[Samba] Upgrade samba 3.0.x to 3.5.x crash Authentication: LDAP
Alberto Moreno
portsbsd at gmail.com
Sat Jun 30 13:51:51 MDT 2012
Hi guys I have strange case.
One network is based on Samba 3.0.x + LDAP PDC. Centos 5.8 i386.
This server have the mail: dovecot-ldap+postfix.
Everything is working good, my clients are Windows XP Pro, roaming
profiles, etc.
I have receive my first Win7 machine and I need to update samba to
samba3x(3.5.x).
What I understand is that samba is not related to ldap-centos auth
nss_ldap right? I can have this services without samba and no problem
right?
Well I decide to make the upgrade, first backup my current
settings(/etc/samba, /etc/smbldap-tools/, /var/cache/samba).
I test this in laboratory but didn't install nothing else, just
samba+ldap and the update from 3.0.x to 3.5.x works.
Once I prepare my server, I remove samba 3.0.x, delete everything
related to samba.
Install samba3x, build smbldap-tools for support to samba3.5.x.
Setup my smb.conf.
Setup my smbldap-tools
etc.
Restart ldap ok
service smb start ok
service nmb start ok
service winbind start ok
Check my clients and everything was working...
Latter I test again, shutdown samba services and restart ldap...
Ldap start no issue...
smb service refuse to start
nmb ok
winbind ok
Not starting smb services clock my server ldap authentication, I cannot access:
I cannot access over ssh using keys
my email clients cannot login
I cannot send or receive emails..
Dovecot logs say that he cannot authenticated users...
samba log(smbd.log) don't show to me iffo about what he refuse to start...
I restart my server and the same issue, smb service refuse to start.
I'm thinking, why samba is affecting my authtentication...?
why he refuse to start...?
in the console I can query for users and no problem.
Why samba affect auth...?
I increase the debug level and don't see nothing wrong... check:
smbd.log
[2012/06/27 19:44:00.277583, 3] param/loadparm.c:9180(lp_load_ex)
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
[2012/06/27 19:44:00.277731, 3] ../lib/util/params.c:550(pm_process)
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2012/06/27 19:44:00.277767, 3] param/loadparm.c:7864(do_section)
Processing section "[global]"
doing parameter workgroup = midomain
doing parameter server string = PDC Domain
doing parameter netbios name = PDC-SRV
[2012/06/27 19:44:00.277838, 4] param/loadparm.c:7226(handle_netbios_name)
handle_netbios_name: set global_myname to: PDC-SRV
doing parameter hosts allow = 192.168.1. 192.168.2. 127.
doing parameter interfaces = eth0 lo0
doing parameter smb ports = 139 445
doing parameter security = user
doing parameter encrypt passwords = yes
doing parameter passdb backend = ldapsam:ldap://127.0.0.1/
doing parameter enable privileges = yes
doing parameter pam password change = Yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *New*UNIX*password* %nn
*ReType*new*UNIX*password* %nn *
passwd:*all*authentication*tokens*updated*successfully*
doing parameter unix password sync = Yes
doing parameter log level = 10
[2012/06/27 19:44:00.278084, 5] lib/debug.c:405(debug_dump_status)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
registry: False/0
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 2048
doing parameter syslog = 1
doing parameter name resolve order = wins bcast hosts lmhost
doing parameter time server = No
doing parameter socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
doing parameter use sendfile = yes
doing parameter map hidden = No
doing parameter map system = No
doing parameter map archive = No
doing parameter map read only = No
doing parameter store dos attributes = Yes
doing parameter Map to Guest = Bad User
doing parameter load printers = No
doing parameter printcap name =
doing parameter cups options =
doing parameter show add printer wizard = No
doing parameter add user script = /usr/sbin/smbldap-useradd -m %u
doing parameter delete user script = /usr/sbin/smbldap-userdel %u
doing parameter add group script = /usr/sbin/smbldap-groupadd -p %g
doing parameter delete group script = /usr/sbin/smbldap-groupdel %g
doing parameter add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
doing parameter delete user from group script =
/usr/sbin/smbldap-groupmod -x %u %g
doing parameter set primary group script = /usr/sbin/smbldap-usermod -g %g %u
doing parameter add machine script = /usr/sbin/smbldap-useradd -w %u
doing parameter ldap ssl = off
doing parameter ldap passwd sync = Yes
doing parameter ldap suffix = dc=midomain,dc=com
doing parameter ldap machine suffix = ou=Computers
doing parameter ldap user suffix = ou=Users
doing parameter ldap group suffix = ou=Groups
doing parameter ldap idmap suffix = ou=Idmap
doing parameter ldap admin dn = cn=root,dc=midomain,dc=com
doing parameter idmap backend = ldap:ldap://127.0.0.1
doing parameter idmap uid = 10000-20000
doing parameter idmap gid = 10000-20000
doing parameter logon script = %U.bat
doing parameter logon path =
doing parameter logon path =
doing parameter logon home =
