Displaying 20 results from an estimated 10000 matches similar to: "Domain member server not getting updated AD attributes"
2017 Jun 19
4
New AD user cannot access file share from member server
I run a very small Samba AD, consisting of a Samba AD DC and a Samba AD
Member Server, acting as file server.
Today, I added a new user to the AD but I simply can't manage to get access
to the file server - only for this user, all others are working fine.
My AD is rfc2307 based, so I manually have to add UID's. I did so for the
new user, the ID is within range and not in use. I double
2015 Nov 17
1
Permission Issues with GPO
On 17/11/15 17:33, Viktor Trojanovic wrote:
> [global]
>
> netbios name = FILESERVER
> workgroup = SAMDOM
> security = ADS
> realm = SAMDOM.EXAMPLE.COM
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
>
> username map = /etc/samba/samba_usermap
>
> idmap config *:backend = tdb
> idmap config *:range =
2019 Apr 30
5
Windows clients require reboot once a day in order to access mapped drives
Hi Viktor,
I didn't go through all the conversations and I'm not sure if this will
> be of any help, I just wanted to inform that I've been using mapped
> drives with Windows 10 for ages and never had the problems you
> described. I also never added or changed the "smb encrypt" option. My
> Samba file server (AD member) was set up pretty much the way as is
>
2015 Nov 17
4
Permission Issues with GPO
On 17/11/15 16:57, Viktor Trojanovic wrote:
> Hi Mathias,
>
> Thanks for replying. It seems you're describing the situation on the
> AD DC. Computer and user mode access to my DC works fine and without
> any issues but I can't access the shares of my *member* server *in
> computer mode*. In user mode, it all works just fine.
>
> Viktor
>
> On 17.11.2015
2017 Jun 19
4
New AD user cannot access file share from member server
On 6/19/2017 9:12 AM, Viktor Trojanovic via samba wrote:
> On 19 June 2017 at 14:56, Rowland Penny via samba <samba at lists.samba.org>
> wrote:
>
>> On Mon, 19 Jun 2017 14:46:34 +0200
>> Viktor Trojanovic <viktor at troja.ch> wrote:
>>
>>> On 19 June 2017 at 14:20, lingpanda101 via samba
>>> <samba at lists.samba.org> wrote:
2017 Jun 19
2
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 14:46:34 +0200
Viktor Trojanovic <viktor at troja.ch> wrote:
> On 19 June 2017 at 14:20, lingpanda101 via samba
> <samba at lists.samba.org> wrote:
>
> > On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
> >
> >> That's correct, I don't have "Unix Attributes" but through the
> >> advanced view I have
2017 Jun 19
4
New AD user cannot access file share from member server
On 6/19/2017 7:51 AM, Viktor Trojanovic via samba wrote:
> That's correct, I don't have "Unix Attributes" but through the advanced
> view I have access to all attributes.
>
> The ldbsearch command is not returning anything in my case, it gives me 0
> records - no matter which user I try, even the Administrator. I checked the
> command several times to make sure
2018 May 13
2
ACL set in Windows not set in Samba
Setup: Samba AD DC and Samba AD Member Server, Win10 clients only. Samba
version 4.8.1
Has something changed recently in the way ACL's are supposed to work? My
existing shares work just fine but any ALC changes I make using Windows are
ignored in Samba.
For example, I'm creating a new folder in Windows inside an existing share
and I add user User1 or group Group1 in the security tab.
2015 Nov 16
1
Win Clients and DNS
On 16.11.2015 15:08, Rowland Penny wrote:
> On 16/11/15 14:00, Viktor Trojanovic wrote:
>>
>>
>> On 16.11.2015 14:44, Rowland Penny wrote:
>>> On 16/11/15 13:25, Ole Traupe wrote:
>>>>
>>>>
>>>> Am 16.11.2015 um 14:06 schrieb Viktor Trojanovic:
>>>>>
>>>>>
>>>>> On 16.11.2015 13:48,
2017 Jun 19
3
New AD user cannot access file share from member server
On Mon, 19 Jun 2017 12:38:09 +0200
Viktor Trojanovic <viktor at troja.ch> wrote:
> Here is the DC's smb.conf:
>
>
> [global]
> workgroup = SAMDOM
> realm = SAMDOM.EXAMPLE.COM
> netbios name = DC
> interfaces = lo br-lxc
> bind interfaces only = Yes
> server role = active directory domain controller
>
2017 Jun 19
2
New AD user cannot access file share from member server
I missed to mention it. But I actually did try changing the CN=users to
OU=ouname, and even leaving it out. I don't know why it didn't return any
results before, it does now - see my reply to James.
