similar to: Syncing password change across NT4 and AD domains

Displaying 20 results from an estimated 10000 matches similar to: "Syncing password change across NT4 and AD domains"

2019 Sep 24
6
Windows 10 temporary profile error, when domain remote profile directory exists and is empty
Hello, The below happens with Samba 4.7.* (didn't checked with other Samba 4 versions): Setup: Samba 4.7.* AD, two domain controllers, 'computer A' and 'computer B' are Windows 10 domain members. 1. A user (login 'username') logs in into domain for the first time, on a 'computer A'. Samba DC doesn't find existing profile directory and creates an empty
2017 Oct 30
2
Password change question/2: 'syncpassword' suffices on *ONE* DC?
I'm forced, for legacy reasons, to use 'syncpassword'. Docs are scarce, so i ask here. Seems to me that the ''consumer'' (eg, 'samba-tool user syncpasswords', with or without '--daemon') get activated after every password change, indipendently on what DC get originated (eg, i've changed a password, see previous email, on DC2 and the
2020 Jan 07
4
'check password script' timeout, diferences between AD and NT mode?
Here we use a (custom-made, internal) password propagation system, hooked around 'check password script'. Recently we suffer a network outgage (another one ;-), and the system that take care of password propagation goes offline. + NT domains continue to work, clearly password not propagate + AD domain stop to work (eg, users password change on windows stop to work), because the
2017 Sep 26
3
syncpasswords/getpassword: some examples, please...
[Clearly, this question is intimately connected to the previous...] I need a way to ''preprocess'' or at least intercept password changes, because i need to propagate them to other ''legacy'' systems. I've looked around and found syncpasswords / getpassword samba-tool commands, but really i've not understood how they work. Seems to me that can be useful in
2017 Oct 31
2
syncpassword and (strange) base64...
On Tue, 31 Oct 2017 18:19:39 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > > > Seems a bit strange to me... > > Seems a bug to me, so i've fired up: > > https://bugzilla.samba.org/show_bug.cgi?id=13114 > > > Thanks. > I normally only use 'samba-tool user setpassword --random-password' when I create a user that will
2018 Sep 12
1
Setting password in AD according to NT4 domain LDAP
   Hi,     is it possible to set password for user in AD,  if I  know its encrypted form (sambaNTPassword, userPassword) from NT4 domain LDAP? I need to copy users from NT4 domain to samba4 AD.   We'd like to move from samba NT4 domain to samba AD, but not with classicupgrade and we do not want to force users to change their passwords.   Thanks, Michal
2017 Oct 31
1
syncpassword and (strange) base64...
On Tue, 2017-10-31 at 19:05 +0100, Marco Gaiarin via samba wrote: > > > So, the question has to be, just what do you need to sync the passwords > > to ? > > Really i don't need that. But 'samba-tool user setpassword --random-password' > passwords get processed by 'syncpasswords', as ''normal'' ones. Either way, if we can't handle
2019 Oct 01
5
Upgrade DC 4.5 -> 4.8, timings?
I've read all docs on upgrades, from wiki to Louis notes, and i think i'm ready to upgrade. First step, move from stretch to jessie, and from 4.5 to 4.8, upgrade in place. But having a domain with 6 DCs, i'm a bit scared to upgrade all DC in one turn, and i'm think about something like: a) upgrade DC with FSMO roles, then wait 1-2 day to spot troubles b) then upgrade all DC in
2017 Oct 26
2
syncpassword and (strange) base64...
