Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - chris.holmes

Pages: [1]
I've come up with a solution but I'm not sure what the cause is.

Problem: User logging into a domain connection computer for the first time. (no profile on the machine, roaming or non-roaming profile doesn't matter)
User is presented with the "Hi, we are setting things up for you..." animation. This animation runs for 15 minutes or until the power management turns the screen off.
Then the user can log in. All subsiquent logins are fast. Connecting for the first time via Remote Desktop Connection doesn't present the "Hi... " animation and logs in almost right away.

Solution: Use a GPO to disable the "Hi..." animation on login. First time login's directly on the machine go quickly.
Computer Configuration > Administrative Templates > System > Logon
Set the “Show First Sign-In Animation” option to “Disabled”

Zentyal Core 6.1.6 - Windows 10 Pro 2004, 1909, 1804 (tested broken and fixed)

Not sure if this is part of a bigger problem but I think it can be marked as solved.

Zentyal Version 6.1.6 running only as a domain controller / DNS server.
Primary and Secondary DNS Servers. NOT using roaming profiles. Have all my scripts and the workstation group policy backed up.

Problem 1: My Primary domain controller (PDC) is dead.
Secondary Domain Controller is functional (SDC), domain authentication is working. The license key is the only thing left of the PDC.
What do I need to do to create a new Primary Domain Controller for my domain so I don't loose all the user accounts, connected computers etc.?

I'm assuming turn the SDC into a PDC and create a new SDC, but documentation on that is mainly on migrating from a Windows PDC.

Problem 2: (which lead to the dead PDC)
DNS not updating automatically. Got the following error after adding the noexpiry flag to the dns-<PDC> account.

Exit value: 1 at root command kinit -k -t /var/lib/samba/private/dns.keytab dns-zentyal failed.
Error output: kinit: Password incorrect

How do I properly set the password in the dns.keytab file to get DNS updating properly again?

Explaination of Problem 2:
The password for the dns-<PDC> was manually changed via the Users and Computer Management screen. The fix I found to reset the password on the dns-<PDC> account was the start of the cause of Problem 1.
THIS IS BAD DO NOT DO - (samba_upgradedns --dns-backend=local then back to BIND9_DLZ)

This is me putting down the shovel to get out of the hole. Thank you in advance.

Pages: [1]