Samba package 4.9.x samba smbd not playing with winbind.
Rowland Penny
rpenny at samba.org
Sun Dec 2 13:38:15 UTC 2018
On Sun, 2 Dec 2018 10:41:14 -0200
Andreas Hasenack <andreas at canonical.com> wrote:
> > I have no winbindd at all on the system:
> >
> > [root at fserver ~]# rpm -qa|grep winbind
> > <empty output>
>
> Thanks for replying.
>
> I think there has been a misunderstanding in this whole thread. Let me
> restate the issue.
>
> In 4.9.x (at least .2 and .3), when winbind is running, smbd will fail
> to start in standalone mode ("security = user").
>
> I think when people read that, and saw "winbind is running", they
> assumed domain security. This is not the case. It just so happens that
> winbind was installed and running.
>
> And it fails in fedora29 too, I just tried:
>
> andreas at nsnx:~$ lxc launch images:fedora/29 fedora29
> Creating fedora29
> Starting fedora29
> andreas at nsnx:~$ lxc exec fedora29 bash
> [root at fedora29 ~]# dnf update -y && dnf install -y samba-winbind
> samba-client samba
> ...
> [root at fedora29 ~]# service winbind start
> Redirecting to /bin/systemctl start winbind.service
>
> [root at fedora29 ~]# systemctl start smb
> Job for smb.service failed because the control process exited with
> error code. See "systemctl status smb.service" and "journalctl -xe"
> for details. [root at fedora29 ~]# journalctl -u smb
> -- Logs begin at Sun 2018-12-02 12:30:19 UTC, end at Sun 2018-12-02
> 12:33:06 UTC. --
> Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Failed to reset
> devices.list: Operation not permitted
> Dec 02 12:33:06 fedora29 systemd[1]: Starting Samba SMB Daemon...
> Dec 02 12:33:06 fedora29 smbd[247]: [2018/12/02 12:33:06.278094, 0]
> ../source3/auth/auth_util.c:1382(make_new_session_info_guest)
> Dec 02 12:33:06 fedora29 smbd[247]: create_local_token failed:
> NT_STATUS_ACCESS_DENIED
> Dec 02 12:33:06 fedora29 smbd[247]: [2018/12/02 12:33:06.278480, 0]
> ../source3/smbd/server.c:2000(main)
> Dec 02 12:33:06 fedora29 smbd[247]: ERROR: failed to setup guest
> info. Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Main process
> exited, code=exited, status=255/n/a
> Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Killing process 249
> (smbd-notifyd) with signal SIGKILL.
> Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Killing process 250
> (cleanupd) with signal SIGKILL.
> Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Failed with result
> 'exit-code'.
> Dec 02 12:33:06 fedora29 systemd[1]: Failed to start Samba SMB Daemon.
>
> [root at fedora29 ~]# rpm -qa|grep samba
> samba-client-libs-4.9.3-0.fc29.x86_64
> samba-common-tools-4.9.3-0.fc29.x86_64
> samba-winbind-4.9.3-0.fc29.x86_64
> samba-common-libs-4.9.3-0.fc29.x86_64
> samba-libs-4.9.3-0.fc29.x86_64
> samba-winbind-modules-4.9.3-0.fc29.x86_64
> samba-client-4.9.3-0.fc29.x86_64
> samba-4.9.3-0.fc29.x86_64
> samba-common-4.9.3-0.fc29.noarch
>
> [root at fedora29 ~]# cat /etc/samba/smb.conf
> # See smb.conf.example for a more detailed config file or
> # read the smb.conf manpage.
> # Run 'testparm' to verify the config is correct after
> # you modified it.
>
> [global]
> workgroup = SAMBA
> security = user
>
> passdb backend = tdbsam
>
> printing = cups
> printcap name = cups
> load printers = yes
> cups options = raw
>
Can you try adding:
idmap config * : backend = tdb
idmap config * : range = 3000-7999
To your smb.conf
Rowland
More information about the samba-technical
mailing list