[Samba] CTDB: Failed to connect client socket to daemon. [SOLVED]
Achim Gottinger
achim at ag-web.biz
Thu Aug 21 15:44:15 MDT 2014
Am 21.08.2014 19:15, schrieb steve:
> On Tue, 2014-08-19 at 12:19 +0200, steve wrote:
>> On Tue, 2014-08-19 at 12:14 +0200, Achim Gottinger wrote:
>>>>> Seems you have an kerberos problem on your machine because i found this
>>>>> in your smbd -i -d3 logs. I'd increase the loglevel in smb.conf restart
>>>>> via ctdb and if it's not an easy fix use an simpler password backend first.
>>>>>
> Hi again
> This was the clue:
>>>>> ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or
>>>>> directory)
>>>>> ads_cleanup_expired_creds: Ticket in ccache[MEMORY:prtpub_cache]
> We removed all the MIT packages and rebuilt against the equivalent
> Heimdal. Works OK now. smbd starts and stops correctly on enable and
> disable.
>
> The other missing piece was the ubuntu upstart, buried deep in the wiki
> vaults:
> http://anonscm.debian.org/gitweb/?p=pkg-samba/samba.git;a=blob_plain;f=debian/samba.samba-ad-dc.init;h=3132d2e367675f822342a5b7bc2e50c046aa3b8f;hb=HEAD
>
> What a pity we didn't investigate this last week:(
>
> Also, it really isn't clear the MIT and Heimdal thing. Is this
> documented anywhere? We've only come across it when on Ubuntu. Maybe
> it's a Debian thing. All we can find is some history US defence
> authority stuff about munition. Maybe we should ask on the MIT list?
>
> Anyway, thanks again and we hope that this thread will help others avoid
> the Krb5 pains.
> Cheers,
> Steve
>
>
Thanks for digging thru this and reporting back. I remember readhat is
working on making samba compatible with mit kerberos. On debian/ubuntu
you can use "apt-get build-dep samba" to grab all the dependencies
necessary for the repo package. I assume with this the required heimdal
packages would have been installed.
I use MIT gssapi and util's pakckages here on debian and have not yet
had an problem with samba-addc's (not using member servers).
What was the issue with upstart, the script you reference looks like an
samba ad-dc start script?
More information about the samba
mailing list