Displaying 20 results from an estimated 7000 matches similar to: "Samba, AD, 'short' name resolving..."
2018 Oct 24
5
Again NFSv4 and Kerberos at the 'samba way'...
Good morning Marco and others.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Marco Gaiarin via samba
> Verzonden: dinsdag 23 oktober 2018 18:58
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Again NFSv4 and Kerberos at the 'samba way'...
>
>
> Sorry, i come back to this topic in a different thread,
2018 Jun 08
4
Samba, AD, 'short' name resolving...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> This is probably where you are going wrong. AD lives and dies on DNS,
> your DC MUST be authoritative for the AD domain.
...but *is* authoritative! Simply DHCP server assign the ''old'' DNS,
where all resolution fr the AD (sub)domain are forwarded to AD DNS...
> Your AD clients should be using the DC as
2018 Jun 06
0
Samba, AD, 'short' name resolving...
On Wed, 6 Jun 2018 18:29:26 +0200
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
>
> Sorry, i'm getting a bit confused about my new Samba/AD domain,
> related to the 'short' name resolving.
>
>
> I was clearly (ab)used to Samba/NT, where WINS make, on LAN, ''flat''
> resolving very simple.
>
> I'm moving now from my
2018 Oct 23
2
Again NFSv4 and Kerberos at the 'samba way'...
Sorry, i come back to this topic in a different thread, because i'm
still totally puzzled with the previuous one. Louis, sorry me. ;(
I've tried to start with this, that seems very simple:
https://wiki.debian.org/NFS/Kerberos
And so i've done:
a) installed 'nfs-kernel-server' on server, 'nfs-common' on client.
Ok, this is easy.
b) AFAI've understood i need
2018 Oct 26
3
Again NFSv4 and Kerberos at the 'samba way'...
Hai Marco,
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Marco Gaiarin via samba
> Verzonden: vrijdag 26 oktober 2018 11:23
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Again NFSv4 and Kerberos at the 'samba way'...
>
> Mandi! L.P.H. van Belle via samba
> In chel di` si favelave...
>
>
2018 Nov 28
2
Different LDAP query in different DC...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> If an ldap lookup works on every DC, except for one and the data is
> definitely there on the one DC it doesn't work on, then it must be
> something on that DC. is there a firewall or apparmor/selinux in the
> way ?
No. Anyway, note that query return correctly 'result: 0 Success',
simply return no data.
Another
2017 Dec 06
2
[Curiosity] 'netbios aliases' works in AD mode?
On Wed, 2017-12-06 at 11:19 +0100, Marco Gaiarin via samba wrote:
> Mandi! Andrew Bartlett via samba
> In chel di` si favelave...
>
> > > We haved used it on a domain member server, yes.
> > > Only one thing: when you have a compteraccount memberserver$ in your AD,
> > > you cannot use "memberserver" as an alias on another machine)
> >
>
2018 Oct 31
12
Again NFSv4 and Kerberos at the 'samba way'...
Hai Marco,
>
> Mandi! L.P.H. van Belle via samba
> In chel di` si favelave...
>
> > Sofar, until tomorrow,
>
> Done some tests, metoo.
>
> 1) seems that nfs-common is disabled 'by design'. Looking at debian
> changelog:
>
> nfs-utils (1:1.2.8-9.1) unstable; urgency=medium
>
> Partial sync from ubuntu, included changes:
>
>
2018 Jun 15
4
Samba, AD, 'short' name resolving...
Im wondering why your log below shows this order, i just noticed.
Why is the computer tring to set the A records 2 x.
Lines 1-13, show a successfull commit of the A/AAAA records.
( TSIG key ok )
If you count the below lines, after line 13, my logs shows.
samba_dlz: starting transaction on zone 1.168.192.in-addr.arpa
Yours is trying again to update
samba_dlz: starting transaction on zone
2018 Nov 28
2
Different LDAP query in different DC...
> Why?!
Sorry but... someone can point me in the right direction? Really i
don't know how to look for that problem...
I summarize:
a) an LDAP lookup for some data works in ALL DC past one
b) in that non-working DC, a direct query against the sam.ldb reveal
that data are here (so, seems to me an ACL problem)
c) checking sync status between DCs reveal no sync troubles.
Where i can
2018 Jun 08
1
Samba, AD, 'short' name resolving...
