Failed to open /usr/local/samba/private/secrets.tdb
steve at hastingsfamily.com
steve at hastingsfamily.com
Thu Oct 17 23:49:00 GMT 2002
All,
TIA, I have a feeling this is a question everyone knows the answer to but
me, why do I keep getting the message:
Failed to open /usr/local/samba/private/secrets.tdb
Solaris 8 02/02 release. private/secrets.tdb does not exist, and
/usr/local/samba is root:other ownership. /etc/init.d/samba.server start
will start smbd and nmbd, nbtstat shows the share, but I can't create any
samba users. smb.conf and smb.log at bottom.
When I run:
#smbpasswd -a root
Failed to open /usr/local/samba/private/secrets.tdb
New SMB password:
Retype new SMB password:
unable to open passdb database.
startsmbfilepwent_internal: too many race conditions creating file
/usr/local/samba/private/smbpasswd
add_smbfilepwd_entry: unable to open file.
Failed to add entry for user root.
Failed to modify password entry for user root
#
This is created:
Copyright Andrew Tridgell and the Samba Team 1992-2002 [2002/10/16 11:41:56,
0] passdb/secrets.c:secrets_init(43)
Failed to open /usr/local/samba/private/secrets.tdb
[2002/10/16 11:41:57, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163)
pdb_generate_sam_sid: Failed to store generated machine SID. [2002/10/16
11:41:57, 0] smbd/server.c:main(793)
ERROR: Samba cannot create a SAM SID.
[2002/10/16 11:43:31, 0] smbd/server.c:main(707)
smbd version 2.2.5 started.
Copyright Andrew Tridgell and the Samba Team 1992-2002 [2002/10/16
11:43:31, 0] passdb/secrets.c:secrets_init(43)
Failed to open /usr/local/samba/private/secrets.tdb
[2002/10/16 11:43:31, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163)
pdb_generate_sam_sid: Failed to store generated machine SID. [2002/10/16
11:43:31, 0] smbd/server.c:main(793)
ERROR: Samba cannot create a SAM SID.
---------------------------------------------
smb.conf
-------------------------------------------------
# This is the main Samba configuration file. You should read the #
smb.conf(5) manual page in order to understand the options listed # here.
Samba has a huge number of configurable options (perhaps too # many!) most
of which are not shown in this example # # Any line which starts with a ;
(semi-colon) or a # (hash) # is a comment and is ignored. In this example we
will use a # # for commentry and a ; for parts of the config file that you #
may wish to enable # # NOTE: Whenever you modify this file you should run
the command "testparm" # to check that you have not many any basic syntactic
errors. # #======================= Global Settings
=====================================
[global]
##
## Basic Server Settings
##
# workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4
workgroup = MYGROUP
# server string is the equivalent of the NT Description field
server string = Samba Server
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2.0./24 192.168.3.0/255.255.255.0
127.0.0.1
hosts allow = 10.53.210.32 10.53.210.31 127.0.0.1
# Uncomment this if you want a guest account, you must add this to
/etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest
# this tells Samba to use a separate log file for each machine
# that connects
log file = /usr/local/samba/var/log.%m
# How much information do you want to see in the logs?
# default is only to log critical messages
; log level = 4
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = user
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
# this line. The included file is read at that point.
; include = /usr/local/samba/lib/smb.conf.%m
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
; socket options = TCP_NODELAY
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces and want to limit smbd will
# use, list the ones desired here. Otherwise smbd & nmbd will bind to all
# active interfaces on the system. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
interfaces = 10.53.208.24/24
# Should smbd report that it has MS-DFS Capabilities? Only available
# if --with-msdfs was passed to ./configure
; host msdfs = yes
##
## Network Browsing
##
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value (20) should be reasonable
; os level = 20
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on
startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
##
## WINS & Name Resolution
##
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS
Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups.
