ctdb and set-auth-user

Charles Weber chaweber at gmail.com
Mon Feb 11 02:21:01 GMT 2008 

Hi everyone,
After viewing the Australian presentation, I thought I would try ctdb.
We have used samba for a long time, either rpc or ads domain member.
My new generation hardware, ie. blades and SAN is here so I have a short
window to experiment.

Centos 5.1 x86_64, 3 blades. RHEL cluster with gfs2 filesystem on SAN.
Nodes go in and out of the cluster fine. GFS2 gets mounted up just fine,
no errors that I see.

After starting ctdb on all nodes:
ping_pong works fine, ctdb works fine with exception of 11.route
script. 
For now I set the route manually. I probably missed something.
But I cannot get winbind functioning.

net ads join works just like normal. 
wbinfo --set-auth-user=dom\\username%pass gives me the error:
"error storing username"
We require the auth-user to access our AD servers.

Config details below, 
I hope you can tell me what I missed.
Thanks,
Chuck



I use a gfs2 fs \clapps on all nodes to store config/lock files that
should be the same for the cluster. I then link the files to the proper
location.
files done like this are 
/etc/samba
smb.conf
secrets.tdb
/etc
sysconfig/ctdb
ctdb/nodes
ctdb/public_addresses
ctdb/events.d/11.route

here are sanitized files:
/etc/sysconfig/ctdb 
CTDB_RECOVERY_LOCK="/clapps/var/lock/ctdb"
 CTDB_PUBLIC_INTERFACE=eth1
 CTDB_PUBLIC_NETWORK="A.B.C.0/22"
 CTDB_PUBLIC_GATEWAY="A.B.C.1"
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
 CTDB_MANAGES_SAMBA=yes
CTDB_MANAGES_WINBIND=yes
ulimit -n 10000
CTDB_NODES=/etc/ctdb/nodes
CTDB_DBDIR=/var/ctdb
CTDB_DBDIR_PERSISTENT=/var/ctdb/persistent
CTDB_DEBUGLEVEL=2

nodes 
172.0.1.230
172.0.1.231
172.0.1.232

public_addresses
A.B.C.23/22
A.B.C.24/22
A.B.C.25/22

11.route copied from sample on web, made exec and linked to all node
events.d
#!/bin/sh

. /etc/ctdb/functions
loadconfig ctdb

cmd="$1"
shift

case $cmd in
    takeip)
         # we ignore errors from this, as the route might be up already
when we're grabbing
         # a 2nd IP on this interface
         /sbin/ip route add $CTDB_PUBLIC_NETWORK via
$CTDB_PUBLIC_GATEWAY dev $1 2> /dev/null
         ;;
esac

exit 0

ctdb status
Number of nodes:3
pnn:0 172.0.1.230      OK
pnn:1 172.0.1.231      OK (THIS NODE)
pnn:2 172.0.1.232      OK
Generation:2036250492
Size:3
hash:0 lmaster:0
hash:1 lmaster:1
hash:2 lmaster:2
Recovery mode:NORMAL (0)
Recovery master:0

smb.conf
[global]
realm = X.X
workgroup = X
netbios name = XFILER
server string = XFILER Cluster Samba Server
name resolve order = wins bcast
security = ADS
syslog = 1
log file = /var/log/samba/%m
log level = 3
max log size = 50
username map = /etc/samba/smbusers
local master = no
domain master = no
deadtime = 30
dns proxy = No
winbind use default domain = yes
winbind enum users = no
winbind enum groups = no
client signing = Yes
server signing = Yes
encrypt passwords = yes
password server = X.X.X.X,X.X.X.X,*
client ntlmv2 auth = yes
lanman auth = no
client lanman auth = no
idmap uid = 15000-80000
idmap gid = 15000-80000
template shell = /bin/bash
template homedir = /home/%U
clustering = yes
idmap backend = tdb2
private dir = /clapps/etc/clsamba
fileid:mapping = fsname
use mmap = no
#nt acl support = yes
#ea support = yes
interfaces = eth1

/var/log/log.ctdb looks fine, basically shows recovering and ip
addresses being passed around.

smbstatus runs OK but with error in the middle 
"Unable to get tcp info for CTDB_CONTROL_TCP_CLIENT"

More information about the samba-technical mailing list