ctdb and set-auth-user
tridge at samba.org
tridge at samba.org
Mon Feb 11 04:27:57 GMT 2008
The problem with this one is that wbinfo.c calls secrets_store() which
calls fetch_locked without a ctdb context.
The solution we've used in other places is something like what is in
I wonder if we should fix this globally instead? Maybe move to a
global event context in 3-0-ctdb ?
For Samba4 the talloc_find_parent stuff works nicely for this, as we
tend to always pass contexts around. For 3-0-ctdb I think it will be
less intrusive just to declare a global event_context and initialise
it on demand. What do you think?
Charles Weber writes:
> Hi everyone,
> After viewing the Australian presentation, I thought I would try ctdb.
> We have used samba for a long time, either rpc or ads domain member.
> My new generation hardware, ie. blades and SAN is here so I have a short
> window to experiment.
> Centos 5.1 x86_64, 3 blades. RHEL cluster with gfs2 filesystem on SAN.
> Nodes go in and out of the cluster fine. GFS2 gets mounted up just fine,
> no errors that I see.
> After starting ctdb on all nodes:
> ping_pong works fine, ctdb works fine with exception of 11.route
> For now I set the route manually. I probably missed something.
> But I cannot get winbind functioning.
> net ads join works just like normal.
> wbinfo --set-auth-user=dom\\username%pass gives me the error:
> "error storing username"
> We require the auth-user to access our AD servers.
> Config details below,
> I hope you can tell me what I missed.
> I use a gfs2 fs \clapps on all nodes to store config/lock files that
> should be the same for the cluster. I then link the files to the proper
> files done like this are
> here are sanitized files:
> ulimit -n 10000
> 11.route copied from sample on web, made exec and linked to all node
> . /etc/ctdb/functions
> loadconfig ctdb
> case $cmd in
> # we ignore errors from this, as the route might be up already
> when we're grabbing
> # a 2nd IP on this interface
> /sbin/ip route add $CTDB_PUBLIC_NETWORK via
> $CTDB_PUBLIC_GATEWAY dev $1 2> /dev/null
> exit 0
> ctdb status
> Number of nodes:3
> pnn:0 220.127.116.11 OK
> pnn:1 18.104.22.168 OK (THIS NODE)
> pnn:2 22.214.171.124 OK
> hash:0 lmaster:0
> hash:1 lmaster:1
> hash:2 lmaster:2
> Recovery mode:NORMAL (0)
> Recovery master:0
> realm = X.X
> workgroup = X
> netbios name = XFILER
> server string = XFILER Cluster Samba Server
> name resolve order = wins bcast
> security = ADS
> syslog = 1
> log file = /var/log/samba/%m
> log level = 3
> max log size = 50
> username map = /etc/samba/smbusers
> local master = no
> domain master = no
> deadtime = 30
> dns proxy = No
> winbind use default domain = yes
> winbind enum users = no
> winbind enum groups = no
> client signing = Yes
> server signing = Yes
> encrypt passwords = yes
> password server = X.X.X.X,X.X.X.X,*
> client ntlmv2 auth = yes
> lanman auth = no
> client lanman auth = no
> idmap uid = 15000-80000
> idmap gid = 15000-80000
> template shell = /bin/bash
> template homedir = /home/%U
> clustering = yes
> idmap backend = tdb2
> private dir = /clapps/etc/clsamba
> fileid:mapping = fsname
> use mmap = no
> #nt acl support = yes
> #ea support = yes
> interfaces = eth1
> /var/log/log.ctdb looks fine, basically shows recovering and ip
> addresses being passed around.
> smbstatus runs OK but with error in the middle
> "Unable to get tcp info for CTDB_CONTROL_TCP_CLIENT"
More information about the samba-technical