Displaying 20 results from an estimated 5000 matches similar to: "Odd behavior on group membership"
2018 Nov 28
2
Odd behavior on group membership
Hi Rowland,
Those tests were made on DC (araucaria), not a domain member.
root at araucaria:~# testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[netlogon]"
Processing section "[sysvol]"
Loaded services file OK.
Server role: ROLE_ACTIVE_DIRECTORY_DC
Press
2018 Nov 27
0
Odd behavior on group membership
On Tue, 27 Nov 2018 16:39:41 -0200
Marcio Vogel Merlone dos Santos via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I have a samba 4.7 AD DC running on a Ubuntu 18.04 server with distro
> packages. I update a user with a new group and this new membership is
> not reflected on that user. On example below, I can successfully add
> the user "test.account" to
2018 Nov 28
2
Odd behavior on group membership
Hi Rowland, thank you for your prompt reply,
I sent you the testparam output hence lots of defaults (i presumed would
be better), here is crude smb.conf:
root at araucaria:~# cat /etc/samba/smb.conf
[global]
netbios name = ARAUCARIA
realm = AD.TLD
server role = active directory domain controller
workgroup = A1
server services = -dns
ldap server require strong auth
2018 Aug 17
1
ldbadd: objectclass top is not a valid objectClass
Hi,
Trying to add an OU via ldbadd but I get the following error:
root at araucaria:~# ldbadd --url=/var/lib/samba/private/sam.ldb /root/ou.ldif
ERR: No such attribute : "objectclass top is not a valid objectClass in
schema" on DN OU=A1,DC=ad,DC=a1,DC=ind,DC=br at block before line 4
Add failed after processing 0 records
root at araucaria:~#
root at araucaria:~# cat /root/ou.ldif
2018 Sep 04
1
ADUC: RPC Server is unavailable
Hi,
Setting up a new AD DC on Ubuntu 18.04, samba 4.7 from ubuntu's repos
and BIND_DLZ. Did a samba-tool domain classicupgrade from an old NT3.x
domain, imported users and groups ok.
I am able to join windows workstations, can login with a domain user, etc.
Problem is my user A1\mmerlone, member of 'domain admins' group, cannot
open ADUC with the error RPC server is unavailable.
2018 Aug 08
2
RFC2307 on AD DC
Hi all,
I am deploying a new AD DC for our network using Ubuntu 18.04 and
BIND_DLZ. Al lis fine but the RFC2307 attributes on DC. What's the
recommended/correct way to use RFC2307 attributes on DC? At the wiki (1)
it says:
> For example, setting up an ID mapping back end, such as|ad|(RFC2307)
> or|rid|, in the|smb.conf|file is not supported an can cause
> the|samba|service to
2018 Nov 28
0
Odd behavior on group membership
On Wed, 28 Nov 2018 08:48:07 -0200
Marcio Vogel Merlone dos Santos via samba <samba at lists.samba.org> wrote:
> Hi Rowland,
>
> Those tests were made on DC (araucaria), not a domain member.
>
> root at araucaria:~# testparm /etc/samba/smb.conf
> Load smb config files from /etc/samba/smb.conf
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
>
2018 Nov 28
0
Odd behavior on group membership
On Wed, 28 Nov 2018 10:12:39 -0200
Marcio Vogel Merlone dos Santos via samba <samba at lists.samba.org> wrote:
> Hi Rowland, thank you for your prompt reply,
>
> I sent you the testparam output hence lots of defaults (i presumed
> would be better), here is crude smb.conf:
>
> root at araucaria:~# cat /etc/samba/smb.conf
> [global]
> netbios name = ARAUCARIA
2020 May 07
2
Azure AD Connect
G'Day Marcio and gabben,
Douglas (CC'ed) is going to try and look into why this doesn't 'just
work' with Samba. No promises, but at least a trained eye will look
over the process. If you could help him get set up and understand what
works and doesn't that will leave him more time for actual debugging.
The Azure AD sync feature is a big of an oddity in Samba, because it
2020 May 04
4
Azure AD Connect
We joined one MS Windows 2012 R2 server to our Samba DC fleet and pointed the Azure AD sync tool to that new Windows AD server and Azure password sync is working well now.
I don?t have any experience with distribution groups.
Good Luck!
> On May 4, 2020, at 10:21 AM, Marcio Merlone via samba <samba at lists.samba.org> wrote:
>
> So, testing samba 4.12 on a Debian buster I found
2010 Jun 18
1
Help with a generated sieve rule
Hi all,
Can some kind soul please help me find why this rule did not work,
what's wrong? I am using dovecot 1:1.2.10-0xk1.
## Generated by RoundCube Webmail SieveRules Plugin ##
require ["vacation","variables"];
set "subject" "";
if header :matches "subject" "*" {
set "subject" "${1}";
}
#
2016 May 04
3
Cannot join server to Samba4 NT4 domain
Em 28-04-2016 12:14, Rowland penny escreveu:
> On 28/04/16 15:16, MI wrote:
>> I have a Samba 4 NT4 PDC (Version 4.1.17-Debian) with openLDAP.
>>
>> I would like to add another server, and have it authenticate users
>> against openLDAP. I thought I had to add the new server to the domain
>> with "net rpc join", but that seems to think I want to join an
2016 Sep 19
2
Windows 10 anniversary update (1607) causing profile sync errors
On 2016-09-19 14:08, Marcio Vogel Merlone dos Santos via samba wrote:
> Em 09/09/2016 12:48, Luc Lalonde via samba escreveu:
>
>> We have some machines that have updated to the Windows 10 anniversary update (1607) that are having roaming profile sync problems.
>>
>> Before I search the event logs or provide details, has anyone experience profile sync wierdness?
>>
2017 May 29
3
SSL problem - no banner
Hi,
I am running dovecot 2.2.22-1ubuntu2.4 on a ubuntu 16.04 server. It has
a valid Letsencrypt certificate but the problem also happens with a
self-digned one.
Only openssl s_client -connect localhost:993 works fine and fast, while
all MUA's and telnet does not. Telnet timeouts waiting for banner after
a minute or so:
root at netuno:~# openssl s_client -connect localhost:993
2020 Jun 30
0
Trouble to keep replication in sync - W2008R2
Hi,
I have 3 Debian Buster DC running Samba 4.12.3, each one on a site.
Now I have to add a Windows 2008R2 server as DC, but failing miserably
to stabilize it for the past 2 weeks. First, kcc did not created NTDS
connections automatically, had to create them by hand. Some days have
passed and now when I try to replicate from samba to windows, *both on
same site*, I get this:
root at
2020 Mar 19
3
One more upgrade question
Hi,
I have a running samba 4.7.6+dfsg~ubuntu-0ubuntu2.15 on a ubuntu 18.04
server and would like to upgrade to van Belle latest repo. My plan is
plain simple:
1. Deploy a new ubuntu 18.04 server
2. Add van Belle repo
3. Install and *then* join the domain as a DC
4. Demote and remove the old one
Is this OK?
Thanks, best regards.
--
*Marcio Merlone*
2020 Mar 30
6
Azure AD Connect
Hi,
We are preparing to migrate our mail server to Azure and would like to
integrate it vi AD Connect with our AD - Samba 4.7 upgrading to 4.11
(Thanks Louis!).
Anyone willing to share the experience? I see on some not-so-old posts
there is a problem syncing password hashes, but since samba is an ever
evolving solution I would like to know how are you dealing with this?
Thanks and best
2018 Aug 08
1
RFC2307 on AD DC
Em 08/08/2018 11:15, Rowland Penny via samba escreveu:
> On Wed, 8 Aug 2018 10:18:51 -0300
> Marcio Vogel Merlone dos Santos via samba <samba at lists.samba.org> wrote:
>
>> I am deploying a new AD DC for our network using Ubuntu 18.04 and
>> BIND_DLZ. Al lis fine but the RFC2307 attributes on DC. What's the
>> recommended/correct way to use RFC2307 attributes
2016 May 05
1
Cannot join server to Samba4 NT4 domain
Em 05-05-2016 00:14, Jones Syue escreveu:
>
> How about add 'server signing = auto',
> for example:
>
> [global]
> server signing = auto
Hi,
Made no difference if set on the member I want to add to domain, but
when set to the server I got this on member:
mic-158 samba # net rpc join -S PDC -U domadminuser
No realm has been specified! Do you really want to join an
2020 May 25
3
Nested groups when using RFC2307
Hi,
Just noticed, I am unable to use nested groups when relying on RFC2307
for filesystem permissions, am I wright? What have I missed?
(Samba 4.12 on Buster, 2008R2 domain level)
Any migration path to stop using RFC2307 and go to pure idmap without
loosing all permissions on a 6T filesystem? Is that a solution?
Regards,
--
*Marcio Merlone*