similar to: 4.9.12 operation unavailable without authentication

On 03/09/2019 18:50, Mike Ray via samba wrote: > I have Samba in production (4.9.6-12 on Ubuntu 18.04) which is working well. > > However, we are several releases behind so I am gearing up to upgrade to the latest 4.9 release. > > As part of the preparations (and for other reasons), I spun up an upgraded DC cluster in our development environment (4.9.12-15 on Ubuntu 18.04). >

All- I've got 3 DCs (version 4.9.6-12) that, prior to today, were running without issue (as best I could tell). Every night I run a few commands to monitor the status of the DCs/domain. I run: * dbcheck --cross-ncs * samba-tool drs kcc <other DCs> * samba-tool ldapcmp <local DC> <other DCs> (domain|configuration|schema|dnsdomain|dnsforest) * samba-tool drs showrepl These

----- On May 22, 2019, at 10:01 AM, samba samba at lists.samba.org wrote: > Try again with : > > samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST > As in dc5.your.dns.domain.tld ... > > Whats the result.? The failure is still present -- no change in the output of the command: # samba-tool ldapcmp dc3.domain.local dc5.domain.local DNSFOREST ERROR(ldb):

----- On May 22, 2019, at 11:07 AM, samba samba at lists.samba.org wrote: > On 22/05/2019 16:29, Mike Ray via samba wrote: >> ----- On May 22, 2019, at 10:01 AM, samba samba at lists.samba.org wrote: >> >>> Try again with : >>> >>> samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST >>> As in dc5.your.dns.domain.tld ...

Try again with : samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST As in dc5.your.dns.domain.tld ... Whats the result.? If it fails, please tell os your: OS? Content of /etc/hosts /etc/resolv.conf /etc/nsswitch.conf /etc/samba/smb.conf > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Mike > Ray via samba >

On 22/05/2019 16:29, Mike Ray via samba wrote: > ----- On May 22, 2019, at 10:01 AM, samba samba at lists.samba.org wrote: > >> Try again with : >> >> samba-tool ldapcmp dc5.$(hostname -d) dc3.$(hostname -d) DNSFOREST >> As in dc5.your.dns.domain.tld ... >> >> Whats the result.? > The failure is still present -- no change in the output of the command:

On 23/07/15 16:23, mathias dufresne wrote: > Hi all, > > I tried "samba-tool ldapcmp" several times to solve this issue, without > success. > > On DC acting as full FSMO: > dc20:~# samba-tool ldapcmp ldap://dc00.ad.dgfip.lan > ldap://dc20.ad.dgfip.lan domain > ERROR(ldb): uncaught exception - ldb_wait: Time limit exceeded (3) > File

Hi all, It seems "samba-tool ldapcmp" does not support too much items in Samba's database. Playing for a while with DB I was never able to run ldapcmp successfully. So yesterday I installed a platform to fill piece by piece my two small DCs and to run ldapcmp. The process follows. Test platform: 2 DCs using Debian 8.1 "net install" with only system tools, up to date,

I went and got the newest (upped recently) script. No love. I removed the email address line to get more command line output. root at dc01:~# ./samba-check-db-repl.sh Running with with console output Running : /usr/bin/samba-tool ldapcmp --filter='whenChanged' ldap://dc01 ldap://dc02.dtsh***m.dt. Please wait.. this can take a while.. Failed to bind - LDAP error 49

When I run ./samba-check-db-repl.sh script I am getting the following: root at dc01:~# ./samba-check-db-repl.sh Failed to bind - LDAP error 49 LDAP_INVALID_CREDENTIALS - <SASL:[GSS-SPNEGO]: NT_STATUS_LOGON_FAILURE> <> Failed to connect to 'ldap://dc02.dtsh**m.dt.' with backend 'ldap': (null) ERROR(ldb): uncaught exception - None File

Am 16.07.2015 um 17:18 schrieb Rowland Penny: > On 16/07/15 13:27, Reindl Harald wrote: >> >> Am 16.07.2015 um 14:02 schrieb Rowland Penny: >>> /etc/hosts should be: >>> >>> 127.0.0.1 localhost.localdomain localhost >> >> uhm no - you want 127.0.0.1 normally resolved to localhost and hence >> 127.0.0.1 localhost

Hi all, I tried "samba-tool ldapcmp" several times to solve this issue, without success. On DC acting as full FSMO: dc20:~# samba-tool ldapcmp ldap://dc00.ad.dgfip.lan ldap://dc20.ad.dgfip.lan domain ERROR(ldb): uncaught exception - ldb_wait: Time limit exceeded (3) File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, in _run return

I upped 1.0.4 of the script.. I added checks if no DC's are found, error message and exits script, so no python errors anymore, if i did it right. ;-) on both DC's do the following. and whats the output of : cat /etc/hosts cat /etc/resolv.conf and kinit Administrator SETDNSDOMAIN=`hostname -d` SETHOSTNAME=`hostname -s` SERVER_IP_ADRESS=`hostname -i` echo "Test domainname:

The following commands work on both DC: host -t A <short_hostname_of_other_DC> host -t A <fqdn_hostname_of_other_DC> hostname and hostname --fqdn are working on both DC.The simplest way is to not declare external IP /etc/hosts SRV DNS entries which are working are: host -t SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.domain.tld host -t SRV

Hello Samba Friends, I have a single DC (we'll call it, "DC1") that simply will not take my password when I run this command:? #samba-tool ldapcmp ldap://dc2 ldap://dc3 -Uadministrator? Or this command:? #samba-tool ldapcmp ldap://dc1 ldap://dc2 -Uadministrator? I basically get this:? > Password for [SAMDOM\administrator]:? > Password for [SAMDOM\administrator]:?

Here I obtained: --------------------- * Comparing [DOMAIN] context... Failed search of base=DC=ad,DC=domain,DC=tld ERROR(ldb): uncaught exception - LDAP client internal error: NT_STATUS_UNEXPECTED_NETWORK_ERROR File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File

Hi Mourik, whenChanged was replicated in my test once I did replicate in both way, so it seems to me it is supposed to be replicated... Then the fact it is not always replicated seems to me an issue. Perhaps a bug report for these two issue (whenChanged not always replicated and ldapcmp hanging once DB is too much filled) would be the right way to proceed... Cheers, mat 2015-09-03 10:42

Hi Mathias, I am under the impression that whenChanged is one of the fields that do not replicate. Therefore we run ldapcmp like: samba-tool ldapcmp ldap://dcX ldap://dcY --filter=whenChanged Hope that helps, MJ On 09/01/2015 02:45 PM, mathias dufresne wrote: > Hi all, > > It seems "samba-tool ldapcmp" does not support too much items in Samba's > database. >

On 23/04/15 16:22, Bob of Donelson Trophy wrote: > > > I went and got the newest (upped recently) script. No love. > > I removed the email address line to get more command line output. > > root at dc01:~# ./samba-check-db-repl.sh > Running with with console output > Running : /usr/bin/samba-tool ldapcmp --filter='whenChanged' ldap://dc01 >

Thank you, Louis, for your reply. By simply asking me to provide outputs of the aforementioned files, I found the cause of my first problem (auth failing). It was my /etc/hosts file on dc1. All of them should look like this, and indeed DC2 and DC3's *did* look like this: # cat /etc/hosts > 127.0.0.1 ? ? ? localhost.samdom.mycompany.net ?localhost > 192.168.3.201