[Samba] Totally missing the mark here

Rowland Penny rowlandpenny at googlemail.com
Tue May 27 12:04:29 MDT 2014


On 27/05/14 18:38, Steve Campbell wrote:
>
> On 5/27/2014 12:36 PM, Rowland Penny wrote:
>> On 27/05/14 17:24, Steve Campbell wrote:
>>>
>>> On 5/27/2014 11:54 AM, Rowland Penny wrote:
>>>> On 27/05/14 16:06, Steve Campbell wrote:
>>>>>
>>>>> On 5/27/2014 10:29 AM, Rowland Penny wrote:
>>>>>> On 27/05/14 15:04, Steve Campbell wrote:
>>>>>>> <snip>
>>>>>>>> You are starting to confuse me now ;-)
>>>>>>>> I thought that you were using the sernet packages, but from the 
>>>>>>>> above command it would seem that you have compiled samba4 
>>>>>>>> yourself.
>>>>>>> How would the sernet packages differ from the compiled version? 
>>>>>>> Doesn't it give me mostly the same executables?
>>>>>>
>>>>>> Well yes, but they will be found in different places, take 
>>>>>> samba-tool for instance, with sernet it will be in /usr/bin , but 
>>>>>> if you compile samba4 yourself it will be found in 
>>>>>> /usr/local/samba/bin
>>>>>>
>>>>>>>>
>>>>>>>> I personally always pass all the info at once i.e.
>>>>>>>> samba-tool domain provision --realm=example.com 
>>>>>>>> --domain=EXAMPLE --adminpass=P4ssw0rd* --use-rfc2307 
>>>>>>>> --server-role='dc'
>>>>>>>>
>>>>>>>> Your realm is usually the same as your DNS domain name and the 
>>>>>>>> domain should be the first part of your realm but in UPPERCASE ;-)
>>>>>>>
>>>>>>> OK, I'm almost certain what I used for the interactive answers 
>>>>>>> were not correct. How would I start over?
>>>>>>>
>>>>>> I would suggest that you first of all create a VM to practise in 
>>>>>> (you can take snapshots of this) , then decide whether to go with 
>>>>>> the sernet packages, use the backport packages (if using wheezy) 
>>>>>> or compile samba yourself, once you make your decision, stick 
>>>>>> with it.
>>>>>>
>>>>>>> Regardless of how bad the "Using Samba" book might be for a 
>>>>>>> Samba 4 implementation, it does provide very good information 
>>>>>>> about what Domains are and how they are viewed (at least for me, 
>>>>>>> the Windows Domain idiot). I don't mean to argue.
>>>>>>>
>>>>>> The only problem with that argument (for want of a better word) 
>>>>>> is that there are two types of domains, NT4 and AD, Samba4 can do 
>>>>>> both, but you really should be aiming for an AD domain and there 
>>>>>> is a lot of better info out there in the internet, than what you 
>>>>>> will find in that book.
>>>>>>
>>>>>>> I feel sort of guilty for using the list as a learning tool. 
>>>>>>> There just isn't much out there other places.
>>>>>>
>>>>>> Do not feel guilty, we ALL had to start somewhere and as far as I 
>>>>>> am concerned we should help others as far as we can. As for 
>>>>>> finding information on the internet, I suspect that you are not 
>>>>>> using the right search terms, try using 'active directory' or 
>>>>>> 'AD' instead of 'samba' or 'samba4'.
>>>>>>
>>>>>> Rowland
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> NOTE TO MARC:
>>>>>>>> This really should be in the wiki, not just telling people to 
>>>>>>>> do it interactively, especially if you are not going to show 
>>>>>>>> the questions that will be asked. Would you like me to re-write 
>>>>>>>> that section and send it to you ?
>>>>>>>>
>>>>>>>>>
>>>>>>>>> I'm using the old version 3 book to make sure I understand the 
>>>>>>>>> questions that "--interactive" asks, in particular, the ones 
>>>>>>>>> about the domain.
>>>>>>>>>
>>>>>>>> Please take that copy of 'using Samba' and get rid of it ;-) 
>>>>>>>> Just refer to the wiki and ask questions here.
>>>>>>>>
>>>>>>>>> I'm fairly certain that those domain questions might be the 
>>>>>>>>> biggest part of the problem.
>>>>>>>>>
>>>>>>>>
>>>>>>>> Could be.
>>>>>>>>
>>>>>>> steve
>>>>>>
