Displaying 20 results from an estimated 10000 matches similar to: "maximum ad domain controller unavialability time"
2020 Apr 14
1
maximum ad domain controller unavialability time
I speak about working controller, not about powered off, but network
segment doesn't available to other controllers, for pdc emulator, and
controller is available for workstations at this network segment.
14.04.2020 13:00, L.P.H. van Belle via samba ?????:
> Why would you have a server (DC) that long powered off, it for sure will give delays and less response of the network.
> But you
2020 Apr 14
0
maximum ad domain controller unavialability time
Why would you have a server (DC) that long powered off, it for sure will give delays and less response of the network.
But you could turn it off as long as you want, once it powers up it will sync the AD again.
So no, the controller is not removed from you domain. You need todo that manualy.
I suggest you read:
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC
And not, dont forget if
2020 Apr 14
0
maximum ad domain controller unavialability time
HI Valery
A DC is never "removed" automatically from AD, but, at least from the
Windows perspective, the longest period would be the tombstone lifetime.
After this has passed, the DC would have objects "lingering", as the
deletion of an object could have already occurred at other DCs and then
the marker of the deletion itself removed, which of course means there
is no way
2016 Jun 28
6
unique index violation on objectSid
27.06.2016 18:45, mathias dufresne:
> Perhaps you don't have yet duplicate objectSid as that's not supposed to be
> possible.
> Rather than scripting something to look for objectSid used twice I would
> start with dbcheck and other tools to verify that your database is
> consistent and identical on all servers.
[root at pdc ~]# samba-tool dbcheck
Checking 3346 objects
2016 Jun 28
1
unique index violation on objectSid
Hi Valery,
First thank you for this detailed information about your searches. I find
them very interesting.
Here I'm thinking of two workarounds. The first one would be to list
deleted objects RIDs, to verify RID=2002 is really the last one used, being
sure there is no deleted object with RID=2003 and so on. Then once you get
the last RID used, you could change RidNextRid to match this
2016 Nov 24
2
domain member with winbind, slow smbcacls or smbclient listing
Hi, all!
When I launch (again and again)
smbcacls "//myfileserver/share" "" -U user -W domain
or
smbclient "//myfileserver/share" -U user -W domain -c "ls",
in tcpdump output at myfileserver I see multiple calls to controller via
ldap, therefore these commands are executed slowly.
When I run getent groups at myfileserver, all worked fine, and tcpdump
2016 Jun 27
2
unique index violation on objectSid
Hi all!
Today, after two years of production, I get this error:
samba-tool user create test20160627 testpassword
ERROR(ldb): Failed to add user 'test20160627': -
../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index objectSid in
CN=test20160627,CN=Users,DC=ad... - ../lib/ldb/ldb_tdb/ldb_index.c:1148:
unique index violation on objectSid in CN=test20160627,CN=Users,DC=ad...
Help me
2016 Sep 13
2
create new child windows domain in existing samba forest
Hello guys. Continuing Zhuchenko Valery question,I would like to know if someone from the list has deployed a child domain in samba 4.
I have a samba 4 domain controller running on gentoo.My goal is to set up a domain and authentication domain only. But I need a root domain forest and a child domain.I am using verion 4.2.11I would like to know if someone has accomplished this either using dcpromo
2024 Jul 29
2
share enumeration, samba-dcerpcd, variable %i
hi, samba team and other,
client software calls samba and samba reads /etc/samba/smb.conf where
some parameter contains variable %i (client ip address), but when samba
calls samba-dcerpcd, it again reads /etc/samba/smb.conf where some
parameter contains variable %i and at that moment %i is not client ip
address, it is equal 0.0.0.0
for example I need client ip1 and client ip2 to get
2018 Oct 30
1
NS records for all DCs, verifying and creating a DC DNS records
Hi, all!
There is no check of NS records in this document
https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record
For example, with two DCs at myzone
$ host -t NS myzone dc1 (or dc2, or myzone)
must return two records:
myzone name server dc1.myzone.
myzone name server dc2.myzone.
