[Samba] Update to samba 4.19 Aduc no longer working No login

Mueller mueller at tropenklinik.de
Mon Sep 11 07:18:45 UTC 2023 

Dear all,

after updating to samba 4.19 I cannot use ADUC anymore:
Error Trust levels between the domain could not be established because of no domain server.
On restarting samba on the server:

service samba status
● samba.service - Samba AD Daemon
     Loaded: loaded (/lib/systemd/system/samba.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2023-09-11 08:58:38 CEST; 8min ago
       Docs: man:samba(8)
             man:samba(7)
             man:smb.conf(5)
    Process: 2758367 ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS (code=exited, status=1/FAILURE)
   Main PID: 2758367 (code=exited, status=1/FAILURE)
     Status: "samba: ready to serve connections..."
        CPU: 816ms

Sep 11 08:58:38 dommaster samba[2758391]: [2023/09/11 08:58:38.358549,  0] ../../source4/samba/process_prefork.c:498(prefork_restart)
Sep 11 08:58:38 dommaster samba[2758391]:   prefork_restart: Restarting [kdc] pre-fork worker in (10) seconds
Sep 11 08:58:38 dommaster samba[2758367]: [2023/09/11 08:58:38.358975,  0] ../../source4/samba/process_prefork.c:637(prefork_child_pipe_handler)
Sep 11 08:58:38 dommaster samba[2758367]:   prefork_child_pipe_handler: Parent 2758367, Child 2758412 terminated with signal 6
Sep 11 08:58:38 dommaster samba[2758367]: [2023/09/11 08:58:38.359033,  0] ../../source4/samba/process_prefork.c:498(prefork_restart)
Sep 11 08:58:38 dommaster samba[2758367]:   prefork_restart: Restarting [winbindd] pre-fork master in (10) seconds
Sep 11 08:58:38 dommaster samba[2758367]: [2023/09/11 08:58:38.359386,  0] ../../source4/samba/server.c:403(samba_terminate)
Sep 11 08:58:38 dommaster samba[2758367]:   samba_terminate: samba_terminate of samba 2758367: smbd child process exited
Sep 11 08:58:38 dommaster systemd[1]: samba.service: Main process exited, code=exited, status=1/FAILURE
Sep 11 08:58:38 dommaster systemd[1]: samba.service: Failed with result 'exit-code'.

What I did after upgrading:
I set ad dc functional level = 2016 in smb.conf
I did, 
samba-tool domain schemaupgrade --schema=2019
samba-tool domain functionalprep --function-level=2016
samba-tool domain level raise --domain-level=2016 --forest-level=2016

All was working over the weekend but suddenly crashes. Even the Emailserver cannot authenticate against the domain.
Kinit not possible:
kinit administrator at TLK.LOC
kinit: für Realm »TLK.LOC« kann nicht KDC kontaktiert werden bei Anfängliche Anmeldedaten werden geholt.

How can I fix this quickly!?

Greetings
Daniel

More information about the samba mailing list