[Samba] Totally missing the mark here

L.P.H. van Belle belle at bazuin.nl
Tue May 27 07:16:15 MDT 2014 

Steve. 

Look at my scripts, yes they are debian based, but look what the commands do.
convert it to red hat.  

The order of what the scripts are doing are most important. 

Or go for debian and just use my scripts.

look here https://secure.bazuin.nl/scripts/

when i start with a virtual server with only ssh installed, i install 3 servers; 
2 DC's and 1 member in about 15 min, with bidirectional sysvol sync. 


Greetz, 

Louis



>-----Oorspronkelijk bericht-----
>Van: campbell at cnpapers.com 
>[mailto:samba-bounces at lists.samba.org] Namens Steve Campbell
>Verzonden: dinsdag 27 mei 2014 15:02
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Totally missing the mark here
>
>
>On 5/27/2014 7:53 AM, Rowland Penny wrote:
>> On 27/05/14 12:36, Steve Campbell wrote:
>>>
>>> On 5/23/2014 4:45 PM, Rowland Penny wrote:
>>>> On 23/05/14 21:01, Steve Campbell wrote:
>>>>> Thanks Greg,
>>>>>
>>>>> That's the link I was following. I got down to the line 
>for testing 
>>>>> connectivity:
>>>>>
>>>>> /usr/local/samba/bin/smbclient -L localhost -U%
>>>>>
>>>>> And I received an error, (I've been glaring at the screen all day 
>>>>> and can't remember the message, but it's the first thing 
>done other 
>>>>> than starting samba, so I figure it's a botched job).
>>>>
>>>> Without knowing what the error message said, nobody is going to be 
>>>> able to help you ;-)
>>>>
>>>>>
>>>>> The smb.conf file seems awful short as well. There's 
>other readings 
>>>>> out there with lots more to it, so I may follow those for a while 
>>>>> and see if I don't get further lost.
>>>>>
>>>>
>>>> The standard smb.conf on a Samba 4 AD DC is pretty short, 
>please do 
>>>> not just add anything to it without fully understanding what is 
>>>> going to happen if you do.
>>>>
>>>> If in doubt, please ask any questions.
>>>>
>>>> Rowland
>>>>
>>>>> You all have a happy holiday if you're in the parts of the world 
>>>>> that celebrates.
>>>>>
>>>>> Thanks all.
>>>>>
>>>>> steve
>>>>> On 5/23/2014 3:38 PM, Gregory Sloop wrote:
>>>>>> I haven't been following the list carefully, but have 
>you followed 
>>>>>> the Samba wiki?
>>>>>>
>>>>>> http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
>>>>>>
>>>>>> This should get you setup with an AD quite quickly.
>>>>>> I'm not sure about the sernet packages - I've seen 
>_some_ problems 
>>>>>> in the past, but perhaps those reports are not valid any more. 
>>>>>> Frankly, compiling your own isn't half hard. [And since there 
>>>>>> aren't any good [read: current] distro supported 
>packages you end 
>>>>>> up having to do "manual" updates anyway - so compiling 
>is a little 
>>>>>> more hard than just installing a package, but also tends to help 
>>>>>> remove any potential problems/compatibility issues that 
>often crop 
>>>>>> up from a package
>>>>>>
>>>>>> [But that's all mainly an aside. Start with the Wiki and go from 
>>>>>> there. If it doesn't work be specific with your questions etc.]
>>>>>>
>>>>>> -Greg
>>>>>>
>>>>>>
>>>>>> SC> I have to say I probably shouldn't have read that version 3 
>>>>>> samba book,
>>>>>> SC> but I did, so I'm thoroughly confused about what I should be 
>>>>>> doing to
>>>>>> SC> get this server configured properly.
>>>>>>
>>>>>> SC> I have installed the Sernet rpms on this server. For 
>now, I'm 
>>>>>> going to
>>>>>> SC> run the AD on the same server as the file shares.
>>>>>>
>>>>>> SC> Using the wiki as a guide, I've followed the 
>provisioning but 
>>>>>> the first
>>>>>> SC> tests don't seem to succeed.
>>>>>>
>>>>>> SC> Am I doing this backwards? Should I first make this server a 
>>>>>> normal
>>>>>> SC> Samba file server that will allow users to mount shares 
>>>>>> manually before
>>>>>> SC> proceeding on to AD stuff. I'm not seeing how I can have any 
>>>>>> valid users
>>>>>> SC> or anything following the wiki. It's like it should 
>be Chapter 44
>>>>>> SC> instead of the first prolog.
>>>>>>
>>>>>> SC> This is really humbling.
>>>>>>
>>>>>> SC> I could use some pointers in how to bring a new 
>server up to an
>>>>>> SC> AD/DC+fileserver.
>>>>>>
>>>>>> SC> Thanks for any help. For now, I'll dig in and read 
>as much as 
>>>>>> I can.
>>>>>>
>>>>>> SC> steve campbell 
>>>
>>> It was late Friday, and the problem had just drained me. I 
>was mostly 
>>> wondering about my procedure more that what was wrong. Anyway....
>>>
>>> Here's the command and resultant error:
>>>
>>> smbclient -L localhost -U%
>>> Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)
>>
>> This is what I get on my test domain:
>>
>> Domain=[DOMAIN] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
>>
>>     Sharename       Type      Comment
>>     ---------       ----      -------
>>     IPC$            IPC       IPC Service (Samba 4.1.6-Ubuntu)
>>     share_b         Disk
>>     home            Disk
>>     testshare       Disk
>>     sysvol          Disk
>>     netlogon        Disk
>> Domain=[DOMAIN] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
>>
>>     Server               Comment
>>     ---------            -------
>>
>>     Workgroup            Master
>>     ---------            -------
>>     WORKGROUP
>>
>>
>>>
>>> Here's what I'm running currently:
>>>
>>> samba --version
>>> Version 4.1.7-SerNet-RedHat-8.el6
>>>
>>> The first error in the logs showing failure:
>>>
>>>   Failed to find object DC=cn,DC=cnpapers,DC=net for attribute 
>>> fsmoRoleOwner - Cannot find attribute fsmoRoleOwner of 
>>> DC=cn,DC=cnpapers,DC=net to calculate reference dn
>>>
>>> And on and on in the logs:
>>>
>>>  task_server_terminate: [dreplsrv: Failed to load partitions: 
>>> WERR_DS_DRA_INTERNAL_ERROR
>>>
>>> task_server_terminate: [Cannot start Winbind (domain controller): 
>>> Failed to find record for CN in /var/lib/samba/private/secrets.ldb: 
>>> No such object: (null): Have you provisioned the CN domain?]
>>>
>>>  task_server_terminate: [kdc: hdb_samba4_create_kdc (setup KDC 
>>> database) failed]
>>
>> What was your provision command ? and when you say that you have 
>> followed the wiki, what page(s) in particular ?
>>
>> Rowland
>>
>>>
>>> This is why I'm questioning my procedure, and using the wiki 
>>> instructions. It appears there is tons I'm not seeing that needs to 
>>> be done.
>>>
>>> Thanks for all the patience. More reading for now.
>>>
>>> steve campbell
>>>
>>>
>>>
>>
>I am using this page:
>https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
>
>I am using this command to provision:
>
>/usr/local/samba/bin/samba-tool domain provision --use-rfc2307 
>--interactive
>
>I'm using the old version 3 book to make sure I understand the 
>questions 
>that "--interactive" asks, in particular, the ones about the domain.
>
>I'm fairly certain that those domain questions might be the 
>biggest part 
>of the problem.
>
>steve
>
>
>
>
>
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list