[Samba] Sync samba machine account between diffent samba versions - 4.1 to 4.15

Tue May 21 16:25:06 UTC 2024

Hi
It turns out that the DHCP was misconfigured since it sent the wrong DNS
server, the gateway one not the main samba server.
After changing it, now everything is working fine.

Thanks.
---

Gilberto Nunes Ferreira
(47) 99676-7530 - Whatsapp / Telegram

Em sex., 17 de mai. de 2024 às 13:17, Gilberto Ferreira <
gilberto.nunes32 at gmail.com> escreveu:

> >> I think you may have to ask zentyal about this
> Yeah! You are probably right about that. I just ask for the sake of
> somebody to come up with some command to do the job.
>
> >> I feel I should point out that wouldn't even put an RODC in a DMZ, but
> >> hey, it is your domain.
> Yeah! Just playing around with this.
> No production env or domain.
>
> Thanks anyway
>
>
> ---
>
>
> Gilbert
>
>
>
> Em sex., 17 de mai. de 2024 às 13:11, Rowland Penny via samba <
> samba at lists.samba.org> escreveu:
>
>> On Fri, 17 May 2024 12:36:33 -0300
>> Gilberto Ferreira via samba <samba at lists.samba.org> wrote:
>>
>> > Hi there.
>> > I have two samba servers, let's say srv01 and srv02. For that matter,
>> > both are Zentyal Server 4 and 8, respectively.
>> > In the srv01 there is samba version 4.1, which is in the network
>> > 182.168.200.0/24, and which is by the way also the gateway to both
>> > network. In the srv02 there is samba version 4.15, which is in the
>> > DMZ network 10.10.100.0/24
>> > The first is an additional controller for the second.
>> > Everything is working fine, except for machine sync.
>> > Let me explain:
>> > - Between these two samba servers, I have a Windows 2022 server. I
>> > was able to put Windows 2022 in the samba domain without any
>> > problems, which was a bit of surprise to me, since I always used to
>> > install SMB1v and SMB2v, first and then add the Windows server into
>> > the samba domain.
>> > - I can log in into the Windows 2022 server using the domain account
>> > created in the server with samba 4.15
>> > - In fact users created in both samba servers appear on both servers.
>> > - With pdbedit --list I can see the following:
>> > srv01:
>> > pdbedit --list
>> > ...
>> > ...
>> > SRV01$:4294967295:SRV01$
>> > SRV02$:4294967295:
>> > WINSRV01$:4294967295:
>> > srv02:
>> > pdbedit --list
>> > ...
>> > ...
>> > SRV01$:3000020:SRV01$
>> > SRV02$:3000022:
>> >
>> > As you can see, the windows 2022 server was added in the srv01, which
>> > has samba 4.1.17 and does not appear in srv02, which has samba
>> > 4.15.13. Based on that, I wonder if this is something to do with
>> > these different versions, before I seek some help with the Zentyal
>> > guys. And I wonder if there is any way to force a sync between the
>> > two samba servers, in regard to the samba machines account.
>> >
>> > Thanks in advance.
>> >
>> > ---
>> > Gilbert
>>
>> I think you may have to ask zentyal about this, whilst '3000020' is in
>> the expected format (Samba DCs uses IDs in the 3000000 range unless
>> you add uidNUmber & gidNumber attributes), '429467295' isn't. it is
>> expected that different DCs will have different IDs for users, groups
>> and computers, they are issued on each DC on a 'first-come-basis', for
>> this reason you have to sync idmap.ldb between DCs.
>>
>> I feel I should point out that wouldn't even put an RODC in a DMZ, but
>> hey, it is your domain.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>