$ host -t NS _msdcs.myzone dc1 (or dc2, or myzone)
must return two records:
_msdcs.myzone name
2024 Jul 29
1
share enumeration, samba-dcerpcd, variable %i
Am 29.07.24 um 13:20 schrieb Zhuchenko Valery via samba:
> hi, samba team and other,
>
> client software calls samba and samba reads /etc/samba/smb.conf where
> some parameter contains variable %i (client ip address), but when samba
> calls samba-dcerpcd, it again reads /etc/samba/smb.conf where some
> parameter contains variable %i and at that moment %i is not client ip
2024 Jul 29
1
share enumeration, samba-dcerpcd, variable %i
Am 29.07.24 um 13:48 schrieb Zhuchenko Valery via samba:
> "hosts allow" about access to browseable share, I need different shares
> lists
How about "access based share enum" as a Machine is also just a user you
could use the "valid users" option.
2024 Jul 29
1
share enumeration, samba-dcerpcd, variable %i
"hosts allow" about access to browseable share, I need different shares
lists
29.07.2024 15:33, Christian Naumer via samba:
> Am 29.07.24 um 13:20 schrieb Zhuchenko Valery via samba:
>> hi, samba team and other,
>>
>> client software calls samba and samba reads /etc/samba/smb.conf where
>> some parameter contains variable %i (client ip address), but when
2024 Jul 29
1
share enumeration, samba-dcerpcd, variable %i
user may be same, but from client ip1 this user can't see shares, which
can see from client ip2.
need share enumeration by client ip
29.07.2024 16:20, Christian Naumer via samba ?????:
> Am 29.07.24 um 13:48 schrieb Zhuchenko Valery via samba:
>> "hosts allow" about access to browseable share, I need different
>> shares lists
>
> How about "access based
2024 Jul 29
1
[SPAM] Re: share enumeration, samba-dcerpcd, variable %i
Am 29.07.24 um 14:35 schrieb Zhuchenko Valery via samba:
> user may be same, but from client ip1 this user can't see shares, which
> can see from client ip2.
> need share enumeration by client ip
Have you checked if "hosts allow" in combination with "access based
share enum" does what you want?
2024 Jul 29
1
[SPAM] Re: share enumeration, samba-dcerpcd, variable %i
from ip1=192.168.222.96 and ip2=192.168.22.96 user zvn2 receive test in
list, hosts allow = 192.168.222.96 in config for share test and global
access based share enum = Yes, but I need share test in list only from
ip1=192.168.222.96
when ip1=192.168.222.96
$ smbclient -L 192.168.22.135 --use-kerberos=off -U zvn2%pppppppp -W .
?? ?Sharename?????? Type????? Comment
?? ?---------??????
2019 Jul 24
2
Error after upgrade NT_STATUS_INTERNAL_DB_CORRUPTION
Hi
samba-tool dbcheck
ERROR(<class 'KeyError'>): uncaught exception - 'No such element'
? File
"/opt/samba/lib/python3.6/site-packages/samba/netcmd/__init__.py", line
185, in _run
??? return self.run(*args, **kwargs)
? File
"/opt/samba/lib/python3.6/site-packages/samba/netcmd/dbcheck.py", line
141, in run
???
2019 Jul 24
2
Error after upgrade NT_STATUS_INTERNAL_DB_CORRUPTION
On 24/07/2019 17:05, Rowland penny via samba wrote:
> On 24/07/2019 16:01, Carlos via samba wrote:
>> Hi
>>
>> samba-tool dbcheck
>> ERROR(<class 'KeyError'>): uncaught exception - 'No such element'
>> ? File
>> "/opt/samba/lib/python3.6/site-packages/samba/netcmd/__init__.py",
>> line 185, in _run
>> ??? return
2019 Jan 25
3
Removing sites and DC...
I need to close a site. No, no people fired, i've defined sites and DC
because i hope that get (re)opened, but...
There's some care i need to have to remove a DC (clearly, without FSMO
roles)?
I've looked on wiki to 'remove a DC' but i was not able to find
something...
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra
2017 Oct 19
2
Tombstone Lifetime in samba 4.5+
Dear list,
Does anybody know how to lower the tombstone lifetime in samba 4.5 or
later? There used to be a wiki entry, but this has been deleted as it is
probably not adequate anymore:
https://wiki.samba.org/index.php/Restoring_deleted_AD_objects#Changing_the_defaults_for_msDS-deletedObjectLifetime_and_tombstoneLifetime
I used to change the attribute tombstoneLifetime in CN=Directory