similar to: Dynamic DNS tips? (Samba 4.8.x + Bind9_DLZ)

On Tue, Jan 1, 2019 at 4:19 AM Rowland Penny via samba <samba at lists.samba.org> wrote: > > On Tue, 1 Jan 2019 01:02:48 -0800 > Kris Lou via samba <samba at lists.samba.org> wrote: > > > What's the recommended method for handling dynamic DNS updates? via > > Kerberos, DHCP scripts, or both? > > > > I'm currently doing both (I think), but

On Tue, 1 Jan 2019 01:02:48 -0800 Kris Lou via samba <samba at lists.samba.org> wrote: > What's the recommended method for handling dynamic DNS updates? via > Kerberos, DHCP scripts, or both? > > I'm currently doing both (I think), but Windows 2012R2 clients > sometimes complain about not being able to update since it's been > done by the DHCP script (and the

Hi all, I seem to have run into a case where my DC's aren't being round-robin'ed by DNS. I've got 3 DC's using Internal DNS, but every time I ping mydomain.com and check the results (ipconfig /displaydns), it's always in the same order. The same order appears when I query the DC's directly, individually: # nslookup mydomain.com 172.23.51.5 Server:

I have a bit of an oddity here: I'm using Samba 4.2.14 with AD, using Samba's internal DNS to serve to my domain (and forwarding others to Google Public DNS 8.8.8.8). However, it looks like client queries (and subsequent forwards) to a vendor's URL (www.pitneybowes.us) fail, but are successful if I query Google directly: [root at XXXX~]# nslookup -type=any www.pitneybowes.us >

IMHO, in short, learn to use encrypted connections. 2016-07-27 22:38 GMT+02:00 Kris Lou <klou at themusiclink.net>: > As of 4.2.11: https://www.samba.org/samba/security/CVE-2016-2112.html > > =================== > New smb.conf option > =================== > > ldap server require strong auth (G) > > The ldap server require strong auth defines whether the

> > > Join command was: > samba-tool domain join domain.com DC -k yes --server=vm-dc1.domain.com --dns-backend > SAMBA_INTERNAL -v -d 5 2>&1 | tee join.txt Here, you have "--dns-backend SAMBA_INTERNAL" where perhaps you meant "--dns-backend=SAMBA_INTERNAL" ? I'm guessing that it was interpreted as "--dns-backend=NONE" Kris Lou klou at

On Wed, Dec 27, 2023 at 12:21?PM Sonic <sonicsmith at gmail.com> wrote: > On Wed, Dec 27, 2023 at 2:31?PM Kris Lou via samba > <samba at lists.samba.org> wrote: > > > named.conf.local > > > ===================== > > > include "/usr/local/samba/private/named.conf"; > > > ===================== > > > > Is the correct

So you have to reset the other account flags after doing it? On 08/15/2019 02:43 PM, Kris Lou via samba wrote: > pdbedit -c="[]" <user> > > This clears the Account Flags (warning, clears ALL Account flags) that you > can also view via "pdbedit -Lv <user>" > > > Kris Lou > klou at themusiclink.net > > > On Thu, Aug 15, 2019 at 12:11

Well, this is interesting (to me, at least). I joined a W10 machine to the domain (4.8/4.9.4 mix, I'm working on it), then renamed it via "WMIC /node:<computer> computersystem where name="<computer>" call rename name="<newname>". Doing so changed the displayName, sAMAccountName, dNSHostName, and assorted servicePrincipalNames, but did not change the

Hello Kris, That was the first thing I checked and the file had not been touched! Aref -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Kris Lou via samba Sent: 09 October 2018 23:15 To: samba Subject: Re: [Samba] Samba server fails to save settings Check your smb.conf. If the changes aren't there, then you'll have to talk to the Yast

Just to clarify, your hook allows dehydrated to lookup DNS to an internal Samba (or Bind_DLZ) server for DNS-01 verification in certificate generation? Kris Lou klou at themusiclink.net On Tue, Jan 15, 2019 at 2:13 AM Jakob Lenfers via samba < samba at lists.samba.org> wrote: > Am 14.01.19 um 11:29 schrieb Rowland Penny via samba: > > > Whilst it is quite correct to say that

Perhaps try http://wing-repo.net/ for CentOS rpms? The readme is out of date -- inspecting the repo at http://wing-repo.net/wing will find 4.6, 4.7 (in extras), 4.8rc3. Kris Lou klou at themusiclink.net On Wed, Feb 21, 2018 at 8:27 PM, denis.shigapov via samba < samba at lists.samba.org> wrote: > We have the standard centos. > I have recompiled packages from Fedora, as well as all

piggybacking on the "Syncing Sysvol" thread ... I had thought that the conventional wisdom was that ntacl sysvolreset should be mostly avoided once relative stability achieved and additional GPO's created. https://wiki.samba.org/index.php/Sysvolreset Has this changed recently? Kris Lou klou at themusiclink.net

> > There is also Citrix XenServer for maxium > comfort. It offers GUI tools under Windows for managing VMs. The > drawback is, there are a lot of parameters you cannot set in the non > paid version. Just to throw it out there, there's also XCP-NG which is a rebranded (w/o Citrix) version of XenServer without all of the proprietary bits. The same people also produce

> /* forwarders { > 172.26.62.1; > }; Is there a reason why this is half-commented out? > named.conf.local > ===================== > include "/usr/local/samba/private/named.conf"; > ===================== Is the correct BIND_DLZ module enabled in the above file? Kris Lou klou at themusiclink.net

Shanks for the hint! Very strange that the default is only to use a deprecated protocol… Anyway, this option has no effect on this issue… Yvan Le 31/05/2019 à 18:53, Kris Lou via samba a écrit : > Most likely, your Windows 10 (file server) is disallowing SMB1 connections, > which is the default for smbclient. > > You can force smbclient to use a higher protocol with "smbclient

I've found that some embedded devices have older CIFS clients, which can only talk over SMB1. So, you can adjust your server to allow it, or look for another file transport. Kris Lou klou at themusiclink.net On Wed, Sep 9, 2020 at 3:16 PM Jeremy Allison via samba < samba at lists.samba.org> wrote: > On Wed, Sep 09, 2020 at 02:35:28PM -0700, Peter Pollock via samba wrote: >

Hi Rob, I'm not sure you will get much pleasure out of VirtualBox on that hardware. It sits completely on top of the OS and it will grab most of the resources, even hogging from the OS. And it will run very hot. The Xen hypervisor (incl. XenServer, XCP-NG) is very resource efficient and with Linux guests (PV or PVHVM), it will run very smoothly. The same applies to KVM. My FX-6300 box

You're geniuses one and all! That looks to have fixed the problem! At a later date I'll try to work out how to do it via ftp so I can avoid the smb1 protocol altogether, but for now I have a working solution so THANK YOU! On Wed, Sep 9, 2020, 3:45 PM Andrew Bartlett via samba < samba at lists.samba.org> wrote: > The other thing is NTLMv2, also required by default in modern

So, I'm using Samba AD for user authentication by some web appliances, using LDAPS over port 636. I've been doing this for quite a while -- and my certificates and everything seem to check out. But this week (and with one appliance -- my firewall), I'm finding that maybe 3/20 times the bind will fail for perhaps 10 seconds. During this time, the logs read (for each failure):