[Samba] smbclient broken after update

Rowland Penny rowlandpenny at googlemail.com
Fri Feb 14 15:34:05 MST 2014 

On 14/02/14 22:01, Peter Serbe wrote:
>
> Rowland Penny schrieb am 14.02.2014 21:44:
>
>> OK, have you set up /etc/krb5.conf ?
>>
>> it should look like this:
> [snip]
>> Did you join the domain ?
>>
>> net ads join -U administrator
>>
>> After this I am lost.
>>
>> Rowland
>>
> Dear Rowland,
>
> First of all: Thank You very much for Your patient assistance.
> Unfortunately it looks like I will wipe out samba and restart it
> from scratch (which I hate, as it means to concede there was
> something going on, which I couldn't understand).
>
> I did follow Your advice and updated the krb5.conf - after a
> reboot I found that the ticket cache has been empty, i.e. k5start
> seemed to stop working (but that doesn't worry me much). So I
> did a kinit using my non-admin acount, and then I observe this:
> (follows below...)
> Btw, something is fishy with the accounts. I have to log in as
> DOM\Administrator instead of root. Otherwise I can't open an
> ssh in the root account. Then the SSH shell starts in the
> home directory of the domain admin, not in /root. I will try
> to fix this, before I start the stepwise uninstallation of
> samba.
>
> Nevertheless: A big Thank You % best regards
> Peter
>
>
>
>
> PS: the transscript of the try to join the domain:
> (from the non-root account)
>
> peter at ulysses:~$ net ads join -U administrator -d10
> INFO: Current debug levels:
>    all: 10
>    tdb: 10
>    printdrivers: 10
>    lanman: 10
>    smb: 10
>    rpc_parse: 10
>    rpc_srv: 10
>    rpc_cli: 10
>    passdb: 10
>    sam: 10
>    auth: 10
>    winbind: 10
>    vfs: 10
>    idmap: 10
>    quota: 10
>    acls: 10
>    locking: 10
>    msdfs: 10
>    dmapi: 10
>    registry: 10
>    scavenger: 10
>    dns: 10
>    ldb: 10
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> INFO: Current debug levels:
>    all: 10
>    tdb: 10
>    printdrivers: 10
>    lanman: 10
>    smb: 10
>    rpc_parse: 10
>    rpc_srv: 10
>    rpc_cli: 10
>    passdb: 10
>    sam: 10
>    auth: 10
>    winbind: 10
>    vfs: 10
>    idmap: 10
>    quota: 10
>    acls: 10
>    locking: 10
>    msdfs: 10
>    dmapi: 10
>    registry: 10
>    scavenger: 10
>    dns: 10
>    ldb: 10
> params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
> Processing section "[global]"
> doing parameter workgroup = SERBE
> doing parameter realm = SERBE.LOCAL
> doing parameter netbios name = ULYSSES
> doing parameter server string = Ulysses
> doing parameter server role = active directory domain controller
> doing parameter server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
> doing parameter wins support = yes
> doing parameter security = user
> doing parameter public = no
> doing parameter username map = /usr/local/samba/etc/users.map
> doing parameter local master = yes
> doing parameter preferred master = yes
> doing parameter os level = 65
> doing parameter template shell = /bin/bash
> doing parameter passdb backend = samba4
> doing parameter socket options = TCP_NODELAY IPTOS_LOWDELAY
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> Netbios name list:-
> my_netbios_names[0]="ULYSSES"
> added interface eth0 ip=192.168.41.10 bcast=192.168.41.255 netmask=255.255.255.0
> Unable to create directory /var/run/samba for file messages.tdb. Error was Keine Berechtigung

Why is it trying to create messages.tdb in /var/run/samba ? My 
understanding is that you compiled samba4 yourself, in which case it 
should be in  /usr/local/samba/var/lock/

Whoa, hang on, never mind the above, why is the smb.conf the smb.conf 
that you had on the samba4 server????

Is the above join being run on the server or the client, if the later, 
then you have a real problem and it may be easier to start again, if it 
is the former, well you do not join an AD DC server to itself, that is 
done automatically at provision time.

Rowland
> ERROR: Failed to initialise messages database: Keine Berechtigung
> messaging_tdb_init failed: NT_STATUS_ACCESS_DENIED
> Host is not configured as a member server.
> Invalid configuration.  Exiting....
> Failed to join domain: This operation is only allowed for the PDC of the domain.
> return code = -1
> Opening cache file at /var/cache/samba/gencache.tdb
> tdb(/var/cache/samba/gencache.tdb): tdb_open_ex: could not open file /var/cache/samba/gencache.tdb: Keine Berechtigung
> tdb(/var/cache/samba/gencache.tdb): tdb_open_ex: could not open file /var/cache/samba/gencache.tdb: Datei oder Verzeichnis nicht gefunden
> Attempt to open gencache.tdb has failed.
> peter at ulysses:~$
>
>
>

More information about the samba mailing list