[Samba] Problem after upgrading to 4.9

Sergio Belkin sebelk at gmail.com
Wed Dec 12 13:42:35 UTC 2018 

I've run all of that as you suggest, and I get at the end:

No DNS updates needed
And exit status 0

I've fixed the error given by dbcheck, now everything works fine  ¯\_(ツ)_/¯

El mié., 12 dic. 2018 a las 10:28, L.P.H. van Belle (<belle at bazuin.nl>)
escribió:

> about that systemd part.
>
> systemctl daemon-reload
> systemctl samba-ad-dc stop
>
> clear the logs in /va/log/samba
>
> systemctl samba-ad-dc start
>
> and and extra check on the dns part.
> sudo /usr/sbin/samba_dnsupdate --verbose
> and check your logs again to make sure your all ok.
>
> Greetz,
>
> Louis
>
>
> ------------------------------
> *Van:* Sergio Belkin [mailto:sebelk at gmail.com]
> *Verzonden:* woensdag 12 december 2018 14:16
> *Aan:* L.P.H. van Belle
> *CC:* samba at lists.samba.org
> *Onderwerp:* Re: [Samba] Problem after upgrading to 4.9
>
> Well, really weird for me. I've interruped the inteactive samba, run again
> with systemd, and now it works.... hehehe, don't now why.... happy, but I
> don't know why now it works again....
>
> El mié., 12 dic. 2018 a las 10:07, Sergio Belkin (<sebelk at gmail.com>)
> escribió:
>
>> Thanks Louis;
>>
>>
>> /etc/krb5.conf
>>
>> [libdefaults]
>>         default_realm = EXAMPLE.COM
>>         dns_lookup_realm = false
>>         dns_lookup_kdc = true
>>
>>
>> /etc/resolv.conf
>>
>> search example.com
>> nameserver 192.168.50.40
>>
>> /etc/hosts
>>
>>
>> 127.0.0.1       localhost samba4.example.com
>> 192.168.50.40   samba4.example.com  samba4 ldap.example.com
>>
>>
>> Output off:
>> samba-tool dbcheck --cross-ncs
>>
>> NOTE: old (due to rename or delete) DN string component for
>> lastKnownParent in object
>> DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted
>> Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com -
>> DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com
>> Not fixing old string component
>> NOTE: old (due to rename or delete) DN string component for
>> lastKnownParent in object
>> DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted
>> Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com -
>> DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com
>>
>> Not fixing old string component
>> Checked 3626 objects (0 errors)
>>
>> Something interesting: if I run samba -i outside systemd workf fine...
>> weird, I see that systemd run:
>> ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS
>>
>>
>> Thanks in advance!
>>
>> El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (<
>> samba at lists.samba.org>) escribió:
>>
>>> Hai,
>>>
>>> Can you post
>>> /etc/krb5.conf
>>> /etc/resolv.conf
>>> /etc/hosts
>>>
>>> Output off:
>>> samba-tool dbcheck --cross-ncs
>>>
>>> And last question, are there any DC removed from the domain.
>>>
>>>
>>> 50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=>
>>> 192.168.50.40]
>>> My guess here the UUID is a removed DC.
>>>
>>> You samba config looks fine to me.
>>>
>>> Greetz,
>>>
>>> Louis
>>>
>>>
>>>
>>> > -----Oorspronkelijk bericht-----
>>> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>>> > Sergio Belkin via samba
>>> > Verzonden: woensdag 12 december 2018 13:25
>>> > Aan: samba at lists.samba.org
>>> > Onderwerp: [Samba] Problem after upgrading to 4.9
>>> >
>>> > Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to
>>> > samba 4.9 but
>>> > now it fails, these are the errors:
>>> >
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>>> > 09:14:49.372290,  0]
>>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
>>> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid
>>> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
>>> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4
>>> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
>>> > NT_STATUS_LOGON_FAILURE
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>>> > 09:14:49.372338,  0]
>>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
>>> > /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server
>>> > 192.168.50.40 failed with (3221225581, 'The attempted logon
>>> > is invalid.
>>> > This is either due to a bad username or authentication information.')
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>>> > 09:14:49.381318,  0]
>>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
>>> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid
>>> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
>>> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4
>>> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
>>> > NT_STATUS_LOGON_FAILURE
>>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>>> > 09:14:49.381385,  0]
>>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> >
>>> > I've no modified the smb.conf which is:
>>> >
>>> > [global]
>>> >         dns forwarder = 8.8.8.8
>>> >         netbios name = SAMBA4
>>> >         realm = EXAMPLE.COM
>>> >     interfaces = lo eth0
>>> >         server role = active directory domain controller
>>> >         workgroup = EXAMPLE
>>> >         idmap_ldb:use rfc2307 = yes
>>> >         # Audit settings
>>> >     full_audit:prefix = %u|%I|%m|%S
>>> >     full_audit:failure = connect
>>> >     full_audit:success =  mkdir rmdir read pread write pwrite
>>> > rename unlink
>>> >     full_audit:facility = local5
>>> >     full_audit:priority = notice
>>> >         # TLS settings
>>> >         tls enabled = yes
>>> >         tls certfile = tls/ldap.example-aid.com/fullchain.pem
>>> >         tls keyfile = tls/ldap.example-aid.com/privkey.pem
>>> >         tls cafile =
>>> >         #log auth
>>> >         log level = 1 auth_audit:3 auth_json_audit:3
>>> > [netlogon]
>>> >         path = /var/lib/samba/sysvol/example-aid.com/scripts
>>> >         read only = No
>>> > [sysvol]
>>> >         path = /var/lib/samba/sysvol
>>> >         read only = No
>>> > [lab]
>>> >        path = /srv/samba/lab
>>> >        read only = no
>>> >            vfs objects = full_audit
>>> >
>>> > I cannot even 'to kinit', I get:
>>> > kinit: krb5_get_init_creds: unable to reach any KDC in realm
>>> > EXAMPLE.COM
>>> >
>>> > Please could you help me?
>>> >
>>> > Thanks in advance...
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> > Thanks in advance
>>> > --
>>> > --
>>> > Sergio Belkin
>>> > LPIC-2 Certified - http://www.lpi.org
>>> > --
>>> > To unsubscribe from this list go to the following URL and read the
>>> > instructions:  https://lists.samba.org/mailman/options/samba
>>> >
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>>
>> --
>> --
>> Sergio Belkin
>> LPIC-2 Certified - http://www.lpi.org
>>
>
>
> --
> --
> Sergio Belkin
> LPIC-2 Certified - http://www.lpi.org
>
>

-- 
--
Sergio Belkin
LPIC-2 Certified - http://www.lpi.org

More information about the samba mailing list