similar to: Working through the PAM Offline Authentication Wiki page, but...

Hi folks, The last log record from journalctl -xeu winbind directly after winbind startup is: Jun 13 12:41:36 datasrv winbindd[582]: gpupdate_cmd_done: gpupdate failed with exit status 1 For completeness, the log entries for winbind startup is displayed below. Things seem to work though, but I have never seen it before (I don't like error messages). When I noticed the message I

On Thu, 13 Jun 2024 16:26:17 +0200 Peter Milesson via samba <samba at lists.samba.org> wrote: > Hi folks, > > The last log record from journalctl -xeu winbind directly after > winbind startup is: > > Jun 13 12:41:36 datasrv winbindd[582]: gpupdate_cmd_done: gpupdate > failed with exit status 1 > > For completeness, the log entries for winbind startup is

On 13.06.2024 17:21, Rowland Penny via samba wrote: > On Thu, 13 Jun 2024 16:26:17 +0200 > Peter Milesson via samba <samba at lists.samba.org> wrote: > >> Hi folks, >> >> The last log record from journalctl -xeu winbind directly after >> winbind startup is: >> >> Jun 13 12:41:36 datasrv winbindd[582]: gpupdate_cmd_done: gpupdate >>

Le Fri, 4 Oct 2024 09:27:12 +0100 Rowland Penny via samba <samba at lists.samba.org> ?crivait: > > > > OK, I'll try first the 4.17 version from the backports, and if it's > > not enough I'll upgrade to 4.20. > > I would upgrade to bookworm with Samba from backports, but its your > domain ;-) Well I've upgraded up to 4.20, but no dice :( No

On Fri, 4 Oct 2024 10:11:37 +0200 Emmanuel Florac <eflorac at intellique.com> wrote: > Le Thu, 3 Oct 2024 21:35:04 +0100 > Rowland Penny via samba <samba at lists.samba.org> ?crivait: > > > > Yes, I mean Windows 11 or WIndows Server 2022 machines that are > > > registered into the AD. A Win11 PC which isn't AD-connected (but > > > in the same

On 13.06.2024 20:33, Peter Milesson via samba wrote: > > > On 13.06.2024 17:21, Rowland Penny via samba wrote: >> On Thu, 13 Jun 2024 16:26:17 +0200 >> Peter Milesson via samba <samba at lists.samba.org> wrote: >> >>> Hi folks, >>> >>> The last log record from journalctl -xeu winbind directly after >>> winbind startup is:

On 11/13/24 15:54, Rowland Penny via samba wrote: >> ??? log level = 1 >> >> ??? # dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool >> >> ??? # Winbindd setup for shares: >> ??? # template shell = /bin/bash >> ??? # template homedir = /home/%U >> >> ??? # idmap_nss plugin setup: >> ??? idmap config * : backend

On 11/16/24 11:59, Rowland Penny via samba wrote: > Samba doesn't start any daemons on a Unix domain member, you have to do > it yourself. I did. My Gentoo samba service scripts starts smbd and nmbd. Oh. Ugh. Sorry. Found an untweaked option in the samba service script configuration file--that I had apparently known about while setting up the AD DC--which was necessary to start

Hello. I'm gradually replacing my 4.17 installations with 4.19 (on FreeBSD). As soon as I do this, I'm starting to see gobs of messages in the log like the followings: rpcd_lsad[54129]: rpcd_lsad version 4.19.5 started. samba-dcerpcd[14381]: samba-dcerpcd version 4.19.5 started. I actually experience no troubles (so far) and there are no error messages actually, but is this

On 11/14/24 10:48, Rowland Penny via samba wrote: > The only things that a Samba AD DC pulls from AD is the uidNumber and > gidNumber attributes (if they are set) and only then if 'idmap_ldb:use > rfc2307 = yes' is set in the DCs smb.conf. > > What are you expecting ? > > Rowland Oh. Well, I was expecting that the home directory and the shell attributes would be

On Thu, 14 Nov 2024 11:17:11 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > On 11/14/24 10:48, Rowland Penny via samba wrote: > > The only things that a Samba AD DC pulls from AD is the uidNumber > > and gidNumber attributes (if they are set) and only then if > > 'idmap_ldb:use rfc2307 = yes' is set in the DCs smb.conf. > >

On Fri, 17 May 2024 09:34:25 +0200 Andrea Venturoli via samba <samba at lists.samba.org> wrote: > Hello. > > I'm gradually replacing my 4.17 installations with 4.19 (on FreeBSD). > As soon as I do this, I'm starting to see gobs of messages in the log > like the followings: > > rpcd_lsad[54129]: rpcd_lsad version 4.19.5 started. > samba-dcerpcd[14381]:

Sorry, did not send it to the list (damned Thunderbird)... On 31.01.2023 18:14, Michael Tokarev via samba wrote: > 31.01.2023 09:59, Peter Milesson via samba ?????: > >> The journal on a AD domain member server is cluttered with permission >> denied entries of this message pair: >> >> ??? Jan 31 07:02:26 konsrvfast smbd[436004]: [2023/01/31 >> ???

This question has already been asked in the past, but there was no answer. The above message is logged quite often in /var/log/samba/log.samba-dcerpcd. This is a stand-alone anonymous read-only server. Is it something to worry about? It smells like samba isn't working properly. If yes, how can I fix it? If no, how can I stop samba from logging un-interesting messages? What dcerpcd is

On Thu, 14 Nov 2024 09:52:47 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > On 11/13/24 15:54, Rowland Penny via samba wrote: > >> ??? log level = 1 > >> > >> ??? # dns update command = /usr/sbin/samba_dnsupdate > >> --use-samba-tool > >> > >> ??? # Winbindd setup for shares: > >> ??? #

On Wed, 13 Nov 2024 15:19:22 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > > On 11/12/24 09:35, Rowland Penny via samba wrote: > > > If you are using Debian, just install the libpam-winbind and > > libnss-winbind packages, open /etc/nsswitch.conf in your favourite > > editor and ensure that the passwd & group lines contain

On Sat, 16 Nov 2024 10:38:06 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > I apparently haven't created the correct formula to get Samba to > start winbindd on my workstation in the process of joining my domain. > Testing winbindd connectivity fails: Samba doesn't start any daemons on a Unix domain member, you have to do it yourself. >

Hi folks, The smb.conf and other information after specification of the problems. The journal on a AD domain member server is cluttered with permission denied entries of this message pair: Jan 31 07:02:26 konsrvfast smbd[436004]: [2023/01/31 07:02:26.083500,? 0, effective(11025, 10515), real(11025, 0)] ../../source3/smbd/smb2_service.c:168(chdir_current_service) Jan 31

On Sat, 16 Nov 2024 15:44:12 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > On 11/16/24 11:59, Rowland Penny via samba wrote: > > Samba doesn't start any daemons on a Unix domain member, you have > > to do it yourself. > > I did. My Gentoo samba service scripts starts smbd and nmbd. Oh. Ugh. It isn't really required to run nmbd

On Thu, 14 Nov 2024 10:21:17 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > On 11/14/24 10:04, Rowland Penny via samba wrote: > > Try running 'net cache flush' and try again with getent. > > The first time Samba is asked for a users details it gets it from > > AD, but it also then caches the details to speed things up, you are