ctdb and set-auth-user
tridge at samba.org
tridge at samba.org
Mon Feb 11 04:27:57 GMT 2008
Volker,
The problem with this one is that wbinfo.c calls secrets_store() which
calls fetch_locked without a ctdb context.
The solution we've used in other places is something like what is in
smbcontrol.c, smbc_event_context().
I wonder if we should fix this globally instead? Maybe move to a
global event context in 3-0-ctdb ?
For Samba4 the talloc_find_parent stuff works nicely for this, as we
tend to always pass contexts around. For 3-0-ctdb I think it will be
less intrusive just to declare a global event_context and initialise
it on demand. What do you think?
Cheers, Tridge
Charles Weber writes:
> Hi everyone,
> After viewing the Australian presentation, I thought I would try ctdb.
> We have used samba for a long time, either rpc or ads domain member.
> My new generation hardware, ie. blades and SAN is here so I have a short
> window to experiment.
>
> Centos 5.1 x86_64, 3 blades. RHEL cluster with gfs2 filesystem on SAN.
> Nodes go in and out of the cluster fine. GFS2 gets mounted up just fine,
> no errors that I see.
>
> After starting ctdb on all nodes:
> ping_pong works fine, ctdb works fine with exception of 11.route
> script.
> For now I set the route manually. I probably missed something.
> But I cannot get winbind functioning.
>
> net ads join works just like normal.
> wbinfo --set-auth-user=dom\\username%pass gives me the error:
> "error storing username"
> We require the auth-user to access our AD servers.
>
> Config details below,
> I hope you can tell me what I missed.
> Thanks,
> Chuck
>
>
>
> I use a gfs2 fs \clapps on all nodes to store config/lock files that
> should be the same for the cluster. I then link the files to the proper
> location.
> files done like this are
> /etc/samba
> smb.conf
> secrets.tdb
> /etc
> sysconfig/ctdb
> ctdb/nodes
> ctdb/public_addresses
> ctdb/events.d/11.route
>
> here are sanitized files:
> /etc/sysconfig/ctdb
> CTDB_RECOVERY_LOCK="/clapps/var/lock/ctdb"
> CTDB_PUBLIC_INTERFACE=eth1
> CTDB_PUBLIC_NETWORK="A.B.C.0/22"
> CTDB_PUBLIC_GATEWAY="A.B.C.1"
> CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
> CTDB_MANAGES_SAMBA=yes
> CTDB_MANAGES_WINBIND=yes
> ulimit -n 10000
> CTDB_NODES=/etc/ctdb/nodes
> CTDB_DBDIR=/var/ctdb
> CTDB_DBDIR_PERSISTENT=/var/ctdb/persistent
> CTDB_DEBUGLEVEL=2
>
> nodes
> 172.0.1.230
> 172.0.1.231
> 172.0.1.232
>
> public_addresses
> A.B.C.23/22
> A.B.C.24/22
> A.B.C.25/22
>
> 11.route copied from sample on web, made exec and linked to all node
> events.d
> #!/bin/sh
>
> . /etc/ctdb/functions
> loadconfig ctdb
>
> cmd="$1"
> shift
>
> case $cmd in
> takeip)
> # we ignore errors from this, as the route might be up already
> when we're grabbing
> # a 2nd IP on this interface
> /sbin/ip route add $CTDB_PUBLIC_NETWORK via
> $CTDB_PUBLIC_GATEWAY dev $1 2> /dev/null
> ;;
> esac
>
> exit 0
>
> ctdb status
> Number of nodes:3
> pnn:0 172.0.1.230 OK
> pnn:1 172.0.1.231 OK (THIS NODE)
> pnn:2 172.0.1.232 OK
> Generation:2036250492
> Size:3
> hash:0 lmaster:0
> hash:1 lmaster:1
> hash:2 lmaster:2
> Recovery mode:NORMAL (0)
> Recovery master:0
>
> smb.conf
> [global]
> realm = X.X
> workgroup = X
> netbios name = XFILER
> server string = XFILER Cluster Samba Server
> name resolve order = wins bcast
> security = ADS
> syslog = 1
> log file = /var/log/samba/%m
> log level = 3
> max log size = 50
> username map = /etc/samba/smbusers
> local master = no
> domain master = no
> deadtime = 30
> dns proxy = No
> winbind use default domain = yes
> winbind enum users = no
> winbind enum groups = no
> client signing = Yes
> server signing = Yes
> encrypt passwords = yes
> password server = X.X.X.X,X.X.X.X,*
> client ntlmv2 auth = yes
> lanman auth = no
> client lanman auth = no
> idmap uid = 15000-80000
> idmap gid = 15000-80000
> template shell = /bin/bash
> template homedir = /home/%U
> clustering = yes
> idmap backend = tdb2
> private dir = /clapps/etc/clsamba
> fileid:mapping = fsname
> use mmap = no
> #nt acl support = yes
> #ea support = yes
> interfaces = eth1
>
> /var/log/log.ctdb looks fine, basically shows recovering and ip
> addresses being passed around.
>
> smbstatus runs OK but with error in the middle
> "Unable to get tcp info for CTDB_CONTROL_TCP_CLIENT"
>
>
More information about the samba-technical
mailing list