similar to: DNS Replication

On the server with the dhcp script. apt install krb5-user Should be sufficient, then try again. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: Praveen Ghimire [mailto:PGhimire at sundata.com.au] > Verzonden: donderdag 4 juli 2019 8:39 > Aan: 'L.P.H. van Belle'; samba at lists.samba.org > Onderwerp: RE: [Samba] Reverse DNS > > Hi Louis, > >

Hi, We have some issue with the reverse DNS in Samba AD. We're running Bind9_DLZ on Ubuntu 18.04. The DHCP server(Ubuntu 16.04) is different to the AD server and not in the same AD domain. The DHCP scope points to the Samba AD server as the DNS server When a machine with DHCP assigned address tries to update the DNS record, it is able to update the forward zone but not the reverse zone. The

Hi Louis, Thank you for that I have made the changes as per below , some items might have duplicated. I then reload apparmor restarted the samba-ad-dc and bind9 services and get the same issue. Every time the forward DNS update works but the reverse doesn't I found a really interesting samba post going back 2017 re the DHCP and DNS

Hai Praveen, > -----Oorspronkelijk bericht----- > Van: Praveen Ghimire [mailto:PGhimire at sundata.com.au] > Verzonden: donderdag 27 juni 2019 13:46 > Aan: samba at lists.samba.org > CC: 'L.P.H. van Belle' > Onderwerp: RE: [Samba] Reverse DNS > > Hi Guys, > > Thank you for your emails. Here is the info > > /etc/apparmor.d/local/usr.sbin.dhcp >

Hi Louis, Just an update on this. I ran up a new test LXC container and completely removed apparmor. Then install the packages. I got the same errors I thought I would change the DNS from Bind to internal and back to bind. The following is going from Bind9 to Internal root at server5-ad:/var/log# service bind9 stop root at server5-ad:/var/log# systemctl mask bind9 Created symlink

Hai, You posted the correct things here, for a quick fix i I'm buzzy with something else atm but i saw that /dev/urandom part. Add in the bind9 (named) apparmor profile # Samba DLZ /{usr/,}lib/@{multiarch}/samba/bind9/*.so rm, /{usr/,}lib/@{multiarch}/samba/gensec/*.so rm, /{usr/,}lib/@{multiarch}/samba/ldb/*.so rm, /{usr/,}lib/@{multiarch}/ldb/modules/ldb/*.so rm,

Hi Rowland, Just as a test, I installed the dhcp server in the DC ( in the lab). Then configured the dhcp as per the wiki This is what I see. And again the forward zone update despite the errors but the reverse doesn't When releasing the lease Jun 27 10:55:07 server5-ad dhcpd[2525]: Release: IP: 192.168.14.198 Jun 27 10:55:07 server5-ad dhcpd[2525]: execute_statement argv[0] =

Hi, We are testing AD migration and have come across an issue with login script. The current (pre-ad) login scripts is located in /home/samba/netlogon and the login script is KIX32.exe. Post the migration, we copied the contents of the /home/samba/netlogon to /var/lib/samba/sysvol/lin.group/scripts. When the users (both standard users and domain admins) login, the login script (KIX32)

Hi Guys, Thank you for your emails. Here is the info /etc/apparmor.d/local/usr.sbin.dhcp /etc/dhcp/ r, /etc/dhcp/** r, /etc/dhcpd{,6}.conf r, /etc/dhcpd{,6}_ldap.conf r, /usr/local/bin/dhcp-dyndns.sh ix, /bin/grep rix, /usr/sbin/samba rix, /usr/bin/gawk rix, /bin/hostname rix, /usr/bin/wbinfo rix, /usr/bin/heimtools rix, /usr/bin/logger rix, /usr/bin/kinit.heimdal rix, /bin/date rix, /dev/tty

