[Samba] ldb segment fault. Problem on joining as a DC member.

Günter Kukkukk linux at kukkukk.com
Wed Feb 5 21:07:21 MST 2014 

Am 06.02.2014 03:13, schrieb Chan Min Wai:
> believes it or not... the problem are simple.
> 
> Glic issue on long DNS so both server cannot request "
> 87e240b2-95f9-4cae-9dc6-c8412397eddf._msdcs.kl01.amtb-m.org.my'"
> 
> Solution :
> As per suggested in some old post.
> Add this in /etc/hosts (Different value for different HOST)

Hi,
where did you read that you should put "something" into your /etc/hosts file?
Please post that added entry from your /etc/hosts

When you get similar output like this:
dns child failed to find name 'f64118e1-75aa-40b7-b6c3-fd3cab85d65f._msdcs.addlz.kukkukk.com' of type A

then you should add a CNAME entry into that _msdcs. ...... zone, like this:

samba-tool dns add li4771-131 _msdcs.addlz.kukkukk.com f64118e1-75aa-40b7-b6c3-fd3cab85d65f CNAME linux4771.addlz.kukkukk.com
                      ^                ^                           ^                                       ^
                      |                |                           |                                       |
                   dns server     dns zone to modify          name of new entry                       new server to add to _msdcs.
                to use for adding
                the CNAME entry

When using the Microsoft DNS tool you should get something like:
http://picpaste.com/dns_msdcs-25TlwoaA.PNG

