[Samba] Totally missing the mark here

Steve Campbell campbell at cnpapers.com
Tue May 27 11:38:55 MDT 2014

On 5/27/2014 12:36 PM, Rowland Penny wrote:
> On 27/05/14 17:24, Steve Campbell wrote:
>> On 5/27/2014 11:54 AM, Rowland Penny wrote:
>>> On 27/05/14 16:06, Steve Campbell wrote:
>>>> On 5/27/2014 10:29 AM, Rowland Penny wrote:
>>>>> On 27/05/14 15:04, Steve Campbell wrote:
>>>>>> <snip>
>>>>>>> You are starting to confuse me now ;-)
>>>>>>> I thought that you were using the sernet packages, but from the 
>>>>>>> above command it would seem that you have compiled samba4 yourself.
>>>>>> How would the sernet packages differ from the compiled version? 
>>>>>> Doesn't it give me mostly the same executables?
>>>>> Well yes, but they will be found in different places, take 
>>>>> samba-tool for instance, with sernet it will be in /usr/bin , but 
>>>>> if you compile samba4 yourself it will be found in 
>>>>> /usr/local/samba/bin
>>>>>>> I personally always pass all the info at once i.e.
>>>>>>> samba-tool domain provision --realm=example.com --domain=EXAMPLE 
>>>>>>> --adminpass=P4ssw0rd* --use-rfc2307 --server-role='dc'
>>>>>>> Your realm is usually the same as your DNS domain name and the 
>>>>>>> domain should be the first part of your realm but in UPPERCASE ;-)
>>>>>> OK, I'm almost certain what I used for the interactive answers 
>>>>>> were not correct. How would I start over?
>>>>> I would suggest that you first of all create a VM to practise in 
>>>>> (you can take snapshots of this) , then decide whether to go with 
>>>>> the sernet packages, use the backport packages (if using wheezy) 
>>>>> or compile samba yourself, once you make your decision, stick with 
>>>>> it.
>>>>>> Regardless of how bad the "Using Samba" book might be for a Samba 
>>>>>> 4 implementation, it does provide very good information about 
>>>>>> what Domains are and how they are viewed (at least for me, the 
>>>>>> Windows Domain idiot). I don't mean to argue.
>>>>> The only problem with that argument (for want of a better word) is 
>>>>> that there are two types of domains, NT4 and AD, Samba4 can do 
>>>>> both, but you really should be aiming for an AD domain and there 
>>>>> is a lot of better info out there in the internet, than what you 
>>>>> will find in that book.
>>>>>> I feel sort of guilty for using the list as a learning tool. 
>>>>>> There just isn't much out there other places.
>>>>> Do not feel guilty, we ALL had to start somewhere and as far as I 
>>>>> am concerned we should help others as far as we can. As for 
>>>>> finding information on the internet, I suspect that you are not 
>>>>> using the right search terms, try using 'active directory' or 'AD' 
>>>>> instead of 'samba' or 'samba4'.
>>>>> Rowland
>>>>>>> NOTE TO MARC:
>>>>>>> This really should be in the wiki, not just telling people to do 
>>>>>>> it interactively, especially if you are not going to show the 
>>>>>>> questions that will be asked. Would you like me to re-write that 
>>>>>>> section and send it to you ?
>>>>>>>> I'm using the old version 3 book to make sure I understand the 
>>>>>>>> questions that "--interactive" asks, in particular, the ones 
>>>>>>>> about the domain.
>>>>>>> Please take that copy of 'using Samba' and get rid of it ;-) 
>>>>>>> Just refer to the wiki and ask questions here.
>>>>>>>> I'm fairly certain that those domain questions might be the 
>>>>>>>> biggest part of the problem.
>>>>>>> Could be.
>>>>>> steve
>>>> So while we were talking, the Windows guy decided he wanted to try 
>>>> something different. He found some instructions using 
>>>> configure/make and was trying to do that. I stopped him before 
>>>> doing so.
>>>> Upon trying to remove sernet and then update sernet, we discovered 
>>>> that some of the packages are being updated, and we couldn't do 
>>>> either remove or update the packages.
>>>> So I removed the individual packages (as opposed to all the 
>>>> packages as a wildcard). We are now installing from the git 
>>>> directories. He's a little concerned because he's not a Linux guy 
>>>> and I'm only going to be around for a few months, and packages are 
>>>> just so easy for a new guy.
>>> You now seem to be trying to use the development files, these are 
>>> not forced to be stable, I would recommend that you use the latest 
>>> stable package (if you are going to compile it yourself) : 
>>> samba.org/samba/ftp/stable/samba-4.1.7.tar.gz
>>> Rowland
>>>> I'll inform you of our progress.
>>>> I hadn't considered the AD-vs-NT4 domains. Glad you mentioned that. 
>>>> And thanks for the understanding and patience.
>>>> steve
>> Rowland,
>> Right again. He downloaded 4.2-pre
>> We've wiped that and downloaded the file you suggested. I've unzipped 
>> and untarred that. There is a configure in the root folder 
>> (samba-4.1.7). The wiki indicates that there should be a samba-master 
>> folder (when using git). Can I assume that I should use the configure 
>> in that root folder?
> Yes, it is just a case of:
> ./configure
> make
> make install
> This supposes that you are running as root, otherwise the last command 
> will have to be run with sudo.
> I take it that you have installed all the required packages to compile 
> Samba, if you are not sure, take a look here:
> https://wiki.samba.org/index.php/Samba_4/OS_Requirements
> Install everything that you haven't got installed, then start the 
> compile, good luck ;-)
> Rowland
I'm running as root. I have everything installed that is required.

That 4.2 version would allow me to provision.
The new 4.1.7 version fails on provision with the following:

ldb: module schema_load initialization failed : No such object
ldb: module rootdse initialization failed : No such object
ldb: module samba_dsdb initialization failed : No such object
ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: (null)
samdb_connect failed
VFS connect failed!
ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed - 
ProvisioningError: Your filesystem or build does not support posix ACLs, 
which s3fs requires.  Try the mounting the filesystem with the 'acl' option.
line 398, in run
     use_rfc2307=use_rfc2307, skip_sysvolacl=False)
line 2052, in provision
     raise ProvisioningError("Your filesystem or build does not support 
posix ACLs, which s3fs requires.  Try the mounting the filesystem with 
the 'acl' option.")

Looks like a few problems. But OpenLDAP is installed. I have selinux 
running in permissive to get some of the file attributes. I have added 
to fstab on all the partitions that matter the following after "defaults"


Remounted using mount -a and also rebooted.

Seems I'm going backwards.


More information about the samba mailing list