similar to: NT3.x -> AD: accounts and profiles

Hi, Setting up a new AD DC on Ubuntu 18.04, samba 4.7 from ubuntu's repos and BIND_DLZ. Did a samba-tool domain classicupgrade from an old NT3.x domain, imported users and groups ok. I am able to join windows workstations, can login with a domain user, etc. Problem is my user A1\mmerlone, member of 'domain admins' group, cannot open ADUC with the error RPC server is unavailable.

Hi, I have a samba 4.7 AD DC running on a Ubuntu 18.04 server with distro packages. I update a user with a new group and this new membership is not reflected on that user. On example below, I can successfully add the user "test.account" to group "test", but not my user "marcio.merlone": root at araucaria:~# id test.account uid=30214(A1\test.account)

Em 12/12/2018 17:39, Rowland Penny via samba escreveu: > The above lines are only applicable for Samba >= 4.6.0 > Add: winbind nss info = rfc2307 > remove the last two lines, see here for more info: > > https://wiki.samba.org/index.php/Idmap_config_ad Oh, God! Vacation is coming... Thank you for such obvious correction. BUT I edited smb.conf the right way, removed

On 2016-09-19 14:08, Marcio Vogel Merlone dos Santos via samba wrote: > Em 09/09/2016 12:48, Luc Lalonde via samba escreveu: > >> We have some machines that have updated to the Windows 10 anniversary update (1607) that are having roaming profile sync problems. >> >> Before I search the event logs or provide details, has anyone experience profile sync wierdness? >>

Em 24/05/2018 07:42, Marco Gaiarin via samba escreveu: > Mandi! Henry Jensen via samba >> Are there any solutions for this in the works or what is the best way? > For a web interface, give 'LAM' (LDAP Account manager) a try... Hi, I am in the exact same situation as the OP right now. I just took a look at LAM, but it seems that maintaining unix attributes is a PRO only

Hi Rowland, thank you for your prompt reply, I sent you the testparam output hence lots of defaults (i presumed would be better), here is crude smb.conf: root at araucaria:~# cat /etc/samba/smb.conf [global]     netbios name = ARAUCARIA     realm = AD.TLD     server role = active directory domain controller     workgroup = A1     server services = -dns     ldap server require strong auth

Em 05-05-2016 00:14, Jones Syue escreveu: > > How about add 'server signing = auto', > for example: > > [global] > server signing = auto Hi, Made no difference if set on the member I want to add to domain, but when set to the server I got this on member: mic-158 samba # net rpc join -S PDC -U domadminuser No realm has been specified! Do you really want to join an

Hi Rowland, Those tests were made on DC (araucaria), not a domain member. root at araucaria:~# testparm /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[netlogon]" Processing section "[sysvol]" Loaded services file OK. Server role: ROLE_ACTIVE_DIRECTORY_DC Press

Em 28-04-2016 12:14, Rowland penny escreveu: > On 28/04/16 15:16, MI wrote: >> I have a Samba 4 NT4 PDC (Version 4.1.17-Debian) with openLDAP. >> >> I would like to add another server, and have it authenticate users >> against openLDAP. I thought I had to add the new server to the domain >> with "net rpc join", but that seems to think I want to join an

Hello folks, We have some machines that have updated to the Windows 10 anniversary update (1607) that are having roaming profile sync problems. Before I search the event logs or provide details, has anyone experience profile sync wierdness? They changed the profile version again... in 1511 it is version 5, in 1607 it is now version 6. Thank You! -- Luc Lalonde, analyste

Hai guys, I've updated the Ubuntu Bionic packages for Samba 4.10.2, 4.9.6 *(both amd64 only). Repo info : https://apt.van-belle.nl Build logs: http://downloads.van-belle.nl/samba4/Buildlogs/ubuntu/ Quick repo setup: Optional: apt-get install apt-transport-https Import my public key: wget -O - http://apt.van-belle.nl/louis-van-belle.gpg-key.asc | apt-key add - # Example repo bionic

Hi all, I am deploying a new AD DC for our network using Ubuntu 18.04 and BIND_DLZ. Al lis fine but the RFC2307 attributes on DC. What's the recommended/correct way to use RFC2307 attributes on DC? At the wiki (1) it says: > For example, setting up an ID mapping back end, such as|ad|(RFC2307) > or|rid|, in the|smb.conf|file is not supported an can cause > the|samba|service to

Hi, I am running dovecot 2.2.22-1ubuntu2.4 on a ubuntu 16.04 server. It has a valid Letsencrypt certificate but the problem also happens with a self-digned one. Only openssl s_client -connect localhost:993 works fine and fast, while all MUA's and telnet does not. Telnet timeouts waiting for banner after a minute or so: root at netuno:~# openssl s_client -connect localhost:993

We joined one MS Windows 2012 R2 server to our Samba DC fleet and pointed the Azure AD sync tool to that new Windows AD server and Azure password sync is working well now. I don?t have any experience with distribution groups. Good Luck! > On May 4, 2020, at 10:21 AM, Marcio Merlone via samba <samba at lists.samba.org> wrote: > > So, testing samba 4.12 on a Debian buster I found

Hi, We are preparing to migrate our mail server to Azure and would like to integrate it vi AD Connect with our AD - Samba 4.7 upgrading to 4.11 (Thanks Louis!). Anyone willing to share the experience? I see on some not-so-old posts there is a problem syncing password hashes, but since samba is an ever evolving solution I would like to know how are you dealing with this? Thanks and best

Hi, I have a running samba 4.7.6+dfsg~ubuntu-0ubuntu2.15 on a ubuntu 18.04 server and would like to upgrade to van Belle latest repo. My plan is plain simple: 1. Deploy a new ubuntu 18.04 server 2. Add van Belle repo 3. Install and *then* join the domain as a DC 4. Demote and remove the old one Is this OK? Thanks, best regards. -- *Marcio Merlone*

Greetings, A probably simple question and answer: can a sieve script be executed on outgoing messages? I already use deliver on postfix, perhaps the sieve script could be executed when saving to the Sent folder? Regards, -- Marcio Merlone

G'Day Marcio and gabben, Douglas (CC'ed) is going to try and look into why this doesn't 'just work' with Samba. No promises, but at least a trained eye will look over the process. If you could help him get set up and understand what works and doesn't that will leave him more time for actual debugging. The Azure AD sync feature is a big of an oddity in Samba, because it

Hi, Due to some legacy php app I have to integrate an Ubuntu 14.04 server on my AD structure. AD DC is a Ubuntu 18.04 with canonical packages running Samba 4.7 (4.7.6+dfsg~ubuntu-0ubuntu2.5) and member server runs Samba 4.3 (4.3.11+dfsg-0ubuntu0.14.04.19). After installing the 14.04 member server, installed samba packages and dependencies according to wiki and no errors. I get all users on

Hi, Trying to add an OU via ldbadd but I get the following error: root at araucaria:~# ldbadd --url=/var/lib/samba/private/sam.ldb /root/ou.ldif ERR: No such attribute : "objectclass top  is not a valid objectClass in schema" on DN OU=A1,DC=ad,DC=a1,DC=ind,DC=br at block before line 4 Add failed after processing 0 records root at araucaria:~# root at araucaria:~# cat /root/ou.ldif