similar to: Samba rejecting authentication from Windows machines

Displaying 20 results from an estimated 5000 matches similar to: "Samba rejecting authentication from Windows machines"

2023 Jul 20
1
Samba rejecting authentication from Windows machines
On 20/07/2023 14:28, Kothe Patrik via samba wrote: > Hi everybody. > > First a short overview of our setup: > > We have 2 Samba DCs in Domain 1 > We use a Windows 10 Pro VM for the RSAT Tools which we access via RDP > We have 1 Windows Server 2012 DC for Domain 2 > Between Domain 1 and 2 is a Trust for cross-domain file share access > > Since the last reboot of our
2023 Jul 20
1
**[EXTERNAL]**Re: Samba rejecting authentication from Windows machines
What version of Samba are the DCs running and on what OS ? --> They're still running on 4.13.17 and Debian 10 since that's the pre-packed version we started with and didn't dare to upgrade so far. Was anything updated on any of the machines ? If so, what ? --> No. We had our monthly maintenance window but there were no upgrades to the Samba DCs This could be more
2023 Jul 20
0
Fwd: **[EXTERNAL]**Re: **[EXTERNAL]**Re: Samba rejecting authentication from Windows machines
Okay so the issue with the RSAT-VM really came from this Security update so this is solved, thanks again! The issue with the trust still exists and it doesn't seem to have anything to do with the recent update. Some additional info: When trying to validate the trust from the Samba-Domain to the Windows-Domain while using the RSAT-VM I get the following error: The secure channel (SC)
2015 Sep 03
2
Reverse domain
How is the reversed domain handled, or is it not. Rowland, you did not have that in your sample you cobbled together. In /usr/share/samba/setup/named.conf there is: zone "123.168.192.in-addr.arpa" in { type master; file "123.168.192.in-addr.arpa.zone"; update-policy { grant ${REALM_WC} wildcard *.123.168.192.in-addr.arpa. PTR;
2019 Mar 08
2
ipconfig /registerdns & PTR Records
Hello $LIST, i setup a new clean domain to examine the feature of updating/creating PTR records. When i call ipconfig /registerdns on the client i get this entry in the windows eventlog (sorry german) Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für den Netzwerkadapter mit den folgenden Einstellungen: Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117}
2019 Jan 11
3
samba_dnsupdate options: --use-samba-tool vs. --use-nsupdate, and dhcpd dynamic updates
On Friday, January 11, 2019 1:39 PM, Rowland Penny via samba <samba at lists.samba.org> wrote:   > There doesn't seem to be anything really wrong there,the only really > difference between your named.conf and mine is that I have: >  >     dnssec-validation no; >     dnssec-enable no; >     dnssec-lookaside no; >     listen-on-v6 { none; }; >     listen-on port 53
2019 May 02
2
Possibly WERR_DS_DRA_ACCESS_DENIED or NT_STATUS_CANT_ACCESS_DOMAIN_INFO
So we have two different Samba servers we are trying to connect to what was originally a Windows 2003 AD and was raised to 2008R2 (both Forest and Domain). (We really only need to connect one of them - the one hosting Samba 4.7.6). Any ideas or suggestions are helpful! We've scoured the lists (Rowland - you are amazing), but still not found what is wrong (we think it is probably a config
2019 May 02
2
Possibly WERR_DS_DRA_ACCESS_DENIED or NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Thank you for the quick response: root at DC2:~# rm -rf /etc/samba/smb.conf root at dc2:~# ll /etc/samba/ [The lmhosts file I created trying to troubleshoot: touch /etc/samba/lmhosts. It hasn't been touched.] total 52 drwxr-xr-x 4 root root 4096 May 2 12:57 ./ drwxr-xr-x 135 root root 12288 May 2 11:05 ../ drwxr-xr-x 2 root root 4096 May 2 09:56 etc/ -rw-r--r-- 1 root root
2016 Sep 14
1
Exporting keytab for SPN failure
> On Sep 14, 2016, at 12:57 PM, Achim Gottinger <achim at ag-web.biz> wrote: > > > > Am 14.09.2016 um 18:23 schrieb Michael A Weber: >> >>> On Sep 14, 2016, at 10:44 AM, Achim Gottinger via samba <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 05:53
2009 Apr 05
2
Prohibit removing INBOX
Hello list, I'm using dovecot 1.1.11 and I'm going to prohibit users to remove their INBOX and some other directories in the mailbox root. I used Access Control Lists (http://wiki.dovecot.org/ACL) to do this: protocol imap { mail_plugins = acl } plugin { # With global ACLs in /etc/dovecot/acls/ directory: acl = vfile:/etc/dovecot/acls } /etc/dovecot/acls/.DEFAULT: owner