>>>>> So while we were talking, the Windows guy decided he wanted to try 
>>>>> something different. He found some instructions using 
>>>>> configure/make and was trying to do that. I stopped him before 
>>>>> doing so.
>>>>>
>>>>> Upon trying to remove sernet and then update sernet, we discovered 
>>>>> that some of the packages are being updated, and we couldn't do 
>>>>> either remove or update the packages.
>>>>>
>>>>> So I removed the individual packages (as opposed to all the 
>>>>> packages as a wildcard). We are now installing from the git 
>>>>> directories. He's a little concerned because he's not a Linux guy 
>>>>> and I'm only going to be around for a few months, and packages are 
>>>>> just so easy for a new guy.
>>>>
>>>> You now seem to be trying to use the development files, these are 
>>>> not forced to be stable, I would recommend that you use the latest 
>>>> stable package (if you are going to compile it yourself) : 
>>>> samba.org/samba/ftp/stable/samba-4.1.7.tar.gz
>>>>
>>>> Rowland
>>>>
>>>>>
>>>>> I'll inform you of our progress.
>>>>>
>>>>> I hadn't considered the AD-vs-NT4 domains. Glad you mentioned 
>>>>> that. And thanks for the understanding and patience.
>>>>>
>>>>> steve
>>>>
>>> Rowland,
>>>
>>> Right again. He downloaded 4.2-pre
>>>
>>> We've wiped that and downloaded the file you suggested. I've 
>>> unzipped and untarred that. There is a configure in the root folder 
>>> (samba-4.1.7). The wiki indicates that there should be a 
>>> samba-master folder (when using git). Can I assume that I should use 
>>> the configure in that root folder?
>> Yes, it is just a case of:
>> ./configure
>> make
>> make install
>>
>> This supposes that you are running as root, otherwise the last 
>> command will have to be run with sudo.
>> I take it that you have installed all the required packages to 
>> compile Samba, if you are not sure, take a look here:
>> https://wiki.samba.org/index.php/Samba_4/OS_Requirements
>>
>> Install everything that you haven't got installed, then start the 
>> compile, good luck ;-)
>>
>> Rowland
> I'm running as root. I have everything installed that is required.
>
> That 4.2 version would allow me to provision.
> The new 4.1.7 version fails on provision with the following:
>
> ldb: module schema_load initialization failed : No such object
> ldb: module rootdse initialization failed : No such object
> ldb: module samba_dsdb initialization failed : No such object
> ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: (null)
> samdb_connect failed
> VFS connect failed!
> ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed - 
> ProvisioningError: Your filesystem or build does not support posix 
> ACLs, which s3fs requires.  Try the mounting the filesystem with the 
> 'acl' option.
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py", 
> line 398, in run
>     use_rfc2307=use_rfc2307, skip_sysvolacl=False)
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", 
> line 2052, in provision
>     raise ProvisioningError("Your filesystem or build does not support 
> posix ACLs, which s3fs requires.  Try the mounting the filesystem with 
> the 'acl' option.")
>
> Looks like a few problems. But OpenLDAP is installed. I have selinux 
> running in permissive to get some of the file attributes. I have added 
> to fstab on all the partitions that matter the following after "defaults"

As you are seemingly doing a new provision, you should not have Openldap 
installed, it will conflict with Samba4 AD. Could you please confirm 
what OS you are installing samba4 on.

>
> ,user_xattr,acl,barrier=1
>
> Remounted using mount -a and also rebooted.

OK, try removing any smb.conf file that has been created and run the 
provision again.

Rowland
>
> Seems I'm going backwards.
>
> steve



More information about the samba mailing list