Displaying 20 results from an estimated 11000 matches similar to: "Cannot set Windows ACL security permissions Ubuntu 18.04 LXD privileged container"
2018 Nov 05
4
Time server on AD DC in an LXD container.
After reading the instructions at
https://wiki.samba.org/index.php/Time_Synchronisation, I still have
questions about how samba interacts with nptd.
The issue is that LXD doesn't want containers setting the time and so won't
start ntpd at container startup even though it's enabled in systemd. The
host does sync it's time with a national time server, so we can assume that
the
2018 Nov 06
2
Time server on AD DC in an LXD container.
Further investigations reveal:
---
C:\WINDOWS\system32> w32tm /monitor
GetDcList failed with error code: 0x800706BA.
Exiting with error 0x800706BA
---
error 0x800706BA indicates that the RPC server is unavailable.
Any ideas?
Thanks,
Jonathan Kreider
On Tue, Nov 6, 2018 at 5:48 PM Jonathan Kreider <jonathan.kreider at gmail.com>
wrote:
>
> Thanks Robert & Marco.
>
>
2016 Dec 06
4
samba 4.5.1 tdb panic with ZFS
I am trying to install samba 4.5.1 from source, as a domain controller
only, under Ubuntu 16.04, with ZFS filesystem (actually inside an lxd
container with ZFS backing).
Out-of-the-box, samba-tool domain provision does not like the filesystem:
ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed -
ProvisioningError: Your filesystem or build does not support posix
2019 Jul 05
4
Container setup?
Hi Marco, anybody,
> + must be 'privileged' container (no unprivileged ones)
I have seen containers with and without calling for being privileged, but you never know without trying and testing carefully...
Googling I found https://github.com/lxc/lxd/issues/3442#issuecomment-312560949 but I am not really clear about the conclusion.
Does it really have to be privileged?
Thanks & Best
2020 Sep 16
4
AD DC DNS question
OS = Ubuntu 18.04 in an LXD container
Samba 4.11.x and up
Is there a way to have DNS resolution on the server that can coexist with
the samba ad dc internal DNS server? The way that I have it set up,
whenever samba is not running, then I can't use any web resources b/c
everything goes through the samba internal DNS. So I can't do system
updates and upgrades unless samba is running.
I saw
2016 May 01
12
[Bug 1064] New: iptables-save fails silently in unprivileged lxc/lxd container
https://bugzilla.netfilter.org/show_bug.cgi?id=1064
Bug ID: 1064
Summary: iptables-save fails silently in unprivileged lxc/lxd
container
Product: iptables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component:
2023 Mar 10
1
AD Functional Level vs very old SaMBa member server
Will I really HAVE to use the idmap backends AD or RID? I was planning to
use TDB2 with a script which I've already written:
[root at fs3 samba]# ./idmap.sh IDTOSID UID 1301
SID:S-1-5-21-1632654815-303659134-1628659390-1950
[root at fs3 samba]# ./idmap.sh IDTOSID GID 198
SID:S-1-5-21-1632654815-303659134-1628659390-3247
[root at fs3 samba]# ./idmap.sh SIDTOID
2020 Sep 16
4
Samba AD DC tries to start and fails on reboot
OS = Ubuntu 18.04 LXD container
Samba version = 4.11.12
Repo = Louis' (many thanks)
I recently upgraded from 4.10.14->4.10.17->4.11.12
Now the samba-ad-dc service fails with the following upon reboot:
---
root at samba:~# systemctl status samba-ad-dc
? samba-ad-dc.service - Samba AD Daemon
Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled; vendor
preset: enabled)
2015 Feb 26
1
Wheezy member Server - Unable to edit permissions of share without usermapping - shall I add to Wiki?
Hello List!
I have a Samba AD domain with two virtualized DC's running 4.1.15 and
4.1.17. I have had two member file servers with odd permissions problems
that I've now given up on, and decided to start fresh.
I have created a File server (FS3) with Debian wheezy, built samba 4.1.17
from source, with configure options of :
--with-ads --with-shared-modules=idmap_ad
... and placed the
2018 Nov 06
0
Fwd: Time server on AD DC in an LXD container.
Thanks Robert & Marco.
@Robert - I tried your solution, but couldn't get it to work because my
host is ubuntu 16.04 and the chrony version for this is too old to support
the ntpsigndsocket option.
@Marco - your response got me searching in another direction. I had tried
ntpd in the container, which LXD did not like. My research turned up that
Ubuntu now strongly favors chrony as of 18.04
2018 Nov 07
0
Time server on AD DC in an LXD container.
