samba-tool error messages: what needs fixing most?

Rowland Penny rpenny at samba.org
Sat Aug 27 07:39:45 UTC 2022 

On Wed, 2022-08-24 at 13:22 +1200, Douglas Bagnall via samba-technical
wrote:
> hi,
> 
> If you have used samba-tool, you will be aware that it often reports 
> simple problems with long messages talking about exceptions and line 
> numbers and file names and all-caps error codes. Sometimes, well, 
> usually, these messages turn out to mean something like "bad username
> or 
> password" or "samba.example.com is not a real address".
> 
> Every so often (but less often than you'd expect) somebody has the 
> genius idea that samba-tool could just describe the underlying
> issue, 
> and refrain from the detailed account of subsequent woe. Even Samba 
> Developers have that idea, sometimes, but then they look and think
> "no, 
> too hard" and get back to debugging clustered inter-forest symlink 
> tevent races with S4U2SELF SPOOLSS ntlmssp_states (or winbind for
> the 
> extremophiles). But NOW I, fully sober, have decided to *actually*
> try. 
> Which leads to the question in the subject: which messages need
> fixing?
> 
> So *please* reply to this message with a samba-tool line that says 
> something really stupid, and suggest a better message.
> 
> It won't be possible to fix every example, and I will try to be 
> cautious. It is worse to hide real problems than to expose everyone
> to 
> horrible noise.
> 
> 
> Q: But won't this break the Application Search-engine Interface
> (ASI)? 
> How will we be able to find old posts on stac^H^H^H^H 
> https://lists.samba.org that quote the old nonsensical message?
> 
> A: Yes. ASI stability is never guaranteed. But you can always get
> the 
> old traceback by appending -d3 to your samba-tool line.
> 
> Q: But I like things the way they are. It makes me look like that guy
> in 
> the Matrix.
> 
> A: You don't want to look like that guy. Also, try -d10.
> 
> Q: When?
> 
> A: 4.18, and don't expect too much.
> 
> 
> cheers,
> Douglas

OK Douglas, here is one for you:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13881

Running: sudo samba-tool domain level show -d0

Gets you:

ERROR(ldb): uncaught exception - ldb_search: invalid basedn '(null)'
  File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line
186, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/samba/netcmd/domain.py", line
1051, in run
    scope=ldb.SCOPE_BASE, attrs=["msDS-Behavior-Version"])

Adding a search location, gets you:

sudo samba-tool domain level show -H ldap://dc1 -d0
Domain and forest function level for domain
'DC=samdom,DC=example,DC=com'

Forest function level: (Windows) 2008 R2
Domain function level: (Windows) 2008 R2
Lowest function level of a DC: (Windows) 2008 R2

Rowland

More information about the samba-technical mailing list