dns proxy = no
##
## Passwords & Authentication
##
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
; password server = *
; password server = <NT-Server-Name>
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
; encrypt passwords = yes
# Should smbd obey the session and account lines in /etc/pam.d/samba ?
# only available if --with-pam was used at compile time
; obey pam restrictions = yes
# When using encrypted passwords, Samba can synchronize the local
# UNIX password as well. You will also need the "passwd chat" parameters
; unix passwword sync = yes
# how should smbd talk to the local system when changing a UNIX
# password? See smb.conf(5) for details
; passwd chat = <custom chat string>
# This is only available if you compiled Samba to include --with-pam
# Use PAM for changing the password
; pam password change = yes
##
## Domain Control
##
# Enable this if you want Samba act as a domain controller.
# make sure you have read the Samba-PDC-HOWTO included in the documentation
# before enabling this parameter
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# UNC path specifying the network location of the user's home directory
# only used when acting as a DC for WinNT/2k/XP. Ignored by Win9x clients
; logon home = \\%L\%U
# What drive should the "logon home" be mounted at upon login ?
# only used when acting as a DC for WinNT/2k/XP. Ignored by Win9x clients
; logon drive = H:
##
## Printing
##
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = yes
# you may wish to override the location of the printcap file
; printcap name = /etc/printcap
# on SystemV system setting printcap name to lpstat should allow
# you to automatically obtain a printer list from the SystemV spool
# system
; printcap name = lpstat
# It should not be necessary to specify the print system type unless
# it is non-standard. Currently supported print systems include:
# bsd, sysv, plp, lprng, aix, hpux, qnx
; printing = bsd
# Enable this to make Samba 2.2 behavior just like Samba 2.0
# not recommended nuless you are sure of what you are doing
; disable spoolss = yes
# list of users and groups which should be able to remotely manage
# printer drivers installed on the server
; printer admin = root, +ntadmin
##
## Winbind
##
# specify the uid range which can be used by winbindd
# to allocate uids for Windows users as necessary
; winbind uid = 10000-65000
# specify the uid range which can be used by winbindd
# to allocate uids for Windows users as necessary
; winbind gid = 10000-65000
# Define a home directory to be given to passwd(5) style entries
# generated by libnss_winbind.so. You can use variables here
; winbind template homedir = /home/%D/%U
# Specify a shell for all winbind user entries return by the
# libnss_winbind.so library.
; winbind template shell = /bin/sh
# What character should be used to separate the DOMAIN and Username
# for a Windows user. The default is DOMAIN\user, but many people
# prefer DOMAIN+user
; winbind separator = +
#============================ Share Definitions
============================== [homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
# Un-comment the following and create the netlogon directory for Domain
Logons ; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share # the
default is to use the user's home directory
# comment = Home Directories
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to #
specifically define each individual printer #[printers]
# comment = All Printers
# path = /usr/spool/samba
# browseable = no
# # Set public = yes to allow user 'guest account' to print
# guest ok = no
# writable = no
# printable = yes
# This one is useful for people to share files
#[tmp]
# comment = Temporary file space
# path = /tmp
# read only = no
# public = yes
# MS-DFS support is only available if Samba was compiled to
# include --with-msdfs
;[dfsroot]
; dfs root = yes
# A publicly accessible directory, but read only, except for people in # the
"staff" group ;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @staff
##
## Other examples.
##
# A private printer, usable only by fred. Spool data will be placed in
fred's # home directory. Note that fred must have write access to the spool
directory, # wherever it is. #[fredsprn]
# comment = Fred's Printer
# valid users = fred
# path = /homes/fred
# printer = freds_printer
# public = no
# writable = no
# printable = yes
# A private directory, usable only by fred. Note that fred requires write #
access to the directory. #[fredsdir]
# comment = Fred's Service
# path = /usr/somewhere/private
# valid users = fred
# public = no
# writable = yes
# A private directory, usable only by fred. Note that fred requires write #
access to the directory. [Assentor]
comment = Assentor FTP Service
path = /app/BBGMail
valid users = letftp
public = no
writable = no
printable = no
# a service which has a different directory for each machine that connects #
this allows you to tailor configurations to incoming machines. You could #
also use the %U option to tailor it by user name. # The %m gets replaced
with the machine name that is connecting. #[pchome] # comment = PC
Directories # path = /usr/pc/%m # public = no # writable = yes
# A publicly accessible directory, read/write to all users. Note that all
files # created in the directory by users will be owned by the default user,
so # any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of
course # be specified, in which case all files would be owned by that user
instead. #[public]
# path = /usr/somewhere/else/public
# public = yes
# only guest = yes
# writable = yes
# printable = no
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In
this # setup, the directory should be writable by both users and should have
the # sticky bit set on it to prevent abuse. Obviously this could be
extended to # as many users as required. #[myshare]
# comment = Mary's and Fred's stuff
# path = /usr/somewhere/shared
# valid users = mary fred
# public = no
# writable = yes
# printable = no
# create mask = 0765
More information about the samba-technical
mailing list