similar to: Using Samba AD/DC as an Active Directory OAuth provider for OpenShift

On 21/08/2020 21:40, vincent at cojot.name wrote: > On Fri, 21 Aug 2020, Rowland penny via samba wrote: > >> This works for me: >> >> rowland at devstation:~$ sudo ldapsearch -H >> ldaps://dc01.samdom.example.com -D 'SAMDOM\Administrator' -w >> 'xxxxxxxxxx' -b 'dc=samdom,dc=example,dc=com' >>

On 21/08/2020 20:08, Rowland penny via samba wrote: > On 21/08/2020 19:28, Vincent S. Cojot via samba wrote: >> >> Hi everyone, >> >> I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to >> use with OpenShift (a container platform to which RedHat contributes >> - aka OCP). I'm also not too skilled on LDAP even though I've been

On Fri, 2020-08-21 at 17:51 -0400, Vincent S. Cojot via samba wrote: > Hi Rowland, > > First of all, thank you for taking the time to help me. > I tried your suggestion and all results came up empty. > > Then I did a few lapdsearch(es) and found this: > > 1) This query returns two users: > ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D >

Hi Rowland, Sorry about that, the site appears down (for me). Here's another link (although on OCP3.11) https://developers.redhat.com/blog/2019/08/02/how-to-configure-ldap-user-authentication-and-rbac-in-red-hat-openshift-3-11/ Vincent On Fri, 21 Aug 2020, Rowland penny via samba wrote: > On 21/08/2020 19:28, Vincent S. Cojot via samba wrote: >> >> Hi everyone, >>

On 21/08/2020 22:08, Rowland penny via samba wrote: > On 21/08/2020 21:40, vincent at cojot.name wrote: >> On Fri, 21 Aug 2020, Rowland penny via samba wrote: >> >>> This works for me: >>> >>> rowland at devstation:~$ sudo ldapsearch -H >>> ldaps://dc01.samdom.example.com -D 'SAMDOM\Administrator' -w >>> 'xxxxxxxxxx' -b

Hi Andrew, Hi Rowland, I just spent close to one hour debugging this with one OpenShift specialist from RedHat. What we figured was: 1) both of my configs work (auth and group-sync) and are in fact correct. 2) OCP group sync does not sync the groups that have no explicit 'member' Attribute or groups that are 'default' groups (E.g: 'Domain Users') where membership is

On 21/08/2020 19:28, Vincent S. Cojot via samba wrote: > > Hi everyone, > > I have a working Samba AD/DC (4.12.6 on RHEL7.8) setup I'm trying to > use with OpenShift (a container platform to which RedHat contributes - > aka OCP). I'm also not too skilled on LDAP even though I've been > running the above for over two years now.. > > There are typically two

Hi Denis, Thanks for taking the time to answer. Yes, I may have been wrong with --forced-sync and --full-sync since the start but in fact I wanted to make sure to force replication between the servers. Here is what I have noticed: - replication works from dc00 -> dc00 but not from dc01 -> dc00: [root at dc00 ~]# samba-tool drs replicate DC01 DC00 dc=ad,dc=lasthome,dc=solace,dc=krynn

On Tue, 22 Jan 2019 14:20:21 -0500 (EST) "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > > Hi All, > > On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 > and 03 are gone), I've noticed the following errors which I am unable > to fix.. Any hints? > > * Basic dbcheck is clean. > > [root at dc00 ~]# samba-tool

Hi All, On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 and 03 are gone), I've noticed the following errors which I am unable to fix.. Any hints? * Basic dbcheck is clean. [root at dc00 ~]# samba-tool dbcheck Checking 327 objects Checked 327 objects (0 errors) * Cross-NCS shows two errors related to a de-comissionned DC (dc02) and cannot auto-fix this.. How do I fix

On Tue, 22 Jan 2019 15:19:10 -0500 (EST) "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > On Tue, 22 Jan 2019, Rowland Penny via samba wrote: > > > On Tue, 22 Jan 2019 14:20:21 -0500 (EST) > > "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > > > >> > >> Hi All, > >> > >>

On Tue, 22 Jan 2019, Rowland Penny via samba wrote: > On Tue, 22 Jan 2019 14:20:21 -0500 (EST) > "Vincent S. Cojot via samba" <samba at lists.samba.org> wrote: > >> >> Hi All, >> >> On my two-DC setup (dc00 and dc01 - Used to be a 4-Dc setup but 02 >> and 03 are gone), I've noticed the following errors which I am unable >> to

Hi All, I know RHEL has bad press here but I'd like to share a different opinion (works for me) and maybe share some of my settings. BTW, Those views are my own, not those of my employer. I run a small AD at home. The setup is as follows: - two AD DCs (RHEL7.6 KVM virtual machines + Samba 4.8.7 rpms based on SPECs from TranquilIT/Fedora). - several Win10 laptops joined to the domain. -

Hi all, I'm running in circles trying to debug replication failures on samba 4.7.6: dc00 : is a VM on KVM host (attached to a bridge on local LAN) dc01 : is a similarly configured VM on another KVM host. I've forcibly demoted and re-promoted dc01 but I still cannot get automatic replication to work: root at dc00 ~]# samba-tool drs showrepl Krynn\DC00 DSA Options: 0x00000001 DSA

On Wed, Jun 12, 2019 at 4:38 AM Rowland penny via samba <samba at lists.samba.org> wrote: > > On 10/06/2019 16:04, vincent at cojot.name wrote: > > > > There is probably some amount of redtape on this but AFAIK it works > > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > > through use of realm '(and thus sssd): > > > >

There is probably some amount of redtape on this but AFAIK it works fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs through use of realm '(and thus sssd): Here's a RHEL7.6 client: # realm list ad.lasthome.solace.krynn type: kerberos realm-name: AD.LASTHOME.SOLACE.KRYNN domain-name: ad.lasthome.solace.krynn configured: kerberos-member server-software:

On 10/06/2019 16:04, vincent at cojot.name wrote: > > There is probably some amount of redtape on this but AFAIK it works > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > through use of realm '(and thus sssd): > > Here's a RHEL7.6 client: > # realm list > ad.lasthome.solace.krynn > ? type: kerberos > ? realm-name:

Hi Vincent, > I'm running in circles trying to debug replication failures on samba 4.7.6: > > dc00 : is a VM on KVM host (attached to a bridge on local LAN) > dc01 : is a similarly configured VM on another KVM host. > > I've forcibly demoted and re-promoted dc01 but I still cannot get > automatic replication to work: > > root at dc00 ~]# samba-tool drs showrepl

Hi, I'm trying to install OpenShift Origin on a CentOS 7 host (just for initial testing), and I'm trying to follow the instructions from here: https://wiki.centos.org/SpecialInterestGroup/PaaS/OpenShift-Quickstart On that page we need to run: "atomic-openshift-installer install" to configure OpenShift... after run the script it throws this errors: Failure summary:

On 15 February 2018 at 12:31, Antonio da Silva Martins Junior <asmartins at uem.br> wrote: > Hi, > > I'm trying to install OpenShift Origin on a CentOS 7 host (just for > initial testing), and I'm trying to follow the instructions from here: > https://wiki.centos.org/SpecialInterestGroup/PaaS/OpenShift-Quickstart > > On that page we need to run: