[Samba] dynamic DNS Updates still failing, re-installed 9 more times, tried everything I could think of, now bald.

Gary Maurizi garymaurizi at gmail.com
Sun Jun 2 02:46:05 MDT 2013


This is a follow up to my previous...

Thomas, I have tried everything else I can think of, I WAS  able to get
further debugging information out of samba, winbind, bind9_dlz, and whats
going wrong in this process for us, but I am not a developer I have no way
of knowing if this will be useful to you or anyone but I figure I should
put it out so someday this can get fixed, Thanks:

smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
.....
[2013/06/02 00:59:53.472357,  3]
../source3/smbd/password.c:144(register_homes_share)
  Adding homes service for user 'MTOLYMPUS\GM-BED-DESK-01$' using home
directory: '/home/MTOLYMPUS/GM-BED-DESK-01$'
[2013/06/02 00:59:53.509694,  3] ../source3/lib/access.c:338(allow_access)
  Allowed connection from 10.0.0.106 (10.0.0.106)
[2013/06/02 00:59:53.509825,  3]
../source3/smbd/service.c:612(make_connection_snum)
  Connect path is '/tmp' for service [IPC$]

.....

  Module 'acl_xattr' loaded
[2013/06/02 00:59:53.512469,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [dfs_samba4]
[2013/06/02 00:59:53.512515,  2]
../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr)
  connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true'
and 'force unknown acl user = true' for service IPC$
[2013/06/02 00:59:53.515689,  3]
../source3/smbd/service.c:847(make_connection_snum)
  10.0.0.106 (ipv4:10.0.0.106:50958) connect to service IPC$ initially as
user MTOLYMPUS\GM-BED-DESK-01$ (uid=3000017, gid=3000018) (pid 6993)
[2013/06/02 01:00:05.459651,  3] ../source3/smbd/service.c:1121(close_cnum)
  10.0.0.106 (ipv4:10.0.0.106:50958) closed connection to service IPC$
[2013/06/02 01:00:05.502497,  2]
../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming)
  smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
[2013/06/02 01:00:05.502695,  3]
../source3/smbd/server_exit.c:218(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
[2013/06/02 01:01:31.833681,  3] ../source3/lib/access.c:338(allow_access)
  Allowed connection from 10.0.0.106 (10.0.0.106)

....


  Initialising custom vfs hooks from [dfs_samba4]
[2013/06/02 01:01:32.006355,  2]
../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr)
  connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true'
and 'force unknown acl user = true' for service sysvol
[2013/06/02 01:01:32.009587,  1]
../source3/smbd/service.c:847(make_connection_snum)
  10.0.0.106 (ipv4:10.0.0.106:50965) connect to service sysvol initially as
user MTOLYMPUS\Administrator (uid=0, gid=100) (pid 7020)
[2013/06/02 01:01:32.080520,  3]
../source3/smbd/vfs.c:1140(check_reduced_name)
  check_reduced_name
[mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI]
[/usr/local/samba/var/locks/sysvol]
[2013/06/02 01:01:32.080578,  3]
../source3/smbd/vfs.c:1270(check_reduced_name)
  check_reduced_name:
mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI
reduced to /usr/local/samba/var/locks/sysvol/mtolympus.local/P$
[2013/06/02 01:01:32.080813,  3] ../source3/smbd/dosmode.c:160(unix_mode)

unix_mode(mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI)
returning 0644
[2013/06/02 01:01:32.080973,  2] ../source3/smbd/open.c:914(open_file)
  MTOLYMPUS\Administrator opened file
mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI
read=Yes write=No (numopen=1)
[2013/06/02 01:01:32.118390,  3]
../source3/smbd/smb2_read.c:352(smb2_read_complete)
  smbd_smb2_read: fnum 3959339474, file
mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI,
length=20 offset=0 read=20
[2013/06/02 01:01:43.963700,  2]
../source3/smbd/close.c:850(close_normal_file)
  MTOLYMPUS\Administrator closed file
mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI
(numopen=0) NT_STATUS_OK
[2013/06/02 01:01:56.053624,  1] ../source3/smbd/service.c:1121(close_cnum)
  10.0.0.106 (ipv4:10.0.0.106:50965) closed connection to service sysvol
[2013/06/02 01:01:56.101360,  2]
../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming)
  smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
[2013/06/02 01:01:56.101562,  3]
../source3/smbd/server_exit.c:218(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
[2013/06/02 01:14:53.720664,  3] ../source3/lib/access.c:338(allow_access)
  Allowed connection from 10.0.0.106 (10.0.0.106)
[2013/06/02 01:14:53.720865,  3] ../source3/smbd/oplock.c:985(init_oplocks)
  init_oplocks: initializing messages.
[2013/06/02 01:14:53.721068,  3] ../source3/smbd/process.c:1794(process_smb)
  Transaction 0 of length 159 (0 toread)
....
[2013/06/02 01:14:53.935429,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [dfs_samba4]
[2013/06/02 01:14:53.935474,  2]
../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr)
  connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true'
and 'force unknown acl user = true' for service IPC$
[2013/06/02 01:14:53.938641,  3]
../source3/smbd/service.c:847(make_connection_snum)
  10.0.0.106 (ipv4:10.0.0.106:63570) connect to service IPC$ initially as
user MTOLYMPUS\GM-BED-DESK-01$ (uid=3000017, gid=3000018) (pid 7083)
[2013/06/02 01:15:05.833518,  3] ../source3/smbd/service.c:1121(close_cnum)
  10.0.0.106 (ipv4:10.0.0.106:63570) closed connection to service IPC$
[2013/06/02 01:15:05.876373,  2]
../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming)
  smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
[2013/06/02 01:15:05.876577,  3]
../source3/smbd/server_exit.c:218(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
[2013/06/02 01:29:54.103668,  3] ../source3/lib/access.c:338(allow_access)
  Allowed connection from 10.0.0.106 (10.0.0.106)
[2013/06/02 01:29:54.103869,  3] ../source3/smbd/oplock.c:985(init_oplocks)
.....
[2013/06/02 01:29:54.172003,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2013/06/02 01:29:54.265211,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2013/06/02 01:29:54.273773,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of privilege.ldb
[2013/06/02 01:29:54.313487,  2]
../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming)
  smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
[2013/06/02 01:29:54.313683,  3]
../source3/smbd/server_exit.c:218(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
[2013/06/02 01:29:54.355509,  3] ../source3/lib/access.c:338(allow_access)
  Allowed connection from 10.0.0.106 (10.0.0.106)
[2013/06/02 01:29:54.355707,  3] ../source3/smbd/oplock.c:985(init_oplocks)
  init_oplocks: initializing messages.
[2013/06/02 01:29:54.355914,  3] ../source3/smbd/process.c:1794(process_smb)
  Transaction 0 of length 110 (0 toread)
[2013/06/02 01:29:54.356143,  3]
../source3/smbd/smb2_negprot.c:243(smbd_smb2_request_process_negprot)
  Selected protocol SMB3_00
[2013/06/02 01:29:54.358053,  3]
../auth/gensec/gensec_start.c:868(gensec_register)
  GENSEC backend 'gssapi_spnego' registered
[2013/06/02 01:29:54.358112,  3]
../auth/gensec/gensec_start.c:868(gensec_register)
.............
  AUTH backend 'name_to_ntstatus' registered
[2013/06/02 01:29:54.378775,  3]
../source4/auth/ntlm/auth.c:673(auth_register)
  AUTH backend 'unix' registered
[2013/06/02 01:29:54.428154,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2013/06/02 01:29:54.436766,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of privilege.ldb
[2013/06/02 01:29:54.476359,  2]
../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming)
  smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
[2013/06/02 01:29:54.476559,  3]
../source3/smbd/server_exit.c:218(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
[2013/06/02 01:29:54.519457,  3] ../source3/lib/access.c:338(allow_access)
  Allowed connection from 10.0.0.106 (10.0.0.106)
[2013/06/02 01:29:54.519661,  3] ../source3/smbd/oplock.c:985(init_oplocks)
......
[2013/06/02 01:29:54.705779,  3]
../source4/auth/ntlm/auth.c:673(auth_register)
  AUTH backend 'unix' registered
[2013/06/02 01:29:54.761056,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2013/06/02 01:29:54.769570,  3]
../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect)
  ldb_wrap open of privilege.ldb
[2013/06/02 01:29:54.806357,  2]
../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming)
  smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET
[2013/06/02 01:29:54.806565,  3]
../source3/smbd/server_exit.c:218(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)





On Sun, Jun 2, 2013 at 1:26 AM, Thomas Simmons <twsnnva at gmail.com> wrote:

> Hi Gary,
>
> Unfortunately, I have been all but taken away from my primary job over the
> past few month - our company headquarters just relocated this past weekend
> and I've been dealing with the preparation and execution of that. I hope to
> get back to this very soon. All I could do was increase my DHCP lease time
> so IPs would not change so frequently. When some system is showing weird,
> off-the-wall problems, the first thing I check is the DNS record. I've
> moved many systems to static IPs. Like you, I've been a Linux enthusiast
> for many years, and have been doing this for a living since the 90's. For
> 7-8 years I was the only person in IT and never had a problem I couldn't
> figure out before this. Unfortunately, there simply isn't enough
> information to troubleshoot the problem as nothing useful gets logged. The
> best information I've found was from BIND's debug output:
>
> 28-Mar-2013 08:26:15.759 failed gss_inquire_cred: GSSAPI error: Major
> = Unspecified GSS failure.  Minor code may provide more information,
> Minor = Success.
> 28-Mar-2013 08:26:15.760 failed gss_accept_sec_context: GSSAPI error:
> Major = Unspecified GSS failure.  Minor code may provide more
> information, Minor = .
> 28-Mar-2013 08:26:15.760 process_gsstkey(): dns_tsigerror_badkey
>
>
> Sadly, migrating to Windows Server may be the only solution. If you do come up with something, please let me know. In total, I spent at least 50-60 man hours on this and got nowhere.
>
>
>
> On Sun, Jun 2, 2013 at 3:56 AM, Gary Maurizi <garymaurizi at gmail.com>wrote:
>
>> Thomas,
>>
>> Your post was exactly what I was referring too! small world.
>>
>> Unfortunately for me this is a feature I absolutely have to have working
>> for staff reasons, what did you end up doing ultimately? giving up? moving
>> distros?
>>
>> Thank you so much, I really appreciate your response and believe that if
>> this many people have had this issue without resolve this is a bug that
>> needs to be acknowledged, tracked, reported, and resolved.
>>
>>
>> On Sun, Jun 2, 2013 at 12:53 AM, Thomas Simmons <twsnnva at gmail.com>wrote:
>>
>>> Myself and another person ran into this a few months back. We couldn't
>>> find a solution.
>>>
>>> https://lists.samba.org/archive/samba/2013-March/172368.html
>>> http://lists.samba.org/archive/samba/2013-April/172670.html
>>>
>>>
>>>  On Sun, Jun 2, 2013 at 3:04 AM, Gary Maurizi <garymaurizi at gmail.com>wrote:
>>>
>>>>  I have tried everything, This is CentOS 6.4 with SELinux DISABLED, Bind
>>>> version BIND 9.8.2rc1-RedHat-9.8.2-0.17, samba 4.0.6 downloaded as a
>>>> tar.gz
>>>> from samba.org --  I have read EVERY maillinglist, IRC Log, how-to on
>>>> google, tutorial on samba.org, and many many people have had this
>>>> problem
>>>> and not once have any of the posters resolved it, so I am now a
>>>> desperate
>>>> man reaching out to you with as much information as I can give, I
>>>> pray(and
>>>> I'm not a religious man) one of you can help me. I am on a timeclock
>>>> here.
>>>>
>>>> I have included every config, every related log, the output of every
>>>> command to test samba, at the following URL:
>>>> http://pastebin.com/2XvbRzQh
>>>>
>>>> I desperately do not want to install windows server, when I have the
>>>> opportunity to learn the samba way of things, I am an avid open source
>>>> enthusiast here, and I've been running some flavor of linux for 16
>>>> years,
>>>> and samba for about as long.
>>>>
>>>> The error I am left with, and little to no other information in my logs
>>>> is
>>>> thus:
>>>>
>>>> 01-Jun-2013 14:56:05.799 samba_dlz: starting transaction on zone
>>>> mtolympus.local
>>>> 01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: update
>>>> 'mtolympus.local/IN' denied
>>>> 01-Jun-2013 14:56:05.800 samba_dlz: cancelling transaction on zone
>>>> mtolympus.local
>>>>
>>>> Thanks beyond measure for your help,
>>>> Beers on me if you're a local.
>>>> --GM.
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>
>>>
>>>
>>
>


More information about the samba mailing list