similar to: DC in trash...

Displaying 20 results from an estimated 10000 matches similar to: "DC in trash..."

2019 Oct 16
4
vfs_recycle permission bug?!
Samba 4.8 (Louis debian repo), DM. Today i've had to recovery a deleted file in that share, that use 'vfs_recycle' modules: [Work] comment = Spazio di Lavoro Utente map acl inherit = Yes path = /srv/work read only = No store dos attributes = Yes vfs objects = acl_xattr recycle full_audit volume = Work full_audit:failure = none full_audit:success = mkdir rmdir read pread
2019 Oct 01
5
Upgrade DC 4.5 -> 4.8, timings?
I've read all docs on upgrades, from wiki to Louis notes, and i think i'm ready to upgrade. First step, move from stretch to jessie, and from 4.5 to 4.8, upgrade in place. But having a domain with 6 DCs, i'm a bit scared to upgrade all DC in one turn, and i'm think about something like: a) upgrade DC with FSMO roles, then wait 1-2 day to spot troubles b) then upgrade all DC in
2019 Aug 28
4
[OT?] W10, SYSTEM, guest access.
[ I've just asked abut that, here, but now seems a simpler things, so i retry... ] This seems NON a samba touble, but a different behaviour in M$ client OS. But, really, i've not clue how to find an answer... Suppose to have a Win7 and a Win10 machine, both NOT joined to a domain. Suppose to have a share, with guest access enabled, where only readonly access are needed. Suppose also
2019 Sep 13
4
NT domain, Win10 1903 and profiles...
Not only NT domains, but also Samba 3.6! Wow! I'm a retro-sysadmin! ;-) I know i'm asking a rather hard thinks but... we are upgrading, but also solving some troubles. We have ''decently'' integrated some W10 1803 in a NT domain, but now with some other 1903 there's no way to make roaming profiles work. Looking at samba logs, seems that the client don't try at
2019 Jun 26
2
<printername>.tdb error management...
Sometimes (rarely, very rarely) i spot a <printername>.tdb error that seems to prevent the communication between samba and CUPS. In log i see: [2019/06/26 15:15:49.633876, 0] ../source3/lib/util_tdb.c:316(tdb_log) tdb(/var/cache/samba/printing/sml5010-2.tdb): tdb_rec_read bad magic 0x25 at offset=26096 the only solution i've found, pretty drastic, is: systemctl stop
2019 Oct 17
3
Offline logon and NSS...
Mandi! Rowland penny via samba In chel di` si favelave... > Yes, somebody moved the cache to a different directory and it now gets wiped > every time Samba is restarted, we have a bug report for it:? > https://bugzilla.samba.org/show_bug.cgi?id=14074 Ok, thanks. I suppose that cache get controlled by: idmap cache time = 604800 winbind cache time = 300 so, for a portable system,
2019 Oct 17
3
Offline logon and NSS...
Mandi! Rowland penny via samba In chel di` si favelave... > > Considering a 'full offline' DM client (supposing a portable), there's > > a 'winbind permanent nss cache' or a general nss cache (like > > nss-updatedb): > > https://wiki.debian.org/LDAP/NSS#Offline_caching_of_NSS_with_nscd > > have to be used? Thanks. > No, you cannot use
2019 Nov 07
3
Samba, Debian and upgrade path...
Yesterday, after a long run, i've finally upgraded my DCs to stretch/samba4.9, using Louis repos. Hurrah! ;-) Looking forward, eg: http://apt.van-belle.nl/debian/dists/ seems to me that i can advance to 4.10 in stretch, but to go further i need buster (probably because of python deps, right?). Louis, i think we need a matrix of debian-samba compatibility... ;-) -- dott. Marco Gaiarin
2019 Oct 17
4
Offline logon and NSS...
I'm revising some docs, and i've returned on the 'offline logon' tema. Looking at: https://wiki.samba.org/index.php/PAM_Offline_Authentication and smb.conf manpage, it is clear that 'offline logon' is a pam/authentication only, does not involve NSS. Considering a 'full offline' DM client (supposing a portable), there's a 'winbind permanent nss
2019 Oct 01
3
Removed a DC but...