On Fri, 8 Jun 2018 12:04:30 +0200
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
>
> > You are meaning here, literally: windows client try to
> > register/update DNS using ONLY the dns provided by DHCP?
> > Or, speaking differently the same thing, windows client suppose
> > blindly that DNS got by DHCP ARE AD DCs?
>
> Ok, DNS registration seems
2017 Dec 07
2
[Curiosity] 'netbios aliases' works in AD mode?
On Thu, 2017-12-07 at 10:48 +0100, Marco Gaiarin via samba wrote:
> Mandi! Andrew Bartlett via samba
> In chel di` si favelave...
>
> > > This lead me to another question: in this way, aliases are ''domain
> > > wide'' right? Eg, i cannot have a DM aliased 'file' in a LAN and
> > > another DM aliased 'file' in another LAN, as
2019 Feb 15
6
Demoted/removed a DC, and the NS records?
Following:
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC
i've demoted and removed a DC. Seems all went as expected:
root at vdcud1:~# samba-tool domain demote --server=vdcsv1.ad.fvg.lnf.it -U gaio
Using vdcsv1.ad.fvg.lnf.it as partner server for the demotion
Password for [LNFFVG\gaio]:
Deactivating inbound replication
Asking partner server vdcsv1.ad.fvg.lnf.it to synchronize
2018 Nov 26
3
Different LDAP query in different DC...
I need to do a simple query, against some LDAP data in 'laster draft
schema' format i've added to te samba/AD schema.
All LDAP query return the same result on all (6) of the DC:
root at vdcsv1:~# ldapsearch -H ldap://vdcsv2.ad.fvg.lnf.it -W -D CN=mta,OU=Restricted,DC=ad,DC=fvg,DC=lnf,DC=it -b DC=ad,DC=fvg,DC=lnf,DC=it "(cn=prova123)" rfc822MailMember
Enter LDAP Password:
2018 Jun 08
3
Samba, AD, 'short' name resolving...
Hai,
If the primary domain is set in windows, which is after domain join, it used that.
Ipconfig /all and see primary DNS suffix.
The dns suffix and first dns search list should be the same.
Yes, other settings are possible, but stick to this for now.
The Primay DNS suffix is used for the register of the IP in the DNS.
The DHCP Service User MUST be a member of the DNSAdmins.
The DHCP
2018 Nov 29
2
Different LDAP query in different DC...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> > No. Anyway, note that query return correctly 'result: 0 Success',
> > simply return no data.
> That just means the search retuned without error
Eh. Query succeded and return no data. Yes.
> If you run the command:
> ldapsearch -H ldap://vdcpp1.ad.fvg.lnf.it -W -D
>
2018 Nov 22
2
NTP strangeness...
In our network we found some client with clock differences.
Some machine have effectively some troubles, eg have NO 'Windows Time'
service defined, probably some glitches happened when moving from our
old NT-like domain.
Anyway, catching for that, we have found some other strangeness.
Windows time service run:
C:\Users\gaio>sc query w32time
NOME_SERVIZIO: w32time
TIPO
2018 Sep 04
4
Upgraded a member server to 4.8, rfc2307 data?
I'm starting to upgrade my domain members to debian stretch/samba 4.8,
using louis packages.
Domain controllers still on jessie/samba45.
Upgrade went smooth, but after upgrade seems that the DM was not able
anymore to retrieve rfc2307 data, eg:
root at vdmsv2:~# getent passwd gaio
gaio:*:10000:10513:Marco Gaiarin:/home/LNFFVG/gaio:/bin/false
root at vdmsv2:~# ldbsearch -H
2018 Nov 29
2
Different LDAP query in different DC...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> Whilst there are attributes that do not get replicated between DC's,
> the majority are, so each DC should allow the same access.
> Do you have access to the DC ?
> Can you run the search locally ?
Sure! As just stated, local access (via ldbsearch against the local
SAM) works as expected:
root at vdcpp1:~# ldbsearch
2018 Jun 13
4
Samba, AD, 'short' name resolving...
Mandi! L.P.H. van Belle via samba
In chel di` si favelave...
> > c) seems to use some ''random'' AD DNS, not the one in the site, for
> > example.
> Yes that is correct. ( The DC Locator Process does that )
> If you dont want that, you can assign by GPO a preffered server.
> You can set it as preffered server per site in the GPO. ( note, a pc needs 2