[Samba] Totally missing the mark here

Tue May 27 05:56:50 MDT 2014

On 27/05/14 12:51, Steve Campbell wrote:
>
> On 5/27/2014 7:36 AM, Steve Campbell wrote:
>>
>> On 5/23/2014 4:45 PM, Rowland Penny wrote:
>>> On 23/05/14 21:01, Steve Campbell wrote:
>>>> Thanks Greg,
>>>>
>>>> That's the link I was following. I got down to the line for testing 
>>>> connectivity:
>>>>
>>>> /usr/local/samba/bin/smbclient -L localhost -U%
>>>>
>>>> And I received an error, (I've been glaring at the screen all day 
>>>> and can't remember the message, but it's the first thing done other 
>>>> than starting samba, so I figure it's a botched job).
>>>
>>> Without knowing what the error message said, nobody is going to be 
>>> able to help you ;-)
>>>
>>>>
>>>> The smb.conf file seems awful short as well. There's other readings 
>>>> out there with lots more to it, so I may follow those for a while 
>>>> and see if I don't get further lost.
>>>>
>>>
>>> The standard smb.conf on a Samba 4 AD DC is pretty short, please do 
>>> not just add anything to it without fully understanding what is 
>>> going to happen if you do.
>>>
>>> If in doubt, please ask any questions.
>>>
>>> Rowland
>>>
>>>> You all have a happy holiday if you're in the parts of the world 
>>>> that celebrates.
>>>>
>>>> Thanks all.
>>>>
>>>> steve
>>>> On 5/23/2014 3:38 PM, Gregory Sloop wrote:
>>>>> I haven't been following the list carefully, but have you followed 
>>>>> the Samba wiki?
>>>>>
>>>>> http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
>>>>>
>>>>> This should get you setup with an AD quite quickly.
>>>>> I'm not sure about the sernet packages - I've seen _some_ problems 
>>>>> in the past, but perhaps those reports are not valid any more. 
>>>>> Frankly, compiling your own isn't half hard. [And since there 
>>>>> aren't any good [read: current] distro supported packages you end 
>>>>> up having to do "manual" updates anyway - so compiling is a little 
>>>>> more hard than just installing a package, but also tends to help 
>>>>> remove any potential problems/compatibility issues that often crop 
>>>>> up from a package
>>>>>
>>>>> [But that's all mainly an aside. Start with the Wiki and go from 
>>>>> there. If it doesn't work be specific with your questions etc.]
>>>>>
>>>>> -Greg
>>>>>
>>>>>
>>>>> SC> I have to say I probably shouldn't have read that version 3 
>>>>> samba book,
>>>>> SC> but I did, so I'm thoroughly confused about what I should be 
>>>>> doing to
>>>>> SC> get this server configured properly.
>>>>>
>>>>> SC> I have installed the Sernet rpms on this server. For now, I'm 
>>>>> going to
>>>>> SC> run the AD on the same server as the file shares.
>>>>>
>>>>> SC> Using the wiki as a guide, I've followed the provisioning but 
>>>>> the first
>>>>> SC> tests don't seem to succeed.
>>>>>
>>>>> SC> Am I doing this backwards? Should I first make this server a 
>>>>> normal
>>>>> SC> Samba file server that will allow users to mount shares 
>>>>> manually before
>>>>> SC> proceeding on to AD stuff. I'm not seeing how I can have any 
>>>>> valid users
>>>>> SC> or anything following the wiki. It's like it should be Chapter 44
>>>>> SC> instead of the first prolog.
>>>>>
>>>>> SC> This is really humbling.
>>>>>
>>>>> SC> I could use some pointers in how to bring a new server up to an
>>>>> SC> AD/DC+fileserver.
>>>>>
>>>>> SC> Thanks for any help. For now, I'll dig in and read as much as 
>>>>> I can.
>>>>>
>>>>> SC> steve campbell 
>>
>> It was late Friday, and the problem had just drained me. I was mostly 
>> wondering about my procedure more that what was wrong. Anyway....
>>
>> Here's the command and resultant error:
>>
>> smbclient -L localhost -U%
>> Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)
>>
>> Here's what I'm running currently:
>>
>> samba --version
>> Version 4.1.7-SerNet-RedHat-8.el6
>>
>> The first error in the logs showing failure:
>>
>>   Failed to find object DC=cn,DC=cnpapers,DC=net for attribute 
>> fsmoRoleOwner - Cannot find attribute fsmoRoleOwner of 
>> DC=cn,DC=cnpapers,DC=net to calculate reference dn
>>
>> And on and on in the logs:
>>
>>  task_server_terminate: [dreplsrv: Failed to load partitions: 
>> WERR_DS_DRA_INTERNAL_ERROR
>>
>> task_server_terminate: [Cannot start Winbind (domain controller): 
>> Failed to find record for CN in /var/lib/samba/private/secrets.ldb: 
>> No such object: (null): Have you provisioned the CN domain?]
>>
>>  task_server_terminate: [kdc: hdb_samba4_create_kdc (setup KDC 
>> database) failed]
>>
>> This is why I'm questioning my procedure, and using the wiki 
>> instructions. It appears there is tons I'm not seeing that needs to 
>> be done.
>>
>> Thanks for all the patience. More reading for now.
>>
>> steve campbell
>>
>>
>>
> I'm going to try and provision this all over again as I'm not sure the 
> Windows guy here was providing the right answers. I'll read up on 
> those domain answers and do it again without help and see where I get.
>
> The wiki indicates I need to remove my smb.conf file. Is there 
> anything else needed to re-provision (keep in mind the original may 
> have been completely botched). I'm still wondering where the 
> secrets.tdb gets created since "Using Samba" seems to indicate I need 
> to create it manually, as I recall.
>
> steve
>
Before you do anything, please reply to my earlier email, oh and STOP 
read 'using Samba' it is like the curates egg, it is only good in parts. ;-)

Rowland