similar to: dsdb_access Access check failed on CN=Configuration

Displaying 20 results from an estimated 10000 matches similar to: "dsdb_access Access check failed on CN=Configuration"

2019 May 23
2
dsdb_access Access check failed on CN=Configuration
On 23/05/2019 20:45, Mike Ray wrote: > OK -- I fixed this issue. > > The fix also fixed the issue where the following ldapsearch command use to return but no longer did: > # ldapsearch -x -H ldap://DC -b dc=domain,dc=local "(&(gidNumber=xxxx)(!(uidNumber=*)))" > > The answer is that I needed to re-add "acl:search = no" to the smb.conf to all DCs. > >
2019 May 23
0
dsdb_access Access check failed on CN=Configuration
> OK -- I fixed this issue. > > The fix also fixed the issue where the following ldapsearch command use to return but no longer did: > # ldapsearch -x -H ldap://DC -b dc=domain,dc=local "(&(gidNumber=xxxx)(!(uidNumber=*)))" > > The answer is that I needed to re-add "acl:search = no" to the smb.conf to all DCs. > > The question is why? > > I
2019 May 23
0
dsdb_access Access check failed on CN=Configuration
OK -- I fixed this issue. The fix also fixed the issue where the following ldapsearch command use to return but no longer did: # ldapsearch -x -H ldap://DC -b dc=domain,dc=local "(&(gidNumber=xxxx)(!(uidNumber=*)))" The answer is that I needed to re-add "acl:search = no" to the smb.conf to all DCs. The question is why? I upgraded from a custom compiled Samba ~4.0 to
2019 May 23
0
dsdb_access Access check failed on CN=Configuration
No -- we never ran classicupgrade. We created the original DCs with a custom package (that should be close, but not exactly the same as 4.0.6). We then took a fresh 4.9 DC, joined it to the old domain, removed the old DCs and transferred the FSMO roles. As our original DCs should be close to 4.0.6, I would think this bug doesn't quite apply as it was supposedly fixed by 4.0.1. ----- On May
2019 May 22
2
dsdb_access Access check failed on CN=Configuration
----- On May 22, 2019, at 1:00 PM, samba samba at lists.samba.org wrote: > On 22/05/2019 18:24, Mike Ray wrote: >> Poking around on this further, I believe the LMHOSTS error does not matter. >> >> The smb directive "name resolve order" defaults to "lmhosts wins host bcast" -- >> so I believe the file no found error is just because it's trying
2019 May 22
0
dsdb_access Access check failed on CN=Configuration
On 22/05/2019 18:24, Mike Ray wrote: > Poking around on this further, I believe the LMHOSTS error does not matter. > > The smb directive "name resolve order" defaults to "lmhosts wins host bcast" -- so I believe the file no found error is just because it's trying lmhosts first, not finding the file and then moving on. > > Eventually it hits "host"
2019 May 22
0
dsdb_access Access check failed on CN=Configuration
Try again with : samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST As in dc5.your.dns.domain.tld ... Whats the result.? If it fails, please tell os your: OS? Content of /etc/hosts /etc/resolv.conf /etc/nsswitch.conf /etc/samba/smb.conf > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Mike > Ray via samba >
2019 May 22
2
dsdb_access Access check failed on CN=Configuration
All- I've got 3 DCs (version 4.9.6-12) that, prior to today, were running without issue (as best I could tell). Every night I run a few commands to monitor the status of the DCs/domain. I run: * dbcheck --cross-ncs * samba-tool drs kcc <other DCs> * samba-tool ldapcmp <local DC> <other DCs> (domain|configuration|schema|dnsdomain|dnsforest) * samba-tool drs showrepl These
2019 May 22
2
dsdb_access Access check failed on CN=Configuration
Poking around on this further, I believe the LMHOSTS error does not matter. The smb directive "name resolve order" defaults to "lmhosts wins host bcast" -- so I believe the file no found error is just because it's trying lmhosts first, not finding the file and then moving on. Eventually it hits "host" resolution and uses /etc/hosts to resolve the name. Changing
2019 May 22
2
dsdb_access Access check failed on CN=Configuration
----- On May 22, 2019, at 11:07 AM, samba samba at lists.samba.org wrote: > On 22/05/2019 16:29, Mike Ray via samba wrote: >> ----- On May 22, 2019, at 10:01 AM, samba samba at lists.samba.org wrote: >> >>> Try again with : >>> >>> samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST >>> As in dc5.your.dns.domain.tld ...
2019 May 22
0
dsdb_access Access check failed on CN=Configuration
On 22/05/2019 16:29, Mike Ray via samba wrote: > ----- On May 22, 2019, at 10:01 AM, samba samba at lists.samba.org wrote: > >> Try again with : >> >> samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST >> As in dc5.your.dns.domain.tld ... >> >> Whats the result.? > The failure is still present -- no change in the output of the command:
2019 May 22
2
dsdb_access Access check failed on CN=Configuration
----- On May 22, 2019, at 10:01 AM, samba samba at lists.samba.org wrote: > Try again with : > > samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST > As in dc5.your.dns.domain.tld ... > > Whats the result.? The failure is still present -- no change in the output of the command: # samba-tool ldapcmp dc3.domain.local dc5.domain.local DNSFOREST ERROR(ldb):
2019 Mar 01
2
Replication and KCC problems on upgrade
----- On Mar 1, 2019, at 3:35 AM, samba samba at lists.samba.org wrote: > > I wonder if this has anything to do with the 'you cannot upgrade > directly from 4.7.x to 4.9.x' bug ? I was not aware of this bug. Do you think I should scrap this upgrade and try again jumping like so? 4.0.6-12 -> 4.7 -> 4.8 -> 4.9 > I know this might seem strange, but try running
2019 Aug 23
0
Problem with sync user account from Samba Master to Samba Slave
On 23/08/2019 20:55, Miguel Coa M. via samba wrote: > Hello, > i?ve Samba 4.7 with domain controller with 3 servers, 1 DC (samba-ad) and two other DCs (samba-1) and (samba-2). The problem is when create user account from "samba-ad? this account not sync to other, but i create the account on "samba-1" or "samba-2? this is sync on all server. > > Samba version
2019 Apr 24
1
Odd behavior since upgrading to 4.9.6
----- On Apr 24, 2019, at 2:35 PM, samba samba at lists.samba.org wrote: > On Wed, 24 Apr 2019 14:07:37 -0500 (CDT) > Mike Ray <mray at xes-inc.com> wrote: > >> >> idmap_ldb:use rfc2307 = yes >> >> ldap server require strong auth = no >> >> netbios name = dc5 >> >> ntp signd socket directory =
2019 Apr 24
0
Odd behavior since upgrading to 4.9.6
On Wed, 24 Apr 2019 14:07:37 -0500 (CDT) Mike Ray <mray at xes-inc.com> wrote: > >> idmap_ldb:use rfc2307 = yes > >> ldap server require strong auth = no > >> netbios name = dc5 > >> ntp signd socket directory = /var/run/samba/ntp_signd > > > > Is the above different from the output of: > > samba -b |
2017 Sep 29
2
Replication Error Between Differing Samba Versions During Upgrade
Hey all- Trying to upgrade the domain and running into issues getting my data into the new controller. Current configuration: dc0 - Ubuntu 12.04.2 - Samba: 2:4.0.6-12 dc1 - Ubuntu 12.04.2 - Samba: 2:4.0.6-8 dc2 - Ubuntu 12.04.3 - Samba: 2:4.0.6-8 I'm trying upgrade to Ubuntu 16.04.3, Samba: 2:4.3.11+dfsg-0ubuntu0.16.04.10 The documentation
2016 May 26
0
No such Base DN: CN=Produktion A-Studio (alt?), CN=Users, DC=srg2, DC=local / RSAT
Parenthesis are not yet a good idea with Samba. A colleague created users with parenthesis in CN field and we just can't use ldbsearch to look for them, as long as we set parenthesis in LDAP filter. We must use wildcard to avoid the bug (bug because we can use escaped parenthesis in filters with ldapsearch, I can be totally wrong but I do believe if ldapsearch permit parenthesis the protocol
2019 Apr 24
2
Odd behavior since upgrading to 4.9.6
----- On Apr 24, 2019, at 1:49 PM, samba samba at lists.samba.org wrote: > On Wed, 24 Apr 2019 12:36:15 -0500 (CDT) > Mike Ray via samba <samba at lists.samba.org> wrote: > >> [global] >> dns forwarder = 192.168.2.101 192.168.2.102 > > What are the dns forwarders ? > By this I mean, are they dns servers outside the AD dns domain, no > nothing about
2016 May 26
3
No such Base DN: CN=Produktion A-Studio (alt?), CN=Users, DC=srg2, DC=local / RSAT
2016-05-26 13:51 GMT+02:00 mathias dufresne <infractory at gmail.com>: > Parenthesis are not yet a good idea with Samba. A colleague created users > with parenthesis in CN field and we just can't use ldbsearch to look for > them, as long as we set parenthesis in LDAP filter. We must use wildcard to > avoid the bug (bug because we can use escaped parenthesis in filters with