Displaying 20 results from an estimated 20000 matches similar to: "Verifying idmap.ldb consistency across domain controllers"
2018 May 08
2
Verifying idmap.ldb consistency across domain controllers
On 5/8/2018 9:07 AM, Rowland Penny via samba wrote:
> On Tue, 8 May 2018 08:59:52 -0400
> lingpanda101 via samba <samba at lists.samba.org> wrote:
>
>> Hello,
>>
>> Is there a command or quick way to verify idmap.ldb is
>> consistent across domain controllers? Similar to using samba-tool to
>> compare two ldap databases? Thanks.
>>
> No,
2018 May 08
0
Verifying idmap.ldb consistency across domain controllers
On Tue, 8 May 2018 09:23:42 -0400
lingpanda101 via samba <samba at lists.samba.org> wrote:
> My concern is with human error and built in groups. I'm using RFC2307
> on all DC's so all UID's and GID's for manually created user & groups
> I should be good. I'm pretty confident for all DC's I have added to
> the domain, I took the step to copy and
2016 Jun 24
5
Rights issue on GPO
Am 24.06.2016 um 21:24 schrieb Rowland penny:
> On 24/06/16 19:47, lingpanda101 at gmail.com wrote:
>> On 6/24/2016 11:40 AM, mathias dufresne wrote:
>>>
>>>
>>> 2016-06-24 15:24 GMT+02:00 lingpanda101 at gmail.com
>>> <mailto:lingpanda101 at gmail.com> <lingpanda101 at gmail.com
>>> <mailto:lingpanda101 at gmail.com>>:
2016 Jun 24
2
Rights issue on GPO
Am 24.06.2016 um 22:57 schrieb Rowland penny:
> On 24/06/16 21:35, Achim Gottinger wrote:
>>
>>
>> Am 24.06.2016 um 21:24 schrieb Rowland penny:
>>> On 24/06/16 19:47, lingpanda101 at gmail.com wrote:
>>>> On 6/24/2016 11:40 AM, mathias dufresne wrote:
>>>>>
>>>>>
>>>>> 2016-06-24 15:24 GMT+02:00 lingpanda101 at
2016 Jun 25
4
Rights issue on GPO
Am 25.06.2016 um 02:21 schrieb Achim Gottinger:
>
>
> Am 24.06.2016 um 23:16 schrieb Achim Gottinger:
>>
>>
>> Am 24.06.2016 um 22:57 schrieb Rowland penny:
>>> On 24/06/16 21:35, Achim Gottinger wrote:
>>>>
>>>>
>>>> Am 24.06.2016 um 21:24 schrieb Rowland penny:
>>>>> On 24/06/16 19:47, lingpanda101 at
2016 Jun 24
2
Rights issue on GPO
On 6/24/2016 11:40 AM, mathias dufresne wrote:
>
>
> 2016-06-24 15:24 GMT+02:00 lingpanda101 at gmail.com
> <mailto:lingpanda101 at gmail.com> <lingpanda101 at gmail.com
> <mailto:lingpanda101 at gmail.com>>:
>
> On 6/22/2016 12:21 PM, mathias dufresne wrote:
>
> 2016-06-22 16:37 GMT+02:00 L.P.H. van Belle <belle at bazuin.nl
>
2016 Jun 27
2
Rights issue on GPO
On 26/06/16 12:43, Achim Gottinger wrote:
> Created an feature request
>
> "add resolving for well known security principals"
>
> https://bugzilla.samba.org/show_bug.cgi?id=11997
>
> Am 25.06.2016 um 12:35 schrieb Achim Gottinger:
>>
>>
>> Am 25.06.2016 um 02:21 schrieb Achim Gottinger:
>>>
>>>
>>> Am 24.06.2016 um 23:16
2016 Jun 25
1
Rights issue on GPO
On 24/06/16 22:08, Achim Gottinger wrote:
>
>
> Am 24.06.2016 um 22:35 schrieb Achim Gottinger:
>>
>>
>> Am 24.06.2016 um 21:24 schrieb Rowland penny:
>>> On 24/06/16 19:47, lingpanda101 at gmail.com wrote:
>>>> On 6/24/2016 11:40 AM, mathias dufresne wrote:
>>>>>
>>>>>
>>>>> 2016-06-24 15:24 GMT+02:00
2016 Jun 24
2
Rights issue on GPO
On 6/22/2016 12:21 PM, mathias dufresne wrote:
> 2016-06-22 16:37 GMT+02:00 L.P.H. van Belle <belle at bazuin.nl>:
>
>> @Mathias,
>>
>> Pretty strange then, running some years like this without any problem.