I've setup in my domain the 'samba-tool user syncpasswords' to catch password changes, to propagate correctly to some legacy system. I've done some tests, but today i've found the ''daemon'' is not running. After fiddling a bit, i've found the culprit came from the fact that a user have a base64 version of the password as:
2019 Apr 11
4
External Authentication
Hello, I've done a lot of reading and searching however; I could use some guidance. I just started working for a school in which there are a few Windows labs as a Linux systems administrator. Our workstation sysadmins have asked me to look into a Samba issue for them, Windows 10 systems have to have SMB1 turned on to authenticate against the existing Samba3 server. This work around hasn't
2019 Apr 12
5
External Authentication
Hi there Le 12/04/2019 à 09:57, Marco Gaiarin via samba a écrit : > Mandi! Vex Mage via samba > In chel di` si favelave... > >> I've spun up a Samba4 server and set it up as an active directory domain >> controller and I can definitely see that this is a very robust system and >> is working well however; I don't see a management solution to >>
2017 Jul 10
2
'Official' NT4-like domain decommission?
There are ''official'' plan (by Samba Team, but also by Microsoft) to officially ''decommission'' support for NT-like domains? Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
2018 Jan 15
1
Encrypted secrets break something in 'samba-tool user syncpasswords'?
On Mon, 2018-01-15 at 10:55 +0100, Marco Gaiarin via samba wrote: > Mandi! Stefan Metzmacher via samba > In chel di` si favelave... > > > Encrypted secrets > > ----------------- > > This change/break something in 'samba-tool user syncpasswords'? Can you please explain what you are asking here? Are you asking if it intentionally changes the behaviour of
2018 May 11
3
Moving roaming profiles between domains, risky?
OK, now i've to start to move the big part of my users from my old NT-like domains to my new AD domain. I've setup roaming profile in the new domain following the wiki (https://wiki.samba.org/index.php/Roaming_Windows_User_Profiles, 'using windows ACL') and for new profiles works like a charm. But i've tried to move/copy old profile to the new domain, and seems work, with
2019 Jun 12
2
Question about migration from samba3 to samba4
Hello, Actually we have pdc with Samba3 for domain and now install Samba4 for migrate the old samba3. My question is, Is possible make a progressive user migration and both environments works together (shared folders, printers, etc). Or the unique option is migrate all users from samba3 to samba4 ?? Thanks.
2017 Aug 30
4
Force password complexity on NT4 style domain (Samba 4.6.4)
Hi, is there a way to force password complexity on NT4 style domains? the "samba-tool domain passwordsettings" seems to only work on DC mode, right? Boris
2018 Jul 20
4
Samba 4.5 and glusterfs...
Reding the thread in list about gluster, i've found that in your samba packages 4.5.12+dfsg-2+deb9u2~bpo8+1 there's no vfs_glusterfs module, only the manpage. root at vdmsv1:~# grep glusterfs /var/lib/dpkg/info/samba*.list /var/lib/dpkg/info/samba-vfs-modules.list:/usr/share/man/man8/vfs_glusterfs.8.gz root at vdmsv1:~# grep /vfs/ /var/lib/dpkg/info/samba*.list
2019 Jan 09
3
[Oddity] SAMAccountName and 20+ chars logins...
Reading here i've understod that for LDAP query it is better to use SAMAccountName as 'login', but today i've found: https://docs.microsoft.com/it-it/windows/desktop/ADSchema/a-samaccountname so, 'SAMAccountName' is a compatibility field with NT mode, limited to 20 chars. Someone here use 21 chars logins? ;-) -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66
2017 Dec 18
3
DM and ''offline'' PAM (and NSS?)...
On Mon, 18 Dec 2017 15:51:47 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > > > I've seen: > > https://wiki.samba.org/index.php/PAM_Offline_Authentication > > I've tried to enable offline logon, and seems to work as expected. > > I've only found a little strange thing, i think related to the fact > that in my DM i've set
2019 Oct 16
4
vfs_recycle permission bug?!
Samba 4.8 (Louis debian repo), DM. Today i've had to recovery a deleted file in that share, that use 'vfs_recycle' modules: [Work] comment = Spazio di Lavoro Utente map acl inherit = Yes path = /srv/work read only = No store dos attributes = Yes vfs objects = acl_xattr recycle full_audit volume = Work full_audit:failure = none full_audit:success = mkdir rmdir read pread