similar to: Issues with RODC

On Sun, May 5, 2019 at 9:52 AM Rowland Penny via samba < samba at lists.samba.org> wrote: > On Sun, 5 May 2019 09:20:37 -0300 > Emerson Kfuri via samba <samba at lists.samba.org> wrote: > > > Hello, > > > > Recently I started using RODC servers on my environment and noticed a > > few issues with it: > > - lack of LDAP SPNs > > -

Hi Rowland, Thanks for you answer, specially on a sunday! :-) On Sun, May 5, 2019 at 11:31 AM Rowland Penny via samba < samba at lists.samba.org> wrote: > On Sun, 5 May 2019 10:13:07 -0300 > Emerson Kfuri <emersonkfuri at gmail.com> wrote: > > > On Sun, May 5, 2019 at 9:52 AM Rowland Penny via samba < > > samba at lists.samba.org> wrote: > > >

On Sun, 5 May 2019 10:13:07 -0300 Emerson Kfuri <emersonkfuri at gmail.com> wrote: > On Sun, May 5, 2019 at 9:52 AM Rowland Penny via samba < > samba at lists.samba.org> wrote: > > > On Sun, 5 May 2019 09:20:37 -0300 > > Emerson Kfuri via samba <samba at lists.samba.org> wrote: > > > > > Hello, > > > > > > Recently I

Hello Stefan, you need to use "-U" with user from Domain Admin group(maybe it works with other users too, but I didn't test it). Andrej Am 07.08.2018 um 17:00 schrieb Stefan Kania via samba: > When I start the replication from the other DC it works as you can see: > ------- > root at addc-01:~# samba-tool drs replicate rodc-01 addc-01 dc=example,dc=net > Replicate

On Sun, 5 May 2019 09:20:37 -0300 Emerson Kfuri via samba <samba at lists.samba.org> wrote: > Hello, > > Recently I started using RODC servers on my environment and noticed a > few issues with it: > - lack of LDAP SPNs > - "samba_dnsupdate" not working with "insufficient access rights" (it > works from RWDCs) Probably because you cannot write to an

> Jakob Curdes via samba<samba at lists.samba.org> wrote: > >> Hello, we have setup a SAMBA4 RODC in our setup where we have two >> exisitng RW Samba4 DC's. >> >> The RODC is joined correctly and can preload user accounts etc. It >> also can resolve its own name and the name of other DC's, also the >> SRV records needed. >> We created

On Wed, 24 Jan 2024 15:54:38 +0100 Jakob Curdes via samba <samba at lists.samba.org> wrote: > Hello, we have setup a SAMBA4 RODC in our setup where we have two > exisitng RW Samba4 DC's. > > The RODC is joined correctly and can preload user accounts etc. It > also can resolve its own name and the name of other DC's, also the > SRV records needed. > We created

On 05/05/2019 05:14 PM, Emerson Kfuri via samba wrote: > Hi Rowland, > > Thanks for you answer, specially on a sunday! :-) > > > > On Sun, May 5, 2019 at 11:31 AM Rowland Penny via samba < > samba at lists.samba.org> wrote: > >> On Sun, 5 May 2019 10:13:07 -0300 >> Emerson Kfuri <emersonkfuri at gmail.com> wrote: >> >>> On Sun,

Hi, I installed a RODC on my mailserver to have a local authentication for mailusers on the machine which doesn't rely on a always-on-connetion to the office. The problem is now that the user-preload doesn't work so that the RODC is not able to authenticate the users itself: samba-tool rodc preload <user> --server <DC1> -U Administrator Password for [AD\Administrator]:

On Wed, 24 Oct 2018 09:45:39 +1300 Garming Sam <garming at catalyst.net.nz> wrote: > > On 23/10/18 9:48 PM, Rowland Penny via samba wrote: > > On Tue, 23 Oct 2018 10:07:29 +1300 > > Garming Sam via samba <samba at lists.samba.org> wrote: > > > >> Hi, > >> > >> On 20/10/18 1:26 AM, Julien Ropé via samba wrote: > >>>  The

On Mon, 6 May 2019 08:42:03 +0200 Adam Minski <aminski316 at gmail.com> wrote: > > Good Morning. > > I've tested RODC functionality using samba-4.9.4 and > samba-4.11.0pre1-GIT-f1a1c300e19 built on Debian 9. The builds using > the internal Heimdal KDC and the internal DNS backend. > > For me there's no lack of LDAP SPNs and samba_dnsupdate works as >

On Mon, 30 Dec 2024 16:07:31 +0000 Manzini Enrico via samba <samba at lists.samba.org> wrote: > Hi Rowland > We actually use RODC's because we have a customer with hub and spoke > configuration with 4 RWDC's in the central site, and about 80 remote > sites with RODC's deployed, all of these with low hardware security, > sites where the machine can physically can

Hello, I just start testing the setup of an RODC with 4.8.3 (I use the packages from Louis). The join works fine. After a reboot of the rodc I can see all Objcts with: ldbsearch --url=/var/lib/samba/private/sam.ldb and all users and groups with: wbinfo -u wbinfo -g But as soon as I try to test the replication I got this message: ----------- root at rodc-01:/var/lib/samba/private# samba-tool drs

Hi Rowland We actually use RODC's because we have a customer with hub and spoke configuration with 4 RWDC's in the central site, and about 80 remote sites with RODC's deployed, all of these with low hardware security, sites where the machine can physically can be stolen, so we opted to use RODC's machines at the remote sites The connectivity and dns resolution works both fine, with

On Tue, 23 Oct 2018 10:07:29 +1300 Garming Sam via samba <samba at lists.samba.org> wrote: > Hi, > > On 20/10/18 1:26 AM, Julien Ropé via samba wrote: > > > >  The deployment works, and computers seems to interact with the > > RODCs as they should, but sometimes computers leave the domain > > after a password change. > > > >  This seems to

Ok, but why if i browse the network from the client with the remote rodc and the rwdc used as replication partner for rodc join online, everything work as expected, but if i shutdown the rwdc used for rodc join replication partner offline, client no work anymore? The join command for the remote rodc RODC-1 is: samba-tool domain join scratch.lan RODC --server=dc-1.scratch.lan --realm=SCRATCH.LAN

On Tue, 7 Aug 2018 17:44:37 +0200 Stefan Kania via samba <samba at lists.samba.org> wrote: > Hi Andrej, > > then it works, but on a "normal" addc it works without "-U ". This is probably because you will be running the command from the RODC on the RWDC. > > One more Question: > When I do a "host -t srv _ldap._tcp.example.net" I only see

On Tue, 24 Dec 2024 11:38:17 +0000 Manzini Enrico via samba <samba at lists.samba.org> wrote: > Hello, > we are testing a dc/rodc configuration with Samba AD, but we are > stuck with a problem that occurs when one of the writable DCs (the > one that was used as a partner during rodc join) is shutdown: Test > configuration: > - writeable dc and read only dc Samba

On Tue, 3 Dec 2024 11:25:35 +0100 Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > Il 03/12/24 10:13, Rowland Penny via samba ha scritto: > > On Tue, 3 Dec 2024 09:15:36 +0100 > > Mitja Tav?ar via samba <samba at lists.samba.org> wrote: > > > >> Hi, i have some problems with a recently joined Read Only Domain > >> controller. >

Hello, we have setup a SAMBA4 RODC in our setup where we have two exisitng RW Samba4 DC's. The RODC is joined correctly and can preload user accounts etc. It also can resolve its own name and the name of other DC's, also the SRV records needed. We created an own site with specific subnet for this RODC "area". But we did not manage to get a join of a Windows server working