similar to: Samba Kerberos issue just cropped up with a node as of Samba 4.19.1

On 29/10/2019 00:47, Zombie Ryushu via samba wrote: > I am having issues with Samba DC replication between two directly > connected DCs. > > I don't understand what is wrong or how to fix it. Can someone advise? > > $ sudo samba-tool drs showrepl > Default-First-Site-Name\OLYMPIA > DSA Options: 0x00000001 > DSA object GUID: 50507d18-c8ee-4ef4-bbda-4d0d9bc31caa >

On 10/29/19 6:14 AM, L.P.H. van Belle via samba wrote: > I'm pretty sure this is a resolving problem. > > Can you verify this: > https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record > Especialy these : for both guids and cross check if from both servers. > host -t CNAME 50507d18-c8ee-4ef4-bbda-4d0d9bc31caa._msdcs..... > > Can you post from both

I'm pretty sure this is a resolving problem. Can you verify this: https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record Especialy these : for both guids and cross check if from both servers. host -t CNAME 50507d18-c8ee-4ef4-bbda-4d0d9bc31caa._msdcs..... Can you post from both server. /etc/hosts /etc/resolv.conf host servername host fqdn host servername @dns othere

I am having issues with Samba DC replication between two directly connected DCs. I don't understand what is wrong or how to fix it. Can someone advise? $ sudo samba-tool drs showrepl Default-First-Site-Name\OLYMPIA DSA Options: 0x00000001 DSA object GUID: 50507d18-c8ee-4ef4-bbda-4d0d9bc31caa DSA invocationId: d7f3c683-fcf2-473c-be01-a6f58af6cb88 ==== INBOUND NEIGHBORS ====

> > It looks like DNS is failing, does /etc/resolv.conf look like this: > > search home.rob-campbell.lan > nameserver A.DC.IPADDRESS > This is what it looks like in this order (if that matters) nameserver 10.0.0.10 nameserver 10.0.0.1 search HOME.ROB-CAMPBELL.LAN > > While you are checking, does /etc/hosts contain a line like this: > > computers_ip computers FQDN

Getting this error when trying to join computer to the domain. I just built a new debian computer for gaming and photo and video editing. I went through the same process as I did before (I created a script to do all of the things I did in the past) net ads join -U administrator Password for [HOME\administrator]: Failed to join domain: failed to find DC for domain HOME - The object was not found.

Release Announcements --------------------- This is a security release in order to address the following defects: o CVE-2023-3961:? Unsanitized pipe names allow SMB clients to connect as root to ????????????????? existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html o CVE-2023-4091:? SMB client can truncate files to 0 bytes by opening files

Release Announcements --------------------- This is a security release in order to address the following defects: o CVE-2023-3961:? Unsanitized pipe names allow SMB clients to connect as root to ????????????????? existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html o CVE-2023-4091:? SMB client can truncate files to 0 bytes by opening files

Hello! > net rpc rights grant "MYDOMAIN\Unix Admins" SeDiskOperatorPrivilege -U > > "MYDOMAIN\Administrator" > > Enter MYDOMAIN\Administrator's password: > > Could not connect to server 127.0.0.1 > > > Not sure where to go from here, if I run the command I get this: > > pi at raspberrypi:~/tests $ net rpc rights grant "SAMDOM\Unix

Hi, on our samba 4 domain member server we use the vfs objects module 'recycle'. Unfortunately we ran into a strange permission problem with deleted folders. The newly created folders in the recycle folder have the wrong permission. The deleted file(s) itself has the correct group (rw) permissions. The shares correct permissions: getfacl Papierkorb/ # file: Papierkorb/ # owner: root #

Hello all, I am trying to find out how the AAAA records are added in my SambA AD DC setup but it is not clear how they should be added. Here are my zones: ? pszZoneName???????????????? : 56.168.192.in-addr.arpa ? Flags?????????????????????? : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE ? ZoneType??????????????????? : DNS_ZONE_TYPE_PRIMARY ? Version???????????????????? : 50 ?

On Tue, 23 Apr 2019 19:27:21 +0000 Rogerio Bettini via samba <samba at lists.samba.org> wrote: > Hi, > I'm not able to join a windows XP machine in samba AD DC. This XP > machine is a VM. No problems when joining Windows 10 machines to this > DC. > > On XP machine, after inserting the Administrator username\password to > join the domain, the error message is -

I believe you are hitting multiple things. 1. a bug in smblcient involving that kerberos cache. I seen something passing by on this. 2. krb5.conf has to much in it, just not needed. 3. faulty smb.conf. Its incomplete. But more comment below. > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden:

Hello all. I'm encountering an issue where smbclient seemingly ignores the kerberos ccache as configured in krb5.conf when using "krb5-user" as the kerberos package and will instead always default to using "FILE:/tmp/krb5cc_uid". I tested each valid default ccache name type but smbclient completely ignores whatever is set as the "default_ccache_name" in the conf

Am 12.01.23 um 14:03 schrieb Rowland Penny via samba: > On 12/01/2023 12:51, Rowland Penny via samba wrote: >> On 12/01/2023 12:28, Thorsten Marquardt via samba wrote: >>> srv-kb-dc1:~ # klist >>> Ticket cache: DIR::/run/user/0/krb5cc/tkt >> What OS is this ? the old host: srv-kb-primdc:~ # cat /etc/os-release NAME="openSUSE Leap"

On Fri, 8 Sep 2023 16:46:54 -0400 Rob Campbell via samba <samba at lists.samba.org> wrote: > Getting this error when trying to join computer to the domain. I just > built a new debian computer for gaming and photo and video editing. I > went through the same process as I did before (I created a script to > do all of the things I did in the past) > > net ads join -U

Hi folks I'm using samba 4.8.3 in CentOS client and samba 4.9.3 from Van Belle repos on server I cannot join to the domain as net ads join -k -d 1 libnet_Join: libnet_JoinCtx: struct libnet_JoinCtx in: struct libnet_JoinCtx dc_name : NULL machine_name : 'TINY-FISHWIFE' domain_name : *

Hi Thorsten, hi Rowland, Am Donnerstag, 12. Januar 2023, 15:57:45 CET schrieb Thorsten Marquardt via samba: > Am 12.01.23 um 14:03 schrieb Rowland Penny via samba: > > On 12/01/2023 12:51, Rowland Penny via samba wrote: > >> On 12/01/2023 12:28, Thorsten Marquardt via samba wrote: > >>> srv-kb-dc1:~ # klist > >>> Ticket cache: DIR::/run/user/0/krb5cc/tkt

Hi, I'm not able to join a windows XP machine in samba AD DC. This XP machine is a VM. No problems when joining Windows 10 machines to this DC. On XP machine, after inserting the Administrator username\password to join the domain, the error message is - error while attempting to join the domain "VIDROESTE.IND": Internal error. I can see that the XP machine account was created in AD

Rowland, it was a typo. Sorry, I paste the smb.conf twice. I changed the smb.conf as you proposed, so: dns forwarder removed - yes it's in named.conf, and ntlm auth / lanman auth removed. I also checked the NTLMv2 configuration in windows XP. But the error is still there. I guess it's MIT as saw this in log: /usr/lib/mit/sbin/krb5kdc: kerberos: 10 But how can I confirm which kerberos