2 things. Hai, Change [homes] to [users] and create the folder /home/LIN AD-DC's dont like [homes] Share /home/LIN as [users] Now, in the AD DC smb.conf, the templates settings are used by default. template homedir = /home/%D/%U Which results in your case to : /home/LIN/testhome2 That should do it, but rethink this part of you setup. You might need to change the pam part a bit, but

Hi Rowland, The user's ID range would have been below 3600, the current max rid is 3506 The links have been setup following this link, then restarted the samba-ad-dc service https://wiki.samba.org/index.php/Libnss_winbind_Links I followed the following to configure the winbindd stuff, https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC template shell = /bin/bash

Hi Rowland, I get the same error messages even with the following smb.conf, generated by the migration process. [global] workgroup = LIN realm = LIN.COM netbios name = LINSERVER01 server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate idmap_ldb:use

Hai, A few things to add/check. For that test with that pc: this part from the previous mail. Jun 27 10:55:07 server5-ad dhcpd[2525]: Release: IP: 192.168.14.198 Jun 27 10:55:07 server5-ad dhcpd[2525]: execute_statement argv[0] = /usr/local/bin/dhcp-dyndns.sh Jun 27 10:55:07 server5-ad dhcpd[2525]: execute_statement argv[1] = delete Jun 27 10:55:07 server5-ad dhcpd[2525]: execute_statement

On Mon, 6 May 2019 02:51:18 +0000 Praveen Ghimire via samba <samba at lists.samba.org> wrote: > From: Praveen Ghimire via samba <samba at lists.samba.org> > To: "samba at lists.samba.org" <samba at lists.samba.org> > Subject: [Samba] Doman join issues > Date: Mon, 6 May 2019 02:51:18 +0000 > Reply-To: Praveen Ghimire <PGhimire at sundata.com.au>

Hi Rowland, Just a quick summary, we had to roll back the AD migration due to some users having issues accessing the shares post the migration. They were getting server couldn't not be found , using both hostname and IP. It won't even show the shares available in the server. Some users had no issues, which is the puzzling bit Re the OS and file system: I had a look at the following

Hi Rowland, Thank you for that. We did the testing in a Vmware VM, the actual production box is hosted in SmartOS. Didn't encounter the issues during testing. I am pretty sure it is not a group, it is a user. When I check the AD , I see it as a user. The user with the issue is doesn't have that listed in members of section. With the idmap stuff, the server in question is both DC and

Hi, We are having some replication issues between the our PDC and BDC LDAP servers. Here are the details Servers: Name: LIN-PDC1.LIN Role: PDC SLAPD: openldap-2.4.28 Samba: 3.6.25 Name: LIN-PDC2.LIN Role: BDC SLAPD: 2.4.31 Samba: 4.3.11 LDAP Method: cn=config with smbldap tools Database: HDB Management: PHPLAMDIN Replication Method: refreshAndPersist Replication: After importing the LDIFs

Harry, Thank you. Unfortunately we don't have the choice of upgrading LDAP due to distro not supporting the newer version. However we have managed to get it to work. A lot of fiddling around. I do have another question though ;). Now that we have LDAP replicating, how do I transfer the "samba classic " PDC role to our BDC. I have read that using the domain master=yes in smb.conf

Hi, We are running test migration on the following environment in preparation for the prod migration. Any suggestions will be grealty appreciated. OS: Ubuntu18.04 Hypervisor: Proxmox Container (LXC) Samba Version 4.6.7 DNS: BIND9_DLZ AD and File server in the same server. Have gone through the Samba documentation regarding this We get the following when adding a machine (Windows 7) to the

Hi Rowland, I did that initially and that came with Failed to connect to ldap URL 'ldap://lin-pdc.lin - LDAP client internal error: NT_STATUS_BAD_NETWORK_NAME Hence I removed the whole ldap:// bit After your email I tried again but using ldap://localhost and it seems to have worked. Not sure what the issue is with the fqdn. I could run ldap queries when using fqdn. Regards, Praveen