Displaying 20 results from an estimated 3000 matches similar to: "Realm trust between Samba AD and MIT kerberos realm"
2019 Feb 27
4
status on samba trusts
Now I have a some time to answer, maybe a few of your questions.
Am 26.02.19 um 20:59 schrieb lists via samba:
> Hi,
>
> No replies unfortunately. Unsure why.
There are still a lot of questions open and I think a lot of things have
to be done.
>
> We searched the list, and we found little discussion on the subject of
> trusts. We see occasional questions, but they are often
2019 Feb 21
2
status on samba trusts
Hi,
Having read the release notes on the status of trusts within samba, we
see for 4.9
> "improved support for trusted domains"
but we also always see these messages:
> "Both sides of the trust need to fully trust each other!"
and
> "DCs of domain A can grant domain admin rights in domain B"
What we would like to achieve is a one-way incoming trust
2019 Feb 26
0
status on samba trusts
Hi,
No replies unfortunately. Unsure why.
We searched the list, and we found little discussion on the subject of
trusts. We see occasional questions, but they are often left unanswered,
like this one.
If someone could point us to some good up-to-date docs on trusts with
samba then we would really appreciate it.
We setup a test environment (one samba 4.9.4 testad2 AD, one native
windows
2019 Feb 28
2
status on samba trusts
Thanks everybody!
The sudden burst of help (both on- and offlist) is much appreciated. :-)
I'll get back to my test setup next week, and try again with these new
insights.
MJ
On 2/28/19 3:46 PM, L.P.H. van Belle via samba wrote:
> Hai Maurik-Jan,
>
> Stefan's work can be found here, i'm reading it myself and its really good.
>
>
2019 Feb 28
0
status on samba trusts
Hi Stefan,
Thanks for your input. I'll check the dns stuff. I put resolvers for
both domains as primary and secondary on both machines, but I guess
that's not good enough.
I'll look into setting up a (query logging) dns proxy, that should tell
us at least who is asking what.
Any chance to share that (german) article you wrote?
My german is not perfect, but good enough to
2020 Feb 13
1
Samba 4.11.6 cannot JOIN - 'Could not find machine account'
I'm still digging for the solution to this problem...
The error seems to be triggered by some failure with talking to the NBTNS service (lmhosts)
on the windows machine. (Port 137)
Here is the section of the winbindd log where it fails to fetch the machine account:
...
[2020/02/13 01:18:42.759943, 3]
../../source3/winbindd/winbindd_util.c:297(add_trusted_domain)
add_trusted_domain:
2019 Feb 28
0
status on samba trusts
Hai Maurik-Jan,
Stefan's work can be found here, i'm reading it myself and its really good.
2019 Feb 28
2
status on samba trusts
Hi MJ,
Am 28.02.2019 15:31, schrieb mj via samba:
> Hi Stefan,
>
> Thanks for your input. I'll check the dns stuff. I put resolvers for
> both domains as primary and secondary on both machines, but I guess
> that's not good enough.
>
NO, it's not good enough ;-) Setting up a DNS-Proxy is real easy. Just a
few lines :-).
> I'll look into setting up a (query
2019 Mar 05
0
status on samba trusts
Hi Stefan, others,
Just to report back that things work very nicely now that DNS is using
one dns proxy that resolves both AD domains. I am testing now with a
'full' two-way trust, and everyhing seemed to work, including the tests
from samba-tool and from windows "domains and trusts" perspective.
From an administrative point of view, the fact that your have to add
2010 Mar 11
1
winbind doing dns on short domain
Hi all:
I'm building an authentication infrastructure for combined windows
plus linux clients. To that end, I have a Win Server 2008r2 ADS and a
win svr 2008r2 client, and an ubuntu 9.10 client running the default
samba + winbind (whatever is in their production repos).
I had it 95% working this morning...Then all of a sudden, all winbind
queries died. No idea why. I spent the entire day
2020 Sep 29
2
CTDB Question w/ Winbind
When I try to enable CTDB to manage (legacy) SMB and Winbind, I get startup
errors.
Sep 29 22:23:06 euw2-samba-server-c21-01 ctdb-eventd[1509]: *49.winbind:
Failed to start winbind*
Sep 29 22:23:06 euw2-samba-server-c21-01 ctdb-eventd[1509]: *startup event
failed*
Sep 29 22:23:06 euw2-samba-server-c21-01 ctdbd[1507]: *startup event failed*
Sep 29 22:23:11 euw2-samba-server-c21-01 ctdbd[1507]:
2009 Jan 19
3
winbindd did not start
Hello all,
I have a problem with starting the winbind daemon. I want to connect to a win2003 server domain.
I get the following error message when i start winbindd with:
winbind -d10 -i
winbindd version 3.2.7 started.
Copyright Andrew Tridgell and the Samba Team 1992-2008
initialize_winbindd_cache: clearing cache and re-creating with version number 1
Could not fetch our SID - did we join?
2019 Nov 27
6
security = ads parameter not working in samba 4.9.5
On 27/11/2019 11:03, S?rgio Basto via samba wrote:
> Sorry I meant man idmap_ad. But checking again man is equal of
> https://wiki.samba.org/index.php/Idmap_config_ad in EXAMPLES of man
> page [1]
>
> Examples don't mention netbios name ... I did [2] which instead use
> workgroup I used netbios name and it is working but still don't know
> why or even if it correct
2010 Jun 14
2
Winbind not starting in AD member(samba joining domain)configuration.
SNIP
>
>
> Facing an issue with winbind not starting with below error log(taken
> from /var/log/syslog):
>
> Jun 14 15:48:33 enpaq winbindd[15941]: [2010/06/14 15:48:33, 0]
> param/loadparm.c:6767(service_ok)
> Jun 14 15:48:33 enpaq winbindd[15941]: WARNING: No path in service
> printers - making it unavailable!
> Jun 14 15:48:33 enpaq winbindd[15942]: [2010/06/14
2013 Dec 08
1
Question about Kerberos and what is the different if compile with internal heimdal or mit-krb5
Dear All,
Would like some know the answer on the above question.
What is the different between compiling using internal heimdal library vs
mit-krb5.
I'm on gentoo and thus like other distro having issue on the system-wide
mit-krb and removing it is not that convenient (But still possible)
I've try to compile samba 4.1.2 with internal heimdal library to work as a
Domain controller
But
2019 Nov 27
0
security = ads parameter not working in samba 4.9.5
Hi Rowland,
I reconfigured my smb.conf taking reference from the link provided earlier
but still the winbind service is not able to start. Below is the output of
testparm.
root at esmad1apl01:~# testparm
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section
2008 Nov 30
1
cannot restart winbindd
Hi,
I try to setup a Ubuntu 8.10 workstation to connect to an active directory
on a Windows Server 2003. I follow the howto at
https://help.ubuntu.com/community/Ac...ryWinbindHowto<https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto>
Unfortunately, winbindd stopped working after I configured smb.conf.
smbd and nmbd are still running.
I include smb.conf and log.winbindd hoping it
2020 Sep 30
2
CTDB Question w/ Winbind
Ok, thanks.
[root at euw2-samba-server-c21-01 ec2-user]# systemctl status winbind.service
*?* winbind.service - Samba Winbind Daemon
Loaded: loaded (/usr/lib/systemd/system/winbind.service; enabled; vendor
preset: disabled)
Active: *failed* (Result: exit-code) since Wed 2020-09-30 12:58:25 UTC;
1s ago
Docs: man:winbindd(8)
man:samba(7)
man:smb.conf(5)
2011 Sep 18
0
upgrade to 3.6.0 Could not fetch our SID - did we join?
Dear
I have upgraded from 3.5.11 to 3.6.0
in old version, Server was connected to an Active Directory and no
problems occurs.
when restarting winbind :
Sep 19 01:17:34 onesys-samba winbindd[4818]: [2011/09/19
01:17:34.326691, 0] winbindd/winbindd_util.c:635(init_domain_list)
Sep 19 01:17:34 onesys-samba winbindd[4818]: Could not fetch our SID -
did we join?
Sep 19 01:17:34 onesys-samba
2017 Oct 17
5
Change Netbios name during classicupgrade?
On 16/10/2017 18:18, Rowland Penny wrote:
>
> 'workgroup' is not the netbios name, it is the NetBIOS domain name.
> The workgroup should also not have a dot in it, 'DOMAIN.LAN' looks
> suspiciously like a dns and realm name.
>
Indeed i lacked of precision, purpose of the post was more "change
NetBIOS domain name during clasicupgrade".
DOMAIN.LAN is the