On 19 June 2017 at 14:30, Rowland Penny via samba <samba at lists.samba.org>
wrote:
> On Mon, 19 Jun 2017 08:20:35 -0400
> lingpanda101 via samba <samba at lists.samba.org>
2015 Nov 17
2
Permission Issues with GPO
Here are my (little) view regarding shares accesses. I write that to
clarify things. And it could really be of-topic as Louis seems to have gave
solution.
There are 2 levels of authorisation for accessing shares: the share level
and FS level.
For Sysvol I would keep everyone or replace it by "authenticated users" in
paranoid mode as the latter refuse non-authenticated users.
They are
2015 Nov 16
6
Win Clients and DNS
On 16.11.2015 14:44, Rowland Penny wrote:
> On 16/11/15 13:25, Ole Traupe wrote:
>>
>>
>> Am 16.11.2015 um 14:06 schrieb Viktor Trojanovic:
>>>
>>>
>>> On 16.11.2015 13:48, Viktor Trojanovic wrote:
>>>> See replies below
>>>>
>>>> On 16.11.2015 12:39, Rowland Penny wrote:
>>>>> On 16/11/15 11:19,
2015 Nov 17
3
Permission Issues with GPO
Let me guess.
You accessing your server like :
\\servername\netlogon
of
\\servername\sysvol
Well thats protected by windows these these days.
Try with
\\servername.domain.tld\netlogon
or
\\servername.domain.tld\sysvol
Does that work? Yes,
There is a whole chaper of this on the list somewhere..
Best is to read howto override this.
https://adsecurity.org/?p=1405
and for you
2015 Nov 16
8
Win Clients and DNS
I have an AD with 1 Samba DC and 5 Windows 10 clients. The DC and the
clients all have a fixed IPv4 address.
In the windows event viewer, I constantly see the following warning:
Event 8019, DNS Client Events
------------------------------------------
The system failed to register host (A or AAA) resource records (RRs) for
network adapter with settings:
Adapter Name: {someGUID}
Host Name:
2015 Nov 16
1
Win Clients and DNS
Ok,
> I am getting the DNS register warning message on
> *all* win clients, not just that one.
Good info, so, this confirms its not a bug but an incorrect setting.
Type ipconfig /all on a pc.
Post the output, i suspect, incorrect dnsdomain or dns search domain.
Also.
Check if the PTR records are set to the correct server ips.
This does not change on its own.
Ldbsearch from below
2015 Nov 16
1
Win Clients and DNS
Othere thing.
IF you domain name is like
domain.tld
By default, Windows does not send updates to top-level domains.
If thats the case you should change it to a single-lable dns.
https://support.microsoft.com/en-us/kb/300684
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Viktor Trojanovic [mailto:viktor at troja.ch]
> Verzonden: maandag 16 november 2015 15:45
> Aan:
2015 Nov 16
3
Win Clients and DNS
Hai,
I suggest you dont remove the "Register DNS" checkbox from the network" option.
If you setup if correct, when you join a computer to the domain,
It wil automatily registere the computer en the AD DNS.
And todo so you need the "Register DNS" checkbox from the network"
For example, i use for now an dhcp server
! the DHCP server i use it NOT in any of the MS
2015 Nov 16
2
Win Clients and DNS
Am 16.11.2015 um 14:06 schrieb Viktor Trojanovic:
>
>
> On 16.11.2015 13:48, Viktor Trojanovic wrote:
>> See replies below
>>
>> On 16.11.2015 12:39, Rowland Penny wrote:
>>> On 16/11/15 11:19, Viktor Trojanovic wrote:
>>>> So I ran a samba-tool ntacl sysvolcheck, and the following error
>>>> message came up:
>>>>
2015 Nov 16
3
Win Clients and DNS
See replies below
On 16.11.2015 12:39, Rowland Penny wrote:
> On 16/11/15 11:19, Viktor Trojanovic wrote:
>> So I ran a samba-tool ntacl sysvolcheck, and the following error
>> message came up:
>>
>> --------------------snip--------------------
>> ERROR(<class 'samba.provision.ProvisioningError'>): uncaught
>> exception - ProvisioningError: