similar to: FW: GPO issues - getting SYSVOL cleaned up again

On 31/07/2019 12:04, Stefan G. Weichinger via samba wrote: > Am 31.07.19 um 12:50 schrieb Rowland penny via samba: >> On 31/07/2019 11:40, Stefan G. Weichinger via samba wrote: >>> Am 31.07.19 um 12:32 schrieb Rowland penny via samba: >>>> On 31/07/2019 11:22, Stefan G. Weichinger via samba wrote: >>>>> "dc" was the old name a few years ago

Am 31.07.19 um 12:19 schrieb L.P.H. van Belle via samba: > And check : > > rgrep "dc.domain.at" /var/lib/* There we are -> root at pre01svdeb03:~# rgrep "dc..at" /var/lib/* Binary file /var/lib/samba/private/sam.ldb.d/DC=,DC=AT.ldb matches Binary file /var/lib/samba/private/sam.ldb.d/CN=CONFIGURATION,DC=,DC=AT.ldb matches root at pre01svdeb02:~# rgrep

"--seize" helped: root at pre01svdeb03:~# samba-tool fsmo show SchemaMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at InfrastructureMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at RidAllocationMasterRole owner:

On 31/07/2019 11:22, Stefan G. Weichinger via samba wrote: > Am 31.07.19 um 12:17 schrieb Rowland penny via samba: >> On 31/07/2019 11:02, Stefan G. Weichinger via samba wrote: >>> Am 31.07.19 um 11:58 schrieb L.P.H. van Belle via samba: >>>> Restarted or stop-start, because there is a difference between these. >>>> You MUST use stop/start >>> I

?? And we did compair this months ago.. You did say, everything is in sync now. Ahhh... ;-) If you really want to know if you DC's are setup the same. Tip.. Copy /etc of both server into a new folder. And runn diff -r /etc-dc1/ /etc-dc2/ > check-me.txt And check-me.txt I just did that on my brand new Buster proxy servers, 2 with keepalived. I'm almost done with this, you

On 31/07/2019 11:40, Stefan G. Weichinger via samba wrote: > Am 31.07.19 um 12:32 schrieb Rowland penny via samba: >> On 31/07/2019 11:22, Stefan G. Weichinger via samba wrote: >>> "dc" was the old name a few years ago >>> >>> I try to get rid of that now. >>> >>> host -t A dc... not found. We want that in the end. >>>

> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Stefan G. Weichinger via samba > Verzonden: woensdag 31 juli 2019 12:20 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] GPO issues - getting SYSVOL cleaned up again > > Am 31.07.19 um 12:14 schrieb L.P.H. van Belle via samba: > > Verify if the Alias GUID you

> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Stefan G. Weichinger via samba > Verzonden: vrijdag 12 juli 2019 10:24 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] GPO infrastructure? -> 4.8.x to 4.9.x > > Am 10.07.19 um 08:40 schrieb Stefan G. Weichinger via samba: > > > more of this: > >

Am 31.07.19 um 11:51 schrieb L.P.H. van Belle via samba: > Run : nslookup dc non-existent: good, afaik > If this one removed, then its a hunt for the dc record in the AD and DNS. > Review with Windows tools, the Active Directory Sites and Services > If there is nothing left there. It's there in Sites - Default-First-Site-Name - Servers ... >> sorry for going loops

I suggest this order. You need to start with to rename/remove /var/lib/samba/private/dns_update_cache Stop/start samba. Then wait 5 min. Then verify DNS and AD objects, dont change "yet".. Inform us first if you see strange things. Then check replication again. > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens >

Hai, I just renamed that file to .old on one of my DC's. systemctl stop samba-ad-dc && systemctl start samba-ad-dc New file is created yes, so this looks like the solution. Stefan, once this is done. Verify again the servers in : Sites - Default-First-Site-Name - Servers Windows DNS tool, zone your.dom.tld. For the A IN-ARPA .. For the PTR. _msdcs.your.dom.tld. For GUIDs.

Ah i see.. /usr/local/samba/private/dns.keytab Thats the "old" path.. Your using bind9 you should have: /usr/local/samba/bind-dns/dns.keytab dont forget to set the needed rights on bind-dns folder. On road, cant look deeper in it. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: Rommel Rodriguez Toirac [mailto:rommelrt at nauta.cu] > Verzonden:

Progress: no more "dc" in rgrep on both servers PTR for the rejoined pre01svdeb02 is missing, so I assumed we need a dnsupdate: root at pre01svdeb02:~# samba_dnsupdate --verbose IPs: ['192.168.16.205'] need cache add: A pre01svdeb02.pilsbacher.at 192.168.16.205 Looking for DNS entry A pre01svdeb02.pilsbacher.at 192.168.16.205 as pre01svdeb02.pilsbacher.at. need cache add: NS

And check : rgrep "dc.domain.at" /var/lib/* > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > L.P.H. van Belle via samba > Verzonden: woensdag 31 juli 2019 12:18 > Aan: samba at lists.samba.org > Onderwerp: [Samba] FW: GPO issues - getting SYSVOL cleaned up again > > (oeps) this need to be in this mail

On 10/12/15 14:00, Ole Traupe wrote: > > > Am 10.12.2015 um 14:38 schrieb Rowland penny: >> On 10/12/15 13:25, Ole Traupe wrote: >>> Is it possible that kdc server is always the SOA, at least if >>> derived from DNS and not specified *explicitly* in the krb5.conf? >>> >>> In my DNS-Manager console I find that >>> >>>

On 10/12/15 14:40, Ole Traupe wrote: > >>> However, my 2nd DC is not that new, I restarted it many times, just >>> again (samba service). No DNS records are created anywhere. >>> >>> If I go through the DNS console, in each and every container there >>> is some entry for the 1st DC, but none for the 2nd (except on the >>> top levels: FQDN

Am 31.07.19 um 11:25 schrieb Stefan G. Weichinger via samba: > So to me it seems obvious to get rid of that "dc.mydomain.at" ... at > least as a next step. Went through DNS on the windows server and rm-ed all containing "dc.mydomain.at" There was a SRV-record below "_msdcs.mydomain.at" "pdc" "_tcp" pointing to "dc.mydomain.at"

I installed a third DC today. Replication works find, but as systemctl status samba-ad-dc showed an error w.r.t. dnsupdate I was running samba_dnsupdate ?verbose. Below is the output. It looks like there are some missing DNS records, but what are potential causes of this error: dns_tkey_gssnegotiate: TKEY is unacceptable I already checked what?s listed @

On 31/07/2019 11:02, Stefan G. Weichinger via samba wrote: > Am 31.07.19 um 11:58 schrieb L.P.H. van Belle via samba: >> Restarted or stop-start, because there is a difference between these. >> You MUST use stop/start > I read "restart" and did "systemctl restart" ;-) > > stop/start now on both > > no change > > But a trace of the problematic

Am 04.01.2024 um 13:28 schrieb lists--- via samba: > Am 04.01.2024 um 12:36 schrieb Rowland Penny via samba: >> On Thu, 4 Jan 2024 12:12:57 +0100 >> lists--- via samba <samba at lists.samba.org> wrote: >> >>> Am 04.01.2024 um 11:55 schrieb Rowland Penny via samba: >>>> On Thu, 4 Jan 2024 11:19:17 +0100 >>>> lists--- via samba <samba at