[Samba] SaMBa 4 - homedir mapping (lp_servicenumber)

Timur I. Bakeyev timur at com.bat.ru
Mon Feb 18 21:58:12 MST 2013 

In general, I wouldn't do things like this in the jails. Jails have their
own way of working with IPs and interfaces, like making 127.* unbindable or
there is a chance that a process outside of the jail already took the
IP:PORT your application trying to bind to.

With the number of hypervisors around it would be much easier to test in
the virtual environment instead.

Also, now you can try samba4 port, which has some fixes, suitable for
FreeBSD(like the name of the NSS module in the first place).

Regards,
Timur.


On Wed, Feb 6, 2013 at 5:42 AM, Dewayne Geraghty <
dewayne.geraghty at heuristicsystems.com.au> wrote:

> > -----Original Message-----
> > From: samba-technical-bounces at lists.samba.org
> > [mailto:samba-technical-bounces at lists.samba.org] On Behalf Of
> > Andrew Bartlett
> > Sent: Wednesday, 6 February 2013 9:34 AM
> > To: Dewayne Geraghty
> > Cc: 'Celso Viana'; samba-technical at samba.org
> > Subject: Re: [Samba] SaMBa 4 - homedir mapping (lp_servicenumber)
> >
> > On Tue, 2013-02-05 at 18:17 +1100, Dewayne Geraghty wrote:
> > > > -----Original Message-----
> > > > From: samba-bounces at lists.samba.org
> > > > [mailto:samba-bounces at lists.samba.org] On Behalf Of Celso Viana
> > > > Sent: Sunday, 3 February 2013 12:17 PM
> > > > To: SaMBa
> > > > Subject: [Samba] SaMBa 4 - homedir mapping
> > > >
> > > > Hi guys,
> > > >
> > > > I'm testing the SaMBa 4 with FreeBSD 9.1 and am having difficulty.
> > > >
> > > > I did so:
> > > > mkdir test
> > > > cd test
> > > > wget http://ftp.samba.org/pub/samba/stable/samba-4.0.2.tar.gz
> > > > tar zxvf samba-4.0.2.tar.gz
> > > > cd samba-4.0.2
> > > > ./configure && make && make install
> > > > cd /usr/local/samba
> > > > bin/samba-tool domain provision --realm=box.blurr --domain=BOX
> > > > --server-role=dc --adminpass='@Tullip500'
> > > > --use-xattrs=yes
> > > > --use-rfc2307
> > > > sbin/samba
> > > > bin/samba-tool user add fox '@Pipe120'
> > --home-directory='\\samba\fox'
> > > > --home-drive=M --given-name="User Test"
> > > >
> > > > wbinfo -i fox
> > > > BOX\fox:*:3000017:20::/home/BOX/fox:/bin/false
> > > >
> > > > smbclient //localhost/fox -Ufox
> > > > Enter fox's password:
> > > > Domain=[BOX] OS=[Unix] Server=[Samba 4.0.2] tree connect
> > > > failed: NT_STATUS_BAD_NETWORK_NAME
> > > >
> > > > If I do this procedure with samba 4.0.0 mapping works.
> > > >
> > > > Could someone help me understand what is happening?
> > > >
> > > > Thanks!
> > > >
> > > > --
> > > > Celso Vianna
> > > > BSD User: 51318
> > > > http://www.bsdcounter.org
> > > >
> > > > Palmas/TO
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions:  https://lists.samba.org/mailman/options/samba
> > >
> > > Celso, I've directed this to the samba technical team because I
> > > suspect that there is a problem using smbclient to connect
> > to [homes] on FreeBSD.
> > > The only anomolies that I can see, is from the logs is
> > > "lp_servicenumber: couldn't find homes" or "tree connect
> > failed: NT_STATUS_BAD_NETWORK_NAME"
> >
> > Have you reinstalled the libnss_winbind*.so files in /lib?
> >
> > Having the wrong (old) version of these still installed will
> > cause issues like this, because they won't load any more
> > (unsatisfied linker
> > dep) once the libs they were linked against are removed.
> >
> > The [homes] share is one of the small number of parts of the
> > AD DC that relies on nss working for all users that log in,
> > which is why this doesn't show up as a more general issue.
> >
> > Andrew Bartlett
> >
> > --
> > Andrew Bartlett
> > http://samba.org/~abartlet/
> > Authentication Developer, Samba Team           http://samba.org
> >
> >
>
> Thanks Andrew,
> I'm using the default directory structure for samba.
>
> Before I configure & make & make install, I perform "rm -R
> /usr/local/samba/*" to ensure that there are no issues. A script creates
> accounts, adjust passwords and perform various tests (apples to apples).
>  Accessing [homes] was the only problem.
>
> You provided a clue, and creating a system account "fox" works on the same
> Samba4 server (t4).
> - Now we can access \\t4\fox under /s4/homes/fox works (t4 is the
> Samba4.0.3 AD DC)
> - Commenting out the path under [homes], results in \\t4\fox accessing
> ~fox. A reasonable result.
> In both cases file creation uses the UID of 3000019, so I almost don't
> need a system account.
>
> This works
> [global]
>         workgroup = AS
>         realm = AS.LAN
>         netbios name = t4
>         server role = active directory domain controller
>         server services = s3fs, rpc, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate
>         server min protocol = NT1
>         interfaces = 10.0.5.241
>         bind interfaces only = yes
>         name resolve order = host, wins
>         disable netbios = yes
> [homes]
>         path = /s4/homes/%S
>         comment = Home Directories
>         valid users = %S
>         read only = No
>
> For the FreeBSD folk, because this is a FreeBSD 9.1 jail this message is
> produced during a 4.0.1 server startup:
>         Failed to bind to 10.0.5.255:137 -
> NT_STATUS_ADDRESS_NOT_ASSOCIATED
> Which I ignore for the time being as samba boots.  However on 4.0.3 the
> behaviour is different
>         Failed to bind to 10.0.5.255:137 -
> NT_STATUS_ADDRESS_NOT_ASSOCIATED
>         task_server_terminate: [nbtd failed to setup interfaces]
>         samba_terminate: nbtd failed to setup interfaces
> And stops. So I removed nbt from the "server services" line above.
>
> Win PC's can depart, join, login and access fileshares; and smbclient -k
> works nicely.
> The homedrive isn't being mapped, but that's a different matter
>
> Regards, Dewayne.
>
>

More information about the samba-technical mailing list