doing parameter logon drive =
doing parameter username map = /etc/samba/smbusers
doing parameter preferred master = Yes
doing parameter wins support = Yes
doing parameter winbind nested groups = Yes
doing parameter ea support = Yes
doing parameter domain logons = Yes
doing parameter domain master = Yes
doing parameter local master = Yes
doing parameter map acl inherit = Yes
doing parameter unix charset = UTF8
[2012/06/27 19:44:00.279632, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279677, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279720, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279755, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279792, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279827, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279863, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279899, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279934, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.279990, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280037, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280080, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280119, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280158, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
doing parameter case sensitive = No
[2012/06/27 19:44:00.280214, 4] param/loadparm.c:9215(lp_load_ex)
pm_process() returned Yes
[2012/06/27 19:44:00.280247, 7] param/loadparm.c:9421(lp_servicenumber)
lp_servicenumber: couldn't find homes
[2012/06/27 19:44:00.280313, 8] param/loadparm.c:6185(add_a_service)
add_a_service: Creating snum = 0 for IPC$
[2012/06/27 19:44:00.280342, 10] param/loadparm.c:6223(hash_a_service)
hash_a_service: creating servicehash
[2012/06/27 19:44:00.280374, 10] param/loadparm.c:6232(hash_a_service)
hash_a_service: hashing index 0 for service name IPC$
[2012/06/27 19:44:00.280428, 3] param/loadparm.c:6335(lp_add_ipc)
adding IPC service
[2012/06/27 19:44:00.280457, 10] param/loadparm.c:8425(set_server_role)
set_server_role: role = ROLE_DOMAIN_PDC
[2012/06/27 19:44:00.280497, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280543, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280583, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280618, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280654, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280689, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280724, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280760, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280796, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280851, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280890, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280931, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.280984, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.281032, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/06/27 19:44:00.281069, 3] printing/pcap.c:137(pcap_cache_reload)
reloading printcap cache
[2012/06/27 19:44:00.281105, 5] printing/print_cups.c:392(cups_pcap_load_async)
cups_pcap_load_async: asynchronously loading cups printers
[2012/06/27 19:44:00.282238, 5]
printing/print_cups.c:263(cups_cache_reload_async)
reloading cups printcap cache
[2012/06/27 19:44:00.283073, 10] printing/print_cups.c:409(cups_pcap_load_async)
cups_pcap_load_async: child pid = 3459
[2012/06/27 19:44:00.283224, 10] printing/print_cups.c:528(cups_cache_reload)
cups_cache_reload: sync read on fd 4
[2012/06/27 19:44:00.283277, 5] printing/print_cups.c:452(cups_async_callback)
cups_async_callback: callback received for printer data. fd = 4
[2012/06/27 19:44:00.283596, 10] printing/print_cups.c:88(cups_connect)
connecting to cups server localhost:631
[2012/06/27 19:44:00.288844, 0] printing/print_cups.c:109(cups_connect)
Unable to connect to CUPS server localhost:631 - Connection refused
[2012/06/27 19:44:00.289603, 10] printing/print_cups.c:129(send_pcap_blob)
[2012/06/27 19:44:00.289609, 10] printing/print_cups.c:154(recv_pcap_blob)
successfully sent blob of len 12
successfully recvd blob of len 12
[2012/06/27 19:44:00.289718, 0] printing/print_cups.c:468(cups_async_callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2012/06/27 19:44:00.290017, 3] printing/pcap.c:249(pcap_cache_reload)
reload status: error
[2012/06/27 19:44:00.290106, 6] param/loadparm.c:7155(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed
Jun 27 19:43:02 2012
[2012/06/27 19:44:00.290526, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=fe80::2c0:9fff:fe23:dcbb%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2012/06/27 19:44:00.290672, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=192.168.1.7 bcast=192.168.1.255 netmask=255.255.255.0
If u see, nothing really bad, I had other server running the same
version on other network and is working and have the same warning
"cups" but don't see something else.
Any info about please let me know, I will appreciated, thanks
--
LIving the dream...
More information about the samba
mailing list