Some month ago a local branch office closed; the local branch had a DC, that i've simply removed the dc with: samba-tool domain demote --server=vdcsv1.ad.fvg.lnf.it -U gaio (see https://lists.samba.org/archive/samba/2019-February/221195.html) But this leave some old DNS records, eg: root at vdcsv1:~# host -t SRV _kerberos._udp.ad.fvg.lnf.it | awk '{print $NF}'| sed
2020 Sep 11
4
Winbind offline cache and strangeness...
I've setup a portable system (ubuntu 16.04) joined to my AD domain, that in their primary network works as expected. But in this 'COVID time', the portable start to roam around, and users say me that, suddenly after some days of use, get incredibly sloooowww... after that users reboot, and cannot get back in, login refused. I've setup a VPN, but clearly if users cannot login
2019 Oct 02
3
Upgrade DC 4.5 -> 4.8, timings?
Hai Marco. Just upgrade it. ;-) It's not needed to move FSMO roles, in the last 4 years of upgradeing.. I did that exactly... 0 times. Steps shown work fine. ;-) Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Marco Gaiarin via samba > Verzonden: woensdag 2 oktober 2019 11:29 > Aan: samba at
2020 Jan 07
4
'check password script' timeout, diferences between AD and NT mode?
Here we use a (custom-made, internal) password propagation system, hooked around 'check password script'. Recently we suffer a network outgage (another one ;-), and the system that take care of password propagation goes offline. + NT domains continue to work, clearly password not propagate + AD domain stop to work (eg, users password change on windows stop to work), because the
2020 Sep 06
2
pam_mount in 'newer samba'...
Sorry for a rather 'unifornative' subject, but i've little o no clue on this. I'm using at work 'pam_mount' with a rather standard configuration to mount via CIFS/SMB user's home directory, from a samba AD member server. This configuration is a bit 'old' (mint sonya, AKA Ubuntu 16.04 as a client, so samba 4.3; debian and samba 4.8 as a server), but work
2019 Dec 06
2
Backing up tdb files
Mandi! Rowland penny via samba In chel di` si favelave... > Then you only need to backup your smb.conf and your LDAP, the tdb files will > be recreated from ldap. AFAIK minus: a) 'smbpasswd -w', samba need to know how to access OpenLDAP. ;-) b) rights ('net rpc rights'). c) printers (per se, but in particular printer drivers), if you use it d) policy ('pdbedit
2020 Sep 15
1
Winbind offline cache and strangeness...
Mandi! Data Control Systems - Mike Elkevizth via samba In chel di` si favelave... > 4.7.6) which also doesn't work. If you are only using it to authenticate > to an AD controller, you should switch to using sssd. I have multiple Some hints on docs to follow? Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia''
2020 Feb 05
4
Samba, ACLs and 'primary group'...
My previous email on this topic get no answer, i try to explain me better. The problem. Simply i was (ab)used, in my previous samba NT-mode domains, to have file created with the group-owner as the UNIX primary group; now, in AD, files get created group-owned by Windows primary group, eg 'Domain Users'. This simply 'breaks' most of my ACLs setup. I've read:
2019 Jan 17
4
Winbind, cached logons and 'user persistency'...
Hai Marco, Maybe the winbind cache time is set to low for this. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Marco Gaiarin via samba > Verzonden: donderdag 17 januari 2019 15:55 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Winbind, cached logons and 'user > persistency'... >
2019 Nov 15
3
Account locked and delayed user data propagation...
I need to do some testing, but before to hit by head on a known wall, i ask here. My AD domain get used (via PAM/Winbind) to give access to some other dervice, most notably here dovecot. When password expire (or users change it) the MUA try the old password some times, then ask for a new password; users cleraly get scared, press randomly 'OK' or 'Cancel', but if they press 2-3
2019 Sep 19
3
Script to sync xID/idmap.ldb, some questions...
I'm scripting the ''replica'' of DC xID db (idmap.ldb) between DCs, following: https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings but i've two question. 1) because i've just in place the sysvol replica, i've thinked of copying the 'idmap.ldb.bak' file on sysvol share (in debian,