similar to: Problems with Samba 4.5.16 - configuring a second failover AD DC and joining this to an existing domain SAMDOM

Rowland - good news - the instructions in that document you suggested appear to have made all the difference! Now I find that if I do: pi at ad2:~ $ sudo systemctl restart samba-ad-dc pi at ad2:~ $ sudo samba-tool drs showrepl Default-First-Site-Name\AD2 DSA Options: 0x00000001 DSA object GUID: e676dfc3-670d-46bb-b1f7-756bae990a30 DSA invocationId: b7fb9a73-a5c5-4672-9d0f-83e0323f9f3b ====

On Fri, 22 Mar 2019 16:37:23 +0000 Stephen <stephen at ogdenradar.com> wrote: > Thanks for taking a look Roland, and I appreciate your comments > regarding your scripts. I am not a professional sysadmin so there > likely is stuff there that the grizzled unix veterans on this list > will find a little odd  :) > > I just restarted samba on ad2 as per your suggestion and I

Hi All, I am currently running a setup with a main DC ad1, that has ntpd installed and is currently configured to retrieve the time from the UK NTP time pool. I also have a second backup AD DC, ad2, on which I have not installed ntpd but I have installed ntpdate. My current understanding is that the setup I have just described is in-line with the recommended best practices outlined in the

Hello I have two MS AD 2008 let's say AD1 and AD2. They have bi-direction trusted relationship. I have two linux servers joined into AD2, let's say LNX1 and LNX2. On LNX1, it can authenticate any users both from AD1 or AD2. Howerver, on LNX2, it can only authenticate users in AD2 but failed against AD1. It reports NT_STATUS_TRUSTED_DOMAIN_FAILURE (0xc000018c). I'm sure the smb.conf

Hi, I have an Active Directory with a single domain and 2 domain controllers: AD1 and AD2, both are on different sites (and subnets). I've initiallly insatlled AD1 and then joined AD2 to the domain. I've found that if I join desktop computers to the domain using AD1 as DNS, it joins successfully and propagates the change to AD2, but if I try to join a computer using AD2 as DNS, then the

Hi Guys. Today i experienced a problem with my samba 4 AD. I have a master(AD1) and a member(AD2) in a replicated environment. I´ve just checked that my AD2 has some issues when i did this test: ---------------------------------------------------------------------------------- ldbsearch --url=/usr/local/samba/private/sam.ldb '(invocationid=*)' --cross-ncs objectguid # record 1 dn:

Hello Everyone, I have been tasked to work on consolidating authentication to achieve single sign-on using Active Directory. We have mix of Linux and Windows Hosts. All Linux hosts do local authentication currently and Windows hosts authenticates Active directory. I have been thinking of using Samba to authenticate Linux Hosts against Active Directory. I am fairly confident of configuring

On Fri, 22 Mar 2019 15:03:51 +0000 Stephen via samba <samba at lists.samba.org> wrote: > Hello I wonder if anyone here could possibly help me? I am using > Samba version 4.5.16-Debian (version information taken from sudo > smbstatus) on Raspbian and attempting to prototype some future > network infrastructure with a couple of Raspberry Pis. > > So far I have sucessfully

I have 2 ADSL ad1 and ad2 , one PC for my firewall and some deamon on it with 3 ethernet : eth0 connect to my LAN ( 192.168.60.0/24 ) and 2 other connect to ad1 and ad2 |eth1 (10.0.1.2)--------------------ad1 ( ADSL 1 ) | My LAN(192.168.60.0/24) |---------eth0( 192.168.60.2)--> PC | |eth2 (10.0.2.2)---------------------ad2 (ADSL 2 ) All computer in LAN has default router =

Hi everyone, I have two AD DCs that I am experimenting with, hostnames ad1 and ad2 respectively. I am using Raspberry Pi hardware, and accordingly I am using Samba 4.5.16-Debian on Raspbian Linux. I have already had some success so far setting up a second AD DC, ad2, and joining this to my existing Active Directory domain SAMDOM. I have already verified that I can create new user accounts on

