[Samba] Samba 4.1.7 CTDB winbind not syncing when connected to MS AD 2008R2 - WAS: Re: Samba 4.1.7 clustering not using private dir

Taylor, Jonn jonnt at taylortelephone.com
Fri May 2 13:06:37 MDT 2014 

On 05/02/2014 01:07 PM, Ali Bendriss wrote:
>
>
> On 05/02/2014 05:57 PM, Taylor, Jonn wrote:
>> On 05/02/2014 11:22 AM, Rowland Penny wrote:
>>> On 02/05/14 17:17, Günter Kukkukk wrote:
>>>> Am 02.05.2014 18:00, schrieb Rowland Penny:
>>>>> On 02/05/14 16:56, steve wrote:
>>>>>> On Fri, 2014-05-02 at 10:29 -0500, Taylor, Jonn wrote:
>>>>>>
>>>>>> Hi
>>>>>> May not be relevant but:
>>>>>>>        idmap config * : schema_mode = rfc2307
>>>>>>>        idmap config TAYLORTELEPHONE:backend = rid
>>>>>> You specify rfc2307 but then use rid.
>>>>>>
>>>>>>>        idmap config TAYLORTELEPHONE:range = 500-4000000
>>>>>>>        idmap config * : range = 1000-4000000
>>>>>> ranges overlap.
>>>>>>
>>>>>>
>>>>> I wonder if all your problems have anything to do with this line:
>>>>>
>>>>> A cluster file system with Samba requires CTDB to be able to do it
>>>>> safely. And CTDB and AD DC are incompatible.
>>>>>
>>>>> Which you can find at the bottom of this page:
>>>>>
>>>>> https://wiki.samba.org/index.php/SysVol_Replication
>>>>>
>>>>> Rowland
>>>> He's not using an AD DC, but an AD member server, see
>>>>     security = ADS
>>>> etc. in smb.conf
>>>>
>>>> Cheers, Günter
>>>
>>> So, as long as none of the cluster machines are an AD DC it should 
>>> work ?
>>>
>>> Rowland
>>>
>> This is a 2 node file cluster serving nfs and smb. CentOS 6 x86_64 on 2
>> identical HP DL385 servers with P400 raid array. Our AD servers are
>> windows 2008r2. This same setup worked very well under 3.6!
>>
>> Jonn
>>
>
> Reading the smb.conf it seams that you need now to explicitly set 
> ctdbd socket = /tmp/ctdb.socket (or whatever it is) in smb.conf
> cf man smb.conf
> A verbose testparm may give you more info.
> I don't have access to a samba server so I can't test it.
>
> good luck
>
> -- 
> Ali
I am setting that in the config file. It just doesn't show up when you 
run testparam.

cat /etc/samba/smb.conf
[global]
     workgroup = TAYLORTELEPHONE
     realm = TAYLORTELEPHONE.COM
     netbios name = SHR01
     netbios aliases = NODE1 NODE2
     server string = Cluster Share
     interfaces = eth0, lo
     security = ADS
     clustering = Yes
     ctdbd socket = /tmp/ctdb.socket
     cluster addresses = 192.168.173.183 192.168.173.184 192.168.173.3 
192.168.173.4
     log file = /var/log/samba/log.samba
     log level = 5
     server max protocol = SMB3
     server min protocol = NT1
     client signing = auto
     server signing = auto
     printcap name = /etc/printcap
     wins server = 192.168.173.13, 192.168.173.14
     template shell = /bin/bash
     winbind enum users = Yes
     winbind enum groups = Yes
     winbind use default domain = Yes
     winbind refresh tickets = True
     winbind offline logon = True
     idmap config * : range = 1000-4000000
     idmap config TAYLORTELEPHONE:range = 500-4000000
     idmap config TAYLORTELEPHONE:backend = rid
     idmap config * : schema_mode = rfc2307
     idmap config * : backend = tdb2
     admin users = "@TAYLORTELEPHONE\Domain Admins"
     inherit acls = Yes
     map acl inherit = Yes
     fileid:algorithm = fsname

Jonn

More information about the samba mailing list