShift (a container platform to which RedHat contributes
>> - aka OCP). I'm also not too skilled on LDAP even though I've been
2019 Jun 10
6
please confirm: sssd not a good idea :)
On 08/06/2019 21:32, Rowland penny via samba wrote:
> On 08/06/2019 16:24, Uwe Laverenz via samba wrote:
>> Hi all,
>>
>> when you join a linux server to an active directory with "realm" it
>> uses "sssd" as default. This works well as long as you just want to
>> be a simple domain member.
>>
>> As soon as you want a real member
2018 Dec 06
5
RHEL7/Centos7 with Samba AD
Hi All,
I know RHEL has bad press here but I'd like to share a different opinion
(works for me) and maybe share some of my settings.
BTW, Those views are my own, not those of my employer.
I run a small AD at home. The setup is as follows:
- two AD DCs (RHEL7.6 KVM virtual machines + Samba 4.8.7 rpms based on
SPECs from TranquilIT/Fedora).
- several Win10 laptops joined to the domain.
-
2019 Jun 10
3
please confirm: sssd not a good idea :)
On 10/06/2019 16:04, vincent at cojot.name wrote:
>
> There is probably some amount of redtape on this but AFAIK it works
> fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs
> through use of realm '(and thus sssd):
>
> Here's a RHEL7.6 client:
> # realm list
> ad.lasthome.solace.krynn
> ? type: kerberos
> ? realm-name:
2019 Jan 22
0
dbtool --cross-ncs and undeletable errors..
On Tue, 22 Jan 2019 14:20:21 -0500 (EST)
"Vincent S. Cojot via samba" <samba at lists.samba.org> wrote:
>
> Hi All,
>
> On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02
> and 03 are gone), I've noticed the following errors which I am unable
> to fix.. Any hints?
>
> * Basic dbcheck is clean.
>
> [root at dc00 ~]# samba-tool
2020 Aug 22
0
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
Hi Andrew, Hi Rowland,
I just spent close to one hour debugging this with one OpenShift
specialist from RedHat. What we figured was:
1) both of my configs work (auth and group-sync) and are in fact correct.
2) OCP group sync does not sync the groups that have no explicit 'member'
Attribute or groups that are 'default' groups (E.g: 'Domain Users') where membership
is
2019 Jan 22
0
dbtool --cross-ncs and undeletable errors..
On Tue, 22 Jan 2019 15:19:10 -0500 (EST)
"Vincent S. Cojot via samba" <samba at lists.samba.org> wrote:
> On Tue, 22 Jan 2019, Rowland Penny via samba wrote:
>
> > On Tue, 22 Jan 2019 14:20:21 -0500 (EST)
> > "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote:
> >
> >>
> >> Hi All,
> >>
> >>
2020 Aug 21
0
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
On 21/08/2020 22:08, Rowland penny via samba wrote:
> On 21/08/2020 21:40, vincent at cojot.name wrote:
>> On Fri, 21 Aug 2020, Rowland penny via samba wrote:
>>
>>> This works for me:
>>>
>>> rowland at devstation:~$ sudo ldapsearch -H
>>> ldaps://dc01.samdom.example.com -D 'SAMDOM\Administrator' -w
>>> 'xxxxxxxxxx' -b
2020 Aug 21
3
Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
Hi everyone,
I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to use
with OpenShift (a container platform to which RedHat contributes - aka
OCP). I'm also not too skilled on LDAP even though I've been running the
above for over two years now..
There are typically two steps involved in connecting AD to OCP:
1) declare an OAuth configuration in OCP (requires a bind
2019 Jun 12
0
please confirm: sssd not a good idea :)
On Wed, Jun 12, 2019 at 4:38 AM Rowland penny via samba
<samba at lists.samba.org> wrote:
>
> On 10/06/2019 16:04, vincent at cojot.name wrote:
> >
> > There is probably some amount of redtape on this but AFAIK it works
> > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs
> > through use of realm '(and thus sssd):
> >
> >
2019 Jun 10
0
please confirm: sssd not a good idea :)
There is probably some amount of redtape on this but AFAIK it works fine
for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs through
use of realm '(and thus sssd):
Here's a RHEL7.6 client:
# realm list
ad.lasthome.solace.krynn
type: kerberos
realm-name: AD.LASTHOME.SOLACE.KRYNN
domain-name: ad.lasthome.solace.krynn
configured: kerberos-member
server-software:
2008 Feb 14
5
On an eight cpu system domU ''cap'' can only be set to 100
On a 8 Core system only dom0 can set cap > 100 and vcpus > 1. On a domU
''xm sched-credit -d <domU> -c 200''
says "Error: cap is out of range". Vcpu cannot be set higher than 1 -
regardless of boot/config/command line. Low performance is equivalent to the
cap setting.
See ''xm list --long'':
(domain
(domid 0)
(uuid
2015 Jul 16
2
4.2.2 as AD with 2 DCs: database incoherency
Am 16.07.2015 um 17:18 schrieb Rowland Penny:
> On 16/07/15 13:27, Reindl Harald wrote:
>>
>> Am 16.07.2015 um 14:02 schrieb Rowland Penny:
>>> /etc/hosts should be:
>>>
>>> 127.0.0.1 localhost.localdomain localhost
>>
>> uhm no - you want 127.0.0.1 normally resolved to localhost and hence
>> 127.0.0.1 localhost
2015 Jul 24
2
4.2.2 as AD with 2 DCs: database incoherency
On 24/07/15 13:53, mathias dufresne wrote:
> The following commands work on both DC:
> host -t A <short_hostname_of_other_DC>
> host -t A <fqdn_hostname_of_other_DC>
>
> hostname and hostname --fqdn are working on both DC.The simplest way
> is to not declare external IP /etc/hosts
>
>
> SRV DNS entries which are working are:
> host -t SRV
>