Hello, I have installed an samba ad1 and an samba ad2 with replication. On the dc1 "samba-tool drs showrepl" say "... was successful" On dc2 there is the same. When dc1 goes down I get an Error (on my client): Active Directory Users and Computers error: "server is not operational" What is wrong here? For my understand that is no Replication, when one goes down and

Thank you for replying! I can login with my Active Directory credentials, but I can’t login using the local CentOS “svc_dictations” account. I created the local account usingusing “adduser”, “smbpasswd”, and then updating my smb.conf file (below). Thank you, Brian [global] workgroup = YALE password server = ad1.yu.yale.edu<http://ad1.yu.yale.edu>

When I sent the original note, I had it configured this way: [realms] HIJ.KLM.COM <http://hij.klm.com/> = { kdc = ad1.hij.klm.com kdc = ad2.hij.klm.com admin_server = ad.hij.klm.com default_domain = hij.klm.com } [domain_realm] .xyz.hij.klm.com = HIJ.KLM.COM <http://hij.klm.com/> .hij.klm.com = HIJ.KLM.COM <http://hij.klm.com/> But then after reading about kerberos on the

Cheers Louis, i just ran the diagnostic snippet you sent me: pi at ad1:/var/lib/samba/private $ sudo ls -al $(samba -b | grep STATEDIR | awk {' print $NF '})/sysvol total 20 drwxrwx---+ 3 root 3000000 4096 Mar 25 16:36 . drwxr-xr-x  8 root root    4096 Mar 25 17:31 .. drwxrwx---+ 4 root 3000000 4096 Mar 25 16:36 samdom.example.com pi at ad2:/var/lib/samba/private $ sudo ls -al $(samba

I just want to limit bandwidth on a particular link. Specifically, one machine (PC1) is on wired LAN and other (PC1) on a WLAN, acess point for which is on the same LAN. Both machines have static ip addresses (AD1 and AD2) and I want to limit the bandwidth utilization of certain udp traffic from PC2 to PC1. Is is possible to do this using iptables and tc (controlling from PC1 as that has both

Hi guys: Sorry if this question is very basic. I?m learning basic matrix and vectors multiplication to develop a population matrix model for plants. I?m trying to multiply the elements of two vectors (each of the ?x? values by each of the ?y? values) to obtain a square matrix of xy values. f.e. x<-seq(5,205) y<-seq(5,20,5) stages<-c(?Sdl?, ?Juv?, ?Ad1?, ?Ad2?) If I just multiply xy as

Can you post the following files: /etc/resolv.conf /etc/hostname /etc/hosts /etc/krb5.conf pi at fs1:/var/log/apache2 $ cat /etc/resolv.conf # Generated by resolvconf search samdom.example.com nameserver 192.168.1.229 nameserver 192.168.1.228 nameserver X.X.X.X nameserver X.X.X.X nameserver 8.8.8.8 pi at fs1:/var/log/apache2 $ cat /etc/hostname fs1 pi at fs1:/var/log/apache2 $ cat /etc/hosts

Greetings, Long-time but very occasional samba user here with a new challenge (well for me at least). The basics are that on the domain join, the computer account gets created but throws the dns error which based on my searching seems non-fatal. wbinfo -t gives me a succeeded, wbinfo -a klm.com\\me --ntlmv2 works fine but yet the net ads testjoin fails. Logs on the domain controller show

Hi Rowland, I made the change you suggested to auto refresh kerberos. It didn't seem to fix the issue unfortunately, even after a machine restart. Following your line of reasoning that it is a Kerberos issue, I then tried to grab a new kerberos ticket on the server in question which appears to fail though. Perhaps this gives some further insight? pi at fs1:~ $ kinit administrator at

The IT department is phasing in new Active Directory servers, during work ours, and I need to get all my systems using winbind for authentication to switch to the new servers, and hopefully without a reboot. I tried to redirect a machine currently authenticating via the current AD to the new AD, but even after restarting all the winbind, smbd, nmbd processes, I see it still pointing to the old