>> Yes we had few problems with "rights" in sysvol, but i fixed this all
>> outside linux, and with that i mean. Changed rights from within
2016 Jun 27
6
Rights issue on GPO
Hai,
After lots of testing and checking today im must concluded that achim and mathias are right.
There are "BUILDIN\" security groups which make some GPOs are going wrong.
Also, im getting errors again with sysvolcheck. .. i was in the understanding this was resolved.. but im but off with all info, very buzy at the office atm.
samba-tool ntacl sysvolcheck
ERROR(<class
2016 Jun 22
2
Rights issue on GPO
@Mathias,
Pretty strange then, running some years like this without any problem.
Yes we had few problems with "rights" in sysvol, but i fixed this all outside linux, and with that i mean. Changed rights from within windows or added registry changes or patches, or a local clean up of the policies.
At the install of my DC2 i also synced the idmap.ldb, and then a
net idmap flush on
2016 Oct 04
2
Sysvol access after running osync
On 10/4/2016 11:22 AM, Rowland Penny via samba wrote:
> See inline comments:
>
> On Tue, 4 Oct 2016 10:44:07 -0400
> Bob Thomas via samba <samba at lists.samba.org> wrote:
>
>> Hey Samba team - Thanks for all your work
>>
>> I have three production samba 4 DCs 2 running on Ubuntu 16.04 (Samba
>> 4.4.5 and 4.4.4) and one on 14.04 (Samba 4.3.3) all
2016 Aug 08
4
UNIX attribute UID no longer increments with RSAT
Hello,
I'm using rfc2307 to enable Unix attributes on my DC's. Recently
when adding a user and attempting to add a UID with the RSAT, I
receiving the following error.
'Duplicate UID. Assign a uniqueUID.'
How do I list all users and their UID? I tried using 'pdbedit' and
wbinfo. Pdbedit appears to list the XID's and wbinfo needs me to specify
a user name. I
2016 Jun 22
6
Rights issue on GPO
On 06/22/2016 02:44 PM, lingpanda101 at gmail.com wrote:
> Why is is when I do a getfacl I do not see the mapping of BUILTIN like
> others?
do you have winbind in /etc/nsswitch.conf?
mj
2016 Dec 09
5
How to join join Ubuntu desktop to AD
> On 9 Dec 2016, at 14:26, lingpanda101 via samba <samba at lists.samba.org> wrote:
>
> Still no luck getting getent to retrieve user information. I have uid's and gid's setup for all users I am attempting to query.
But did you give Domain Users a gid? If you don’t do that, winbind and getent will not find any UNIX users (doesn’t matter if the users have a uid and gid
2012 Feb 26
1
Samba4 xidNumber and idmap.ldb
Hi everyone
The s4 Domain Users group has xidNumber: 100 and the Linux users group
has gidNumber=100. I've been mapping xidNumber <--> gidNumber for s4
posix groups I've added myself, but this causes a name collision for
Domain Users. This also has implications on Linux as local users have
access to the group owned stuff of Domain users.
I've changed the xidNumber in
2019 Sep 19
3
Script to sync xID/idmap.ldb, some questions...
I'm scripting the ''replica'' of DC xID db (idmap.ldb) between DCs,
following:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings
but i've two question.
1) because i've just in place the sysvol replica, i've thinked of
copying the 'idmap.ldb.bak' file on sysvol share (in debian,
2016 Dec 09
2
How to join join Ubuntu desktop to AD
Just to confirm that it can be done, I followed the wiki and joined my
Ubuntu 16.04 desktop to a Samba AD using the Ubuntu distro provided
packages. I'm not sure if it's relevant, but the Samba AD DCs are also
running Ubuntu 16.04 with the distro provided packages.
Mike E.
On Fri, Dec 9, 2016 at 10:55 AM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Fri, 9
2019 Mar 26
3
Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
Cheers Louis, i just ran the diagnostic snippet you sent me:
pi at ad1:/var/lib/samba/private $ sudo ls -al $(samba -b | grep STATEDIR |
awk {' print $NF '})/sysvol
total 20
drwxrwx---+ 3 root 3000000 4096 Mar 25 16:36 .
drwxr-xr-x 8 root root 4096 Mar 25 17:31 ..
drwxrwx---+ 4 root 3000000 4096 Mar 25 16:36 samdom.example.com
pi at ad2:/var/lib/samba/private $ sudo ls -al $(samba
2016 Jun 20
1
Rights issue on GPO
On 20/06/16 19:17, lingpanda101 at gmail.com wrote:
> On 6/20/2016 2:10 PM, Rowland penny wrote:
>> On 20/06/16 18:49, lingpanda101 at gmail.com wrote:
>>> On 6/20/2016 1:19 PM, lists wrote:
>>>> Hi all,
>>>>
>>>> Following this thread with interest, as we are also having some
>>>> issues with GPO (they work on and off,