similar to: [Fwd: Joining AD - wrong DNS name, wrong keytab]

Am Donnerstag, 10. März 2016, 10:41:34 CET schrieb mathias dufresne: Hi, Mathias and all thank you for your answer. > Hi all, > > SPN = servicePrincipalName > > A simple search returning all servicePrincipalName declared in your AD: > ldbsearch -H $sam serviceprincipalname=* serviceprincipalname > For me: ldbsearch -H /var/lib/samba/private/sam.ldb serviceprincipalname=*

Following up on this post for the benefit of the archives, I don't want to be another DenverCoder9! [1] I believe I have fixed this issue now (although I am at a loss to explain how it occurred in the first place). Hopefully I correctly figured out what SPNs should be present against each machine - I'm not an expert in this area, but am describing the process I went through below in the

Hi, I have 2 domain controllers with samba4, and i realized i have some missing spns for the second domain controller: > samba-tool spn list dc1$ dc1$ User CN=dc1,OU=Domain Controllers,DC=test,DC=pt has the following servicePrincipalName: ?? ? HOST/dc1.test.pt ?? ? HOST/dc1.test.pt/test[1] ?? ? ldap/dc1.test.pt/test[1] ?? ? GC/dc1.test.pt/test.pt[2] ?? ?

directory service replication does not work between windows DC and samba DC, as the samba DC has 2 identical WSMAN records samba-tool  spn list m7-arhiv$ m7-arhiv$ User CN=M7-ARHIV,OU=Computers M07,DC=example,DC=ru has the following servicePrincipalName:      HOST/M7-ARHIV      HOST/m7-arhiv.example.ru      RestrictedKrbHost/M7-ARHIV      RestrictedKrbHost/m7-arhiv.example.ru    

Hello, I've setup over 6 months ago samba 4 AD on centos 7.3 (self compiled from source). Up until now I didn't encounter any undocumented errors. I have 3 DC's (all samba 4.5.3) which are working pretty nice with over 60 windows clients. The issue I've stumbled upon is when I added Windows server Hyper-V hosts to the domain. Tried with Hyper-V from 2012, 2012r2 and new 2016

On Tue, 2023-04-04 at 09:37 +0200, Kees van Vloten wrote: > Op 04-04-2023 om 00:32 schreef Andrew Bartlett: > > > > > On Mon, 2023-04-03 at 15:08 +0000, Tim ODriscoll via samba wrote: > > > > > Unfortunately it's still erroring out: > > > (7) mschap: Creating challenge hash with username: host/SL-6S4BBS3.MYDOMAIN.co.uk > > > (7) mschap:

I’m unable to successfully join a Windows 2008 R2 server DC to my Samba4 domain. I’ve followed the steps on the wiki of joining a Server 2008 R2 DC to a Samba domain. After I reboot the domain controller, I receive a blue screen in regards to a corrupt AD database. I’ve tried Samba v4.6.7 and Samba 4.9.0pre1. Prior to the reboot, I see the following three events on the Windows DC: ----- Attempt

I have identified and fixed the problem! The wellKnownObject for the default computer container was missing! I’m wondering if this was a bug from an old version of Samba, as we provisioned the domain with Samba 4.0.3. I used ldbedit to manually modify the directory and add CN=Computers as the wellKnownObject default computer container. Windows 2008 R2 now joins successfully. Thanks, Justin

On Tue, 20 Nov 2018 13:17:58 +0000 Jonathan Hunter via samba <samba at lists.samba.org> wrote: > Hi, > > Does anyone have experience of using ldbedit or similar, to remove the > duplicates below? (Is that even the right way for me to go?) Can I > perhaps query something using ldbsearch, to find the duplicates, > before using ldbedit? > > On Sun, 18 Nov 2018 at

On Fri, 23 Oct 2020, Rowland penny via samba wrote: > On 23/10/2020 15:03, Tom Diehl via samba wrote: >> Hi, >> >> I have 2 DC's. One is running 4.10.18 and the other is running 4.11.14. >> I am planning on upgrading the 4.10.18 DC to 4.11.14 and then both up to >> 4.12r.latest. >> >> In doing this I ran samba-tool dbcheck --reindex and got

Hello, I have now spent 30 hours trying to get this working, so it's time to get some professinoal help. :) In a nutshell, I would like to have a sambda AD PDC that authenticates both Windows and Debian. On Linux, I would like to use SSSD. I have followed the steps on the wiki: - https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO -

Hello everybody, Fist a little about our setup. We have an Debian (7) Wheezy, now upgraded to Debian (testing) Jessie with Samba4 as PDC, Kerberos and LDAP - all provided through Samba4, and bind9 and isc-dhcp server for DDNS and DHCP, our environment is a mix of Linux (Debian Jessie), Mac (Maverick and Yosemite) and Windows 7 and 8.1 clients. The Windows clients use Samba and are all part of

I cannot add users to my server and after going through many google searches and trying several things here is an issue I have found at minimum a LDAP issue when comparing my primary and secondary domain controllers. I do not know how to repair it and that is why I am contacting the list. Below is the output of the comparison. Master: 4.2.0pre1-GIT-58865d9 Slave: 4.2.0pre1-GIT-815bde2 Thank

Hi, Does anyone have experience of using ldbedit or similar, to remove the duplicates below? (Is that even the right way for me to go?) Can I perhaps query something using ldbsearch, to find the duplicates, before using ldbedit? On Sun, 18 Nov 2018 at 21:37, Jonathan Hunter <jmhunter1 at gmail.com> wrote: > [...] > In my database, as reported by the domain join command above, I have

Hi Denis, Thanks for taking the time to answer. Yes, I may have been wrong with --forced-sync and --full-sync since the start but in fact I wanted to make sure to force replication between the servers. Here is what I have noticed: - replication works from dc00 -> dc00 but not from dc01 -> dc00: [root at dc00 ~]# samba-tool drs replicate DC01 DC00 dc=ad,dc=lasthome,dc=solace,dc=krynn

Quoting Dan Oriani via samba <samba at lists.samba.org>: > Hello all, I'm kind of pulling my hair out over here. > > > > I'll preface this by saying that I'm using the latest version of Samba > packaged in Debian Stretch as my domain controller. Currently, I'm trying to > build an infrastructure where I can deploy a new virtual machine, then have

Thank you very much Louis, Rowland, Mike ! I have made all the changes proposed by Louis but still have the same problem. -> kinit works now with /var/lib/samba/private/secrets.keytab ------------------------ ~# kinit -k -t /var/lib/samba/private/secrets.keytab FICHDC$ ~# ------------------------ -> but samba-tool authentication with machine account fail : ------------------------ ~#

> Hi Mark, can I ask just what you are trying to achieve ? Well, it's rather simple. I want to remove a domain member from the domain. Normally, I do that with ADUC, no problem. But for some reason I was having trouble with ADUC (since resovled, magically), so I thought I'd try the same thing using samba-tool. That's it really. You wrote further: > I hope you can see that

Talking to myself again ;-) Samba-tool is working a little bit different then the silo/policy management on a Windows-DC. On a Windows-DC after assigning the user and host to the silo you have to assign the silo to the user and the host. When assigning the user and host to the silo with samba-tool, the assignment to the user and the host will be done at the same time. So now my policy looks

2016-07-04 4:40 GMT+02:00 Juan Garcia <juan at ish.com.au>: > Hi, >> >> Try to add "rdns = false" in krb5.conf on SERVER1. >> >> Hi Mathias, > > Thanks for your reply I have tried that option but same issues. This is > getting worst now. Not sure what else to do, any other test/changes you > advise me to do? Right now I'm out of ideas.