Cheers, Günter

> 
> Thank You...
> 
> But I do hope someone can advise on the ldb* segment fault...
> 
> 
> 
> 
> On Wed, Feb 5, 2014 at 11:15 PM, Chan Min Wai <dcmwai at gmail.com> wrote:
> 
>> Dear All,
>>
>> Need some help as I was trying to follow the guide below.
>>
>> https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
>>
>> Until the steps of
>>
>> ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)' --cross-ncs objectguid
>>
>>
>> and my ldbsearch reply with such a result.
>>
>> ldb: unable to dlopen /usr/lib64/samba/ldb/acl.so :
>> /usr/lib64/ldb/libreplace.so: version `SAMBA_4.1.4' not found (required by
>> /usr/lib64/samba/libkrb5-samba4.so.26)
>> ldb: unable to dlopen /usr/lib64/samba/ldb/aclread.so :
>> /usr/lib64/ldb/libreplace.so: version `SAMBA_4.1.4' not found (required by
>> /usr/lib64/samba/libsamba-security.so)
>> ldb: unable to dlopen /usr/lib64/samba/ldb/anr.so :
>> /usr/lib64/ldb/libreplace.so: version `SAMBA_4.1.4' not found (required by
>> /usr/lib64/libsamba-util.so.0)
>> Segmentation fault
>>
>> I'm sure that all files are there...
>>
>> as for the DC member.
>> I can join without problem...
>>
>> When do samba single I notice the following ---> "WERR_BADFILE"
>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>> imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.2299.98
>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>> imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.2299.98
>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:16 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:22 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:27 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:32 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:37 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:42 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:47 2014 MYT
>> wb_irpc_get_idmap called
>> wb_sids2xids_send called
>> wb_irpc_get_idmap_callback called
>> wb_sids2xids_recv called
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:52 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:12:57 2014 MYT
>> Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED'
>> imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.2299.96
>> single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:02 2014 MYT
>> Kerberos: AS-REQ AMTBSERVER$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.20:44354 for krbtgt/KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY
>> Kerberos: No preauth found, returning PREAUTH-REQUIRED -- AMTBSERVER$@
>> KL01.AMTB-M.ORG.MY
>> Kerberos: TGS-REQ AMTBSERVER$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.20:33877 for krbtgt/KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY[forwarded, forwardable]
>> Kerberos: TGS-REQ authtime: 2014-02-05T22:12:58 starttime:
>> 2014-02-05T22:12:58 endtime: 2014-02-06T08:12:58 renew till: unset
>> Kerberos: TGS-REQ AMTBSERVER$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.20:37638 for ldap/
>> amtbserver.kl01.amtb-m.org.my at KL01.AMTB-M.ORG.MY [canonicalize]
>> Kerberos: TGS-REQ authtime: 2014-02-05T22:12:58 starttime:
>> 2014-02-05T22:12:58 endtime: 2014-02-06T08:12:58 renew till: unset
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:07 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:12 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:17 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:22 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:27 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:32 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:37 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:42 2014 MYT
>> Kerberos: AS-REQ AMTBSRV02$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.24:36114 for krbtgt/KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY
>> Kerberos: No preauth found, returning PREAUTH-REQUIRED -- AMTBSRV02$@
>> KL01.AMTB-M.ORG.MY
>> Kerberos: AS-REQ AMTBSRV02$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.25:41604 for krbtgt/KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY
>> Kerberos: Client sent patypes: encrypted-timestamp
>> Kerberos: Looking for PKINIT pa-data -- AMTBSRV02$@KL01.AMTB-M.ORG.MY
>> Kerberos: Looking for ENC-TS pa-data -- AMTBSRV02$@KL01.AMTB-M.ORG.MY
>> Kerberos: ENC-TS Pre-authentication succeeded -- AMTBSRV02$@
>> KL01.AMTB-M.ORG.MY using arcfour-hmac-md5
>> authsam_account_ok: Checking SMB password for user AMTBSRV02$@
>> KL01.AMTB-M.ORG.MY
>> logon_hours_ok: No hours restrictions for user AMTBSRV02$@
>> KL01.AMTB-M.ORG.MY
>> Kerberos: AS-REQ authtime: 2014-02-05T22:13:39 starttime: unset endtime:
>> 2014-02-06T08:13:39 renew till: unset
>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>> aes128-cts-hmac-sha1-96, des3-cbc-sha1, des3-cbc-md5, arcfour-hmac-md5,
>> using arcfour-hmac-md5/arcfour-hmac-md5
>> Kerberos: Requested flags: forwardable
>> Kerberos: TGS-REQ AMTBSRV02$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.25:34819 for ldap/
>> AMTBSRV02.KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY [canonicalize]
>> Kerberos: TGS-REQ authtime: 2014-02-05T22:13:39 starttime:
>> 2014-02-05T22:13:39 endtime: 2014-02-06T08:13:39 renew till: unset
>> Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED'
>> imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.2299.96
>> single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() -
>> NT_STATUS_CONNECTION_DISCONNECTED]
>> Kerberos: TGS-REQ AMTBSRV02$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.24:40001 for ldap/
>> AMTBSRV02.KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY
>> Kerberos: TGS-REQ authtime: 2014-02-05T22:13:39 starttime:
>> 2014-02-05T22:13:40 endtime: 2014-02-06T08:13:39 renew till: unset
>> Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
>> - NT_STATUS_CONNECTION_DISCONNECTED'
>> imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.2299.96
>> single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() -
>> NT_STATUS_CONNECTION_DISCONNECTED]
>> Kerberos: TGS-REQ AMTBSRV02$@KL01.AMTB-M.ORG.MY from ipv4:
>> 192.168.11.25:56393 for krbtgt/KL01.AMTB-M.ORG.MY at KL01.AMTB-M.ORG.MY[forwarded, forwardable]
>> Kerberos: TGS-REQ authtime: 2014-02-05T22:13:39 starttime:
>> 2014-02-05T22:13:40 endtime: 2014-02-06T08:13:39 renew till: unset
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:47 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:52 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:13:57 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:14:02 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:14:07 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:14:12 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:14:17 2014 MYT
>> dreplsrv_notify_schedule(5) scheduled for: Wed Feb  5 22:14:22 2014 MYT
>> dreplsrv_periodic_run(): schedule pull replication
>>
>> dreplsrv_refresh_partition(DC=DomainDnsZones,DC=kl01,DC=amtb-m,DC=org,DC=my)
>> dreplsrv_out_connection_attach(87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my): attach
>>
>> dreplsrv_refresh_partition(DC=ForestDnsZones,DC=kl01,DC=amtb-m,DC=org,DC=my)
>> dreplsrv_out_connection_attach(87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my): attach
>> dreplsrv_refresh_partition(DC=kl01,DC=amtb-m,DC=org,DC=my)
>> dreplsrv_out_connection_attach(87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my): attach
>>
>> dreplsrv_refresh_partition(CN=Schema,CN=Configuration,DC=kl01,DC=amtb-m,DC=org,DC=my)
>> dreplsrv_out_connection_attach(87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my): attach
>> dreplsrv_refresh_partition(CN=Configuration,DC=kl01,DC=amtb-m,DC=org,DC=my)
>> dreplsrv_out_connection_attach(87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my): attach
>> dreplsrv_periodic_run(): run pending_ops memory=233
>> ../source4/dsdb/repl/drepl_ridalloc.c:239: Requesting more RIDs from RID
>> Manager
>> dreplsrv_out_connection_attach(87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my): attach
>> dreplsrv_periodic_schedule(300) scheduled for: Wed Feb  5 22:19:21 2014 MYT
>> Mapped to DCERPC endpoint 135
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> dns child failed to find name '87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my' of type A
>> dreplsrv_op_pull_source(WERR_BADFILE) for
>> DC=DomainDnsZones,DC=kl01,DC=amtb-m,DC=org,DC=my
>> Mapped to DCERPC endpoint 135
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> dns child failed to find name '87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my' of type A
>> dreplsrv_op_pull_source(WERR_BADFILE) for
>> DC=ForestDnsZones,DC=kl01,DC=amtb-m,DC=org,DC=my
>> Mapped to DCERPC endpoint 135
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> dns child failed to find name '87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my' of type A
>> dreplsrv_op_pull_source(WERR_BADFILE) for DC=kl01,DC=amtb-m,DC=org,DC=my
>> Mapped to DCERPC endpoint 135
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> dns child failed to find name '87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my' of type A
>> dreplsrv_op_pull_source(WERR_BADFILE) for
>> CN=Schema,CN=Configuration,DC=kl01,DC=amtb-m,DC=org,DC=my
>> Mapped to DCERPC endpoint 135
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> dns child failed to find name '87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my' of type A
>> dreplsrv_op_pull_source(WERR_BADFILE) for
>> CN=Configuration,DC=kl01,DC=amtb-m,DC=org,DC=my
>> Mapped to DCERPC endpoint 135
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s0 ip=192.168.11.24 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s2 ip=192.168.11.25 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s3 ip=192.168.11.26 bcast=192.168.11.255
>> netmask=255.255.255.0
>> added interface enp2s4 ip=192.168.11.27 bcast=192.168.11.255
>> netmask=255.255.255.0
>> dns child failed to find name '87e240b2-95f9-4cae-9dc6-c8412397eddf._
>> msdcs.kl01.amtb-m.org.my' of type A
>> dreplsrv_op_pull_source(WERR_BADFILE) for CN=RID
>> Manager$,CN=System,DC=kl01,DC=amtb-m,DC=org,DC=my
>> ../source4/dsdb/repl/drepl_ridalloc.c:43: RID Manager failed RID
>> allocation - WERR_BADFILE - extended_ret[0x0]
>> kccsrv_periodic_run(): update
>> Testing kcctpl_create_intersite_connections
>> NT_STATUS_OK
>> all_connected=1, 0 GUIDs returned
>> found 1 existing nTDSConnection objects
>> 0 connections have been deleted
>> 0 connections have been added
>>
>>
>>
>> samba-tool drs showrepl from DC1 seem to be ok
>> and also when  samba-tool drs showrepl From DC2
>> amtbsrv02 ~ # samba-tool drs showrepl
>>
>> Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
>> e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:
>> amtbsrv02.kl01.amtb-m.org.my[1024,seal] NT_STATUS_UNSUCCESSFUL
>> ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to
>> amtbsrv02.kl01.amtb-m.org.my failed - drsException: DRS connection to
>> amtbsrv02.kl01.amtb-m.org.my failed: (-1073741823, 'Undetermined error')
>>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/drs.py", line 39,
>> in drsuapi_connect
>>     (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) =
>> drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
>>   File "/usr/lib64/python2.7/site-packages/samba/drs_utils.py", line 54,
>> in drsuapi_connect
>>     raise drsException("DRS connection to %s failed: %s" % (server, e))
>>
>> Please help....
>>


--

More information about the samba mailing list