[Samba] Totally missing the mark here

Tue May 27 05:51:26 MDT 2014

On 5/27/2014 7:36 AM, Steve Campbell wrote:
>
> On 5/23/2014 4:45 PM, Rowland Penny wrote:
>> On 23/05/14 21:01, Steve Campbell wrote:
>>> Thanks Greg,
>>>
>>> That's the link I was following. I got down to the line for testing 
>>> connectivity:
>>>
>>> /usr/local/samba/bin/smbclient -L localhost -U%
>>>
>>> And I received an error, (I've been glaring at the screen all day 
>>> and can't remember the message, but it's the first thing done other 
>>> than starting samba, so I figure it's a botched job).
>>
>> Without knowing what the error message said, nobody is going to be 
>> able to help you ;-)
>>
>>>
>>> The smb.conf file seems awful short as well. There's other readings 
>>> out there with lots more to it, so I may follow those for a while 
>>> and see if I don't get further lost.
>>>
>>
>> The standard smb.conf on a Samba 4 AD DC is pretty short, please do 
>> not just add anything to it without fully understanding what is going 
>> to happen if you do.
>>
>> If in doubt, please ask any questions.
>>
>> Rowland
>>
>>> You all have a happy holiday if you're in the parts of the world 
>>> that celebrates.
>>>
>>> Thanks all.
>>>
>>> steve
>>> On 5/23/2014 3:38 PM, Gregory Sloop wrote:
>>>> I haven't been following the list carefully, but have you followed 
>>>> the Samba wiki?
>>>>
>>>> http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
>>>>
>>>> This should get you setup with an AD quite quickly.
>>>> I'm not sure about the sernet packages - I've seen _some_ problems 
>>>> in the past, but perhaps those reports are not valid any more. 
>>>> Frankly, compiling your own isn't half hard. [And since there 
>>>> aren't any good [read: current] distro supported packages you end 
>>>> up having to do "manual" updates anyway - so compiling is a little 
>>>> more hard than just installing a package, but also tends to help 
>>>> remove any potential problems/compatibility issues that often crop 
>>>> up from a package
>>>>
>>>> [But that's all mainly an aside. Start with the Wiki and go from 
>>>> there. If it doesn't work be specific with your questions etc.]
>>>>
>>>> -Greg
>>>>
>>>>
>>>> SC> I have to say I probably shouldn't have read that version 3 
>>>> samba book,
>>>> SC> but I did, so I'm thoroughly confused about what I should be 
>>>> doing to
>>>> SC> get this server configured properly.
>>>>
>>>> SC> I have installed the Sernet rpms on this server. For now, I'm 
>>>> going to
>>>> SC> run the AD on the same server as the file shares.
>>>>
>>>> SC> Using the wiki as a guide, I've followed the provisioning but 
>>>> the first
>>>> SC> tests don't seem to succeed.
>>>>
>>>> SC> Am I doing this backwards? Should I first make this server a 
>>>> normal
>>>> SC> Samba file server that will allow users to mount shares 
>>>> manually before
>>>> SC> proceeding on to AD stuff. I'm not seeing how I can have any 
>>>> valid users
>>>> SC> or anything following the wiki. It's like it should be Chapter 44
>>>> SC> instead of the first prolog.
>>>>
>>>> SC> This is really humbling.
>>>>
>>>> SC> I could use some pointers in how to bring a new server up to an
>>>> SC> AD/DC+fileserver.
>>>>
>>>> SC> Thanks for any help. For now, I'll dig in and read as much as I 
>>>> can.
>>>>
>>>> SC> steve campbell 
>
> It was late Friday, and the problem had just drained me. I was mostly 
> wondering about my procedure more that what was wrong. Anyway....
>
> Here's the command and resultant error:
>
> smbclient -L localhost -U%
> Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)
>
> Here's what I'm running currently:
>
> samba --version
> Version 4.1.7-SerNet-RedHat-8.el6
>
> The first error in the logs showing failure:
>
>   Failed to find object DC=cn,DC=cnpapers,DC=net for attribute 
> fsmoRoleOwner - Cannot find attribute fsmoRoleOwner of 
> DC=cn,DC=cnpapers,DC=net to calculate reference dn
>
> And on and on in the logs:
>
>  task_server_terminate: [dreplsrv: Failed to load partitions: 
> WERR_DS_DRA_INTERNAL_ERROR
>
> task_server_terminate: [Cannot start Winbind (domain controller): 
> Failed to find record for CN in /var/lib/samba/private/secrets.ldb: No 
> such object: (null): Have you provisioned the CN domain?]
>
>  task_server_terminate: [kdc: hdb_samba4_create_kdc (setup KDC 
> database) failed]
>
> This is why I'm questioning my procedure, and using the wiki 
> instructions. It appears there is tons I'm not seeing that needs to be 
> done.
>
> Thanks for all the patience. More reading for now.
>
> steve campbell
>
>
>
I'm going to try and provision this all over again as I'm not sure the 
Windows guy here was providing the right answers. I'll read up on those 
domain answers and do it again without help and see where I get.

The wiki indicates I need to remove my smb.conf file. Is there anything 
else needed to re-provision (keep in mind the original may have been 
completely botched). I'm still wondering where the secrets.tdb gets 
created since "Using Samba" seems to indicate I need to create it 
manually, as I recall.

steve