You might find a solution here:
https://serverfault.com/questions/879164/using-host-as-ntp-client-and-lxc-router-as-ntp-server
On Tue, Nov 6, 2018 at 5:59 PM Jonathan Kreider via samba
<samba at lists.samba.org> wrote:
>
> Further investigations reveal:
> ---
> C:\WINDOWS\system32> w32tm /monitor
> GetDcList failed with error code: 0x800706BA.
> Exiting with error
2015 Feb 27
2
Domain Member Server (wheezy) - Unable to edit permissions of share without usermapping - shall I add to Wiki?
Hello again List, Marc, and Louis!
I'm afraid my message from yesterday may have been TL;DR. The short version
is as follows:
Following the wiki's for AD member server (building from source on Debian
Wheezy) and Setting up shares with Windows acls did not give the expected
results
First, I needed to link libnss_winbind.so to /usr/lib/x86_64-linux-gnu for
winbind to work. Marc - may I
2004 Mar 05
2
alloc_sub_basic: NULL source string!
Starting three days ago I have found over 4,000 of these error messages in
my messages log.
Mar 5 15:49:48 fs3 smbd[13785]: alloc_sub_basic: NULL source string!
This should not happen
Nothing has been changed on the samba config in over a week and that change
was about the spin lock time setting. The server is RedHat ES 3 running
Samba 3.0.2. The client machines are a mix of Win98 and WinXP
2015 Feb 27
2
Domain Member Server (wheezy) - Unable to edit permissions of share without usermapping - shall I add to Wiki?
Hello all,
Sorry about the top-posting.
I have added the bit about the linking (YAY!, I'm helping!).
Now if we can clear up the ACL issue, this will be a great day!
Summary: To edit ACL's from Windows on a Debian Member server, we need to
either
1) map the domain admin to root OR
2) give explicit permissions to Domain Admins with a chmod 0755 and chgrp
"MYDOM\Domain Admins"
2018 May 09
2
Samba4 on Ubuntu 18.04 Howto setup ADDC with bind9_DLZ
Hai,
@Rowland.
Yes yes, you did say you hate systemd. :-)
I had a hard(er)time on this one also but i got passed it. ;-)
But you and everybody else on the list, please review this setup.
And a very big thank you Rowland for the start of it.
This should be a good base to start with as howto for ubuntu 18.04 systemd based.
Any suggestion additions please add them, below is also the order
2019 Jul 05
2
Container setup?
On 7/4/19 12:49 PM, Joachim Lindenberg wrote:
> * I am not (yet) familiar with LXD or nspawn. Do you have any pointer on how Samba DC works with LXD?
>
I've only used LXD for containerizing web applications so far.
2019 Jul 03
2
Container setup?
On 7/3/19 8:21 AM, Sven Schwedas via samba wrote:
> Though I'm not sure if docker is the right tool for the job; samba as a
> fat daemon running a bazillion subprocesses orchestrated by a persistent
> database that's very sensitive to instances leaving and joining the
> domain seems the antithesis to docker's philosophy.
>
Docker would be a terrible choice for this;
2019 Jul 10
1
Container setup?
Hi Patrick,
thanks for the pointers. I tried today, and while it was easy to start my first container, I am not really happy with LXD, exactly for the reason St?phane gives in
https://stgraber.org/2016/03/11/lxd-2-0-introduction-to-lxd-112/ "How does LXD relate to Docker/Rkt?"... what I really like about docker and docker-compose is, that it encourages to separate code from data and
2015 Feb 27
2
*****SPAM***** Re: Domain Member Server (wheezy) - Unable to edit permissions of share without usermapping - shall I add to Wiki?
Hi Rowland,
Chown to Administrator seems less flexible than Chgrp to Domain Admins on
the face of it. You could add/remove users from the Domain Admins group,
which allows/denies them the ability to change the permissions on the share.
By changing the owner to Administrator, only those credentials would have
that ability, no?
What advantages do you predict with the change owner approach? What
2020 Sep 17
1
Samba AD DC tries to start and fails on reboot
Hai Jonathan,?
Only one question left then does it work now? ;-)
if you added the ipv6 to hosts file?
run
hostname -I
these ipnumers , add these in hosts and samba should always start..
Unless, your using dhcp.. that might be bit different..
greetz,
?
Louis
?
?
Van: Jonathan Kreider [mailto:jonathan.kreider at gmail.com]
Verzonden: donderdag 17 september 2020 15:09
Aan: L.P.H. van