On 6.5.2013 16:31, Pekka L.J. Jalkanen wrote:
> On 6.5.2013 13:41, Pekka L.J. Jalkanen wrote:
>> I think that the thing I'm going to try right now is to actually run the
>> MS adprep.exe tool that ships with W2k8 R2. It should add RODC support
>> to the schema and MS also tells to run it before ins
On 6.5.2013 13:41, Pekka L.J. Jalkanen wrote:
> I think that the thing I'm going to try right now is to actually run the
> MS adprep.exe tool that ships with W2k8 R2. It should add RODC support
> to the schema and MS also tells to run it before installing any W2k8 DCs
> (RODC or not) to an existing
On 4.5.2013 0:22, Andrew Bartlett wrote:
> On Fri, 2013-05-03 at 19:21 +0300, Pekka L.J. Jalkanen wrote:
>> On 26.4.2013 13:05, Pekka L.J. Jalkanen wrote:
>>>
>>> So it seems that for some reason, exporting the keytab from Samba DC
>>> doesn't work. I tried to kinit first using the domain admin acc
On Fri, 2013-05-03 at 19:21 +0300, Pekka L.J. Jalkanen wrote:
> On 26.4.2013 13:05, Pekka L.J. Jalkanen wrote:
> >
> > So it seems that for some reason, exporting the keytab from Samba DC
> > doesn't work. I tried to kinit first using the domain admin account, but
> > to no avail--exportkeytab sti
On 26.4.2013 13:05, Pekka L.J. Jalkanen wrote:
>
> So it seems that for some reason, exporting the keytab from Samba DC
> doesn't work. I tried to kinit first using the domain admin account, but
> to no avail--exportkeytab still throws the same error.
>
> Now, for the purposes of bug 9828 I could
On 26.4.2013 6:13, Andrew Bartlett wrote:
> On Wed, 2013-04-24 at 17:39 +0300, Pekka L.J. Jalkanen wrote:
>> By the way, is a kerberos keytab actually necessary to decrypt the
>> GSS-API packets in Wireshark? Samba Wiki
>> (https://wiki.samba.org/index.php/Capture_Packets) doesn't say so (just
>> t
On Wed, 2013-04-24 at 17:39 +0300, Pekka L.J. Jalkanen wrote:
> By the way, is a kerberos keytab actually necessary to decrypt the
> GSS-API packets in Wireshark? Samba Wiki
> (https://wiki.samba.org/index.php/Capture_Packets) doesn't say so (just
> tells to capture the kerberos exchange), but I be
By the way, is a kerberos keytab actually necessary to decrypt the
GSS-API packets in Wireshark? Samba Wiki
(https://wiki.samba.org/index.php/Capture_Packets) doesn't say so (just
tells to capture the kerberos exchange), but I became somewhat
suspicious, while reading the following page:
http://wik
On 23.4.2013 19:24, Michael Wood wrote:
> On 23 April 2013 16:43, Pekka L.J. Jalkanen wrote:
>> Nothing. It just works. I can even explicitly change it to point to the
>> Samba 4 DC and it still works.
>>
>> It is just Vista and newer RSATs that are the problem. And they also
>> work just fine as
On 23 April 2013 16:43, Pekka L.J. Jalkanen wrote:
> Nothing. It just works. I can even explicitly change it to point to the
> Samba 4 DC and it still works.
>
> It is just Vista and newer RSATs that are the problem. And they also
> work just fine as long as the selected DC is the W2k3R2 DC...
Pe
Nothing. It just works. I can even explicitly change it to point to the
Samba 4 DC and it still works.
It is just Vista and newer RSATs that are the problem. And they also
work just fine as long as the selected DC is the W2k3R2 DC...
Pekka L.J. Jalkanen
On 23.4.2013 16:39, Hisham Attar wrote:
What does it say when you browse domain controllers OU for that DC using
the Ad users and computers snapin on the win2k3 dc?
On Tue, Apr 23, 2013 at 11:25 PM, Pekka L.J. Jalkanen <
pekka.jalka...@vihreat.fi> wrote:
> Raising the functional level above 2003 doesn't sound like a good plan
> as lon
Raising the functional level above 2003 doesn't sound like a good plan
as long as we still have to keep the Windows 2003 DC around. I don't
know about Samba, but RSAT wouldn't even let me do that.
Also note that it is the Windows DC (CN=W2K3R2DC) that doesn't have this
attribute.
I figured out th
That attribute is a 2008+ schema attribute, as far as I was aware when you
provision with Samba your DC functionality is at 2008 R2 but forest/domain
is at 2003 and can be raised to 2008 R2 try samba-tool domain level raise
--domain 2008_R2 --forest 2008_R2 maybe that will add the attribute to the
Hello,
We have two DCs. One runs Windows 2003 R2, and the other Samba 4.0.5.
Forest functional level is Windows 2000 native.
I recently demoted (worked flawlessy now, which was a great relief),
rebuilt and re-promoted my Samba 4 DC, as my problems that I posted to
this list about two monts were s
15 matches
Mail list logo
