[Samba] upgrade samba

Fabrizio Monti thefantaman at gmail.com
Mon Jan 28 01:38:53 MST 2013 

Hi Nico Kadel-Garcia,
thanks for reply. Path for smbldap is correct. Other log file have

2013/01/25 17:20:13.974204,  1] auth/server_info.c:386(samu_to_SamInfo3)
  The primary group domain
sid(S-1-5-21-3564791867-1010203101-2143723903-513) does not match the
domain sid(S-1-5-21-2427793829-1009842549-3523806979) for
Manager(S-1-5-21-2427793829-1009842549-3523806979-500)
[2013/01/25 17:20:13.974250,  4] smbd/sec_ctx.c:422(pop_sec_ctx)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2013/01/25 17:20:13.974286,  0] auth/check_samsec.c:491(check_sam_security)
  check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
[2013/01/25 17:20:13.974506,  3] auth/auth_winbind.c:60(check_winbind_security)
  check_winbind_security: Not using winbind, requested domain [gis]
was for this SAM.
[2013/01/25 17:20:13.974542,  2] auth/auth.c:319(check_ntlm_password)
  check_ntlm_password:  Authentication for user [Manager] -> [Manager]
FAILED with error NT_STATUS_UNSUCCESSFUL
[2013/01/25 17:20:13.974610,  3] smbd/error.c:81(error_packet_set)
  error packet at smbd/sesssetup.c(124) cmd=115 (SMBsesssetupX)
NT_STATUS_UNSUCCESSFUL
[2013/01/25 17:20:24.885770,  1] smbd/process.c:457(receive_smb_talloc)
  receive_smb_raw_talloc failed for client 192.0.200.149 read error =
NT_STATUS_CONNECTION_RESET.
[2013/01/25 17:20:24.885923,  4] smbd/sec_ctx.c:314(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2013/01/25 17:20:24.886102,  3] smbd/server_exit.c:181(exit_server_common)
  Server exit (failed to receive smb request)


Then the problem is sid, samba-3.3 probabily do not check sid. Ldap is
workin so it is possible disable sid check in samba-3.6?

Fabrizio.

Well, for one thing, if you updated to samba3x  your binaries for
>
> things like "smbldap-usermod" are all going to be in /usr/bin, not
> /usr/local/bin.

path is correct, files smbldap are in /usr/local/bin.

>
> Did you have an old hand-built Samba lying around? If
> you did, you need to clear it.









>
>
> > Jan 24 17:53:03 VmPDC smbd[15115]: [2013/01/24 17:53:03.371837,  0]
> > auth/check_samsec.c:491(check_sam_security)
> > Jan 24 17:53:03 VmPDC smbd[15115]:   check_sam_security:
> > make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL'
> > Jan 24 17:53:04 VmPDC smbd[15115]: [2013/01/24 17:53:04.413597,  0]
> > auth/check_samsec.c:491(check_sam_security)
> > Jan 24 17:53:04 VmPDC smbd[15115]:   check_sam_security:
> > make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL'
> >
> > This configuration of samba
> >
> > [root at VmPDC ~]# testparm
> > Load smb config files from /etc/samba/smb.conf
> > Processing section "[netlogon]"
> > Processing section "[profiles]"
> > Loaded services file OK.
> > Server role: ROLE_DOMAIN_PDC
> > Press enter to see a dump of your service definitions
> >
> > [global]
> >         workgroup = GIS
> >         passdb backend = ldapsam:ldap://192.0.200.2/
> >         log file = /var/log/samba/log.%U
> >         time server = Yes
> >         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > SO_KEEPALIVE
> >         add user script = /usr/local/bin/smbldap-useradd -a -m -P "%u"
> >         delete user script = /usr/local/bin/smbldap-userdel -r "%u"
> >         add group script = /usr/local/bin/smbldap-groupadd -p "%g"
> >         delete group script = /usr/local/bin/smbldap-groupdel "%g"
> >         add user to group script = /usr/local/bin/smbldap-groupmod -m "%u"
> > "%g"
> >         delete user from group script = /usr/local/bin/smbldap-groupmod -x
> > "%u" "%g"
> >         set primary group script = /usr/local/bin/smbldap-usermod -g "%g"
> > "%u"
> >         add machine script = /usr/local/bin/smbldap-useradd -w "%u"
> >         logon path =
> >         logon home =
> >         domain logons = Yes
> >         os level = 33
> >         preferred master = Auto
> >         domain master = Yes
> >         ldap admin dn = cn=Manager,dc=sigesgroup,dc=intra
> >         ldap delete dn = Yes
> >         ldap group suffix = ou=group
> >         ldap machine suffix = ou=machines
> >         ldap passwd sync = yes
> >         ldap suffix = dc=sigesgroup,dc=intra
> >         ldap ssl = no
> >         ldap user suffix = ou=People
> >         idmap config * :range = 5000 - 50000
> >         ldapsam:editposix = yes
> >         ldapsam:trusted = yes
> >         idmap config * : backend = ldap:ldap://192.0.200.2/
> >
> > [netlogon]
> >         comment = Network Logon Service
> >         path = /home/netlogon
> >         guest ok = Yes
> >
> > [profiles]
> >         path = /home/profiles
> >         read only = No
> >         create mask = 0600
> >         directory mask = 0700
> >
> > why is not it working?
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list