2018 Dec 12
2
doveadm proxy list repeats header line
Hi all, just a minor thing: Why does `doveadm proxy list` repeat the header line after each entry? Too me, that just makes the output harder to read. So instead of this: root at mail1 ~ # doveadm proxy list username proto src ip dest ip port info at domain1.de imap 80.152.196.98 222.133.127.53 993 username service src-ip dest-ip
2019 May 02
3
Possibly WERR_DS_DRA_ACCESS_DENIED or NT_STATUS_CANT_ACCESS_DOMAIN_INFO
I have read that so many times. I started out with the simple, prompted 'samba-tool domain join' and built up from there. Version is: Samba 4.7.6 from Ubuntu (18.04.2) Interesting what happens when I take out --site directive (see below). root at DC2:~# samba-tool domain join DOMAIN1.DOMAIN DC --username='DOMAIN1\EnterpriseAdminUser' --realm='DOMAIN1.DOMAIN'
2016 Sep 14
5
Exporting keytab for SPN failure
> On Sep 14, 2016, at 10:44 AM, Achim Gottinger via samba <samba at lists.samba.org> wrote: > > > > Am 14.09.2016 um 05:53 schrieb Michael A Weber via samba: >> Experts— >> >> I’m attempting to export a keytab for a created SPN on the AD DC machine but I’m receiving an error: >> >> ERROR(runtime): uncaught exception - Key table entry not
2016 Sep 26
2
named ( bind 9.9.4 ) fails to start
Hi, I removed a couple of dead DC's from my domain using this command: samba-tool domain demote --remove-other-dead-server=<dc name> I then restarted named on the remaining server, but it failed to start with the following errors in messages: named[30255]: samba_dlz: configured writeable zone 'x.x.x.in-addr.arpa' named[30255]: samba_dlz: configured writeable zone
2019 May 03
1
Possibly WERR_DS_DRA_ACCESS_DENIED or NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Hai James, An other question, is exchange installed in the windows environment? If not thats only good. Ok you need some rewriting some parts i see several things you need to fix. I'll comment below. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > James Fowler via samba > Verzonden: donderdag 2 mei 2019
2011 Oct 25
1
ssh-agent use in different security domains
Consider this topology domain1-server1 domain2-server2 | | laptop - domain1-server1 ---- domain2-server1 Laptop has two ssh identities, domain1 and domain2. I don't wish to store identity locally in any of the servers. As far as I understand, there isn't any way to limit ssh-agent to allow only signing
2013 Nov 05
2
Winbindd and Domain local groups
Hi, I have been trying to use Winbindd in SLES 11 SP3 (Samba version 3.6.3-17.25.1) to fetch AD (Windows 2008 R2) identities into the Linux box and currently running into some problem w.r.t domain local groups and thought I could get some help here.. I have a two domain setup, in which DOMAIN1 is the parent domain and DOMAIN2 is the child domain. I have 2 users DOMAIN1\user1, DOMAIN2\user2 and
2006 Oct 05
1
quota dict (mysql)
Hi, I have dovecot configured to make use of the dict (mysql) plugin in order to keep track of the used quota. First, as you can see in the mysql table output below it seems that values aren't stored correctly. Secondly I get all kinds of database related errors in my mail logs. The (relevant) sections of the configuration files are also included below. My question is, what am I doing wrong?
2016 May 18
2
ISC's dhcp server, radvd and bind9 now adding samba as an AD DC
So I had dhcp, radvd and bind working together nicely and now I threw in a wrench of setting up an AD DC I want to change my dhcp server setting to put client's into the new AD Domain but am a little hesitant as it is all working so nicely with DDNS I'm starting to think all I need to do is edit just my dhcpd.conf and change occurrences of DOMAIN1.SUBDOMAIN.TLD to
2019 May 02
3
Possibly WERR_DS_DRA_ACCESS_DENIED or NT_STATUS_CANT_ACCESS_DOMAIN_INFO
root at DC2:~# cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # and managed by Zentyal. # # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # nameserver 192.168.1.254 #search domain1.domain /etc/hostname cat /etc/hostname DC2 /etc/hosts root at DC2:~cat /etc/hosts 127.0.0.1 localhost.localdomain localhost 127.0.1.1