[Samba] Totally missing the mark here

Andrew Bartlett abartlet at samba.org
Tue May 27 19:51:46 MDT 2014 

On Tue, 2014-05-27 at 13:38 -0400, Steve Campbell wrote:
> On 5/27/2014 12:36 PM, Rowland Penny wrote:
> > On 27/05/14 17:24, Steve Campbell wrote:
> >>
> >> On 5/27/2014 11:54 AM, Rowland Penny wrote:
> >>> On 27/05/14 16:06, Steve Campbell wrote:
> >>>>
> >>>> On 5/27/2014 10:29 AM, Rowland Penny wrote:
> >>>>> On 27/05/14 15:04, Steve Campbell wrote:
> >>>>>> <snip>
> >>>>>>> You are starting to confuse me now ;-)
> >>>>>>> I thought that you were using the sernet packages, but from the 
> >>>>>>> above command it would seem that you have compiled samba4 yourself.
> >>>>>> How would the sernet packages differ from the compiled version? 
> >>>>>> Doesn't it give me mostly the same executables?
> >>>>>
> >>>>> Well yes, but they will be found in different places, take 
> >>>>> samba-tool for instance, with sernet it will be in /usr/bin , but 
> >>>>> if you compile samba4 yourself it will be found in 
> >>>>> /usr/local/samba/bin
> >>>>>
> >>>>>>>
> >>>>>>> I personally always pass all the info at once i.e.
> >>>>>>> samba-tool domain provision --realm=example.com --domain=EXAMPLE 
> >>>>>>> --adminpass=P4ssw0rd* --use-rfc2307 --server-role='dc'
> >>>>>>>
> >>>>>>> Your realm is usually the same as your DNS domain name and the 
> >>>>>>> domain should be the first part of your realm but in UPPERCASE ;-)
> >>>>>>
> >>>>>> OK, I'm almost certain what I used for the interactive answers 
> >>>>>> were not correct. How would I start over?
> >>>>>>
> >>>>> I would suggest that you first of all create a VM to practise in 
> >>>>> (you can take snapshots of this) , then decide whether to go with 
> >>>>> the sernet packages, use the backport packages (if using wheezy) 
> >>>>> or compile samba yourself, once you make your decision, stick with 
> >>>>> it.
> >>>>>
> >>>>>> Regardless of how bad the "Using Samba" book might be for a Samba 
> >>>>>> 4 implementation, it does provide very good information about 
> >>>>>> what Domains are and how they are viewed (at least for me, the 
> >>>>>> Windows Domain idiot). I don't mean to argue.
> >>>>>>
> >>>>> The only problem with that argument (for want of a better word) is 
> >>>>> that there are two types of domains, NT4 and AD, Samba4 can do 
> >>>>> both, but you really should be aiming for an AD domain and there 
> >>>>> is a lot of better info out there in the internet, than what you 
> >>>>> will find in that book.
> >>>>>
> >>>>>> I feel sort of guilty for using the list as a learning tool. 
> >>>>>> There just isn't much out there other places.
> >>>>>
> >>>>> Do not feel guilty, we ALL had to start somewhere and as far as I 
> >>>>> am concerned we should help others as far as we can. As for 
> >>>>> finding information on the internet, I suspect that you are not 
> >>>>> using the right search terms, try using 'active directory' or 'AD' 
> >>>>> instead of 'samba' or 'samba4'.
> >>>>>
> >>>>> Rowland
> >>>>>
> >>>>>>
> >>>>>>
> >>>>>>>
> >>>>>>> NOTE TO MARC:
> >>>>>>> This really should be in the wiki, not just telling people to do 
> >>>>>>> it interactively, especially if you are not going to show the 
> >>>>>>> questions that will be asked. Would you like me to re-write that 
> >>>>>>> section and send it to you ?
> >>>>>>>
> >>>>>>>>
> >>>>>>>> I'm using the old version 3 book to make sure I understand the 
> >>>>>>>> questions that "--interactive" asks, in particular, the ones 
> >>>>>>>> about the domain.
> >>>>>>>>
> >>>>>>> Please take that copy of 'using Samba' and get rid of it ;-) 
> >>>>>>> Just refer to the wiki and ask questions here.
> >>>>>>>
> >>>>>>>> I'm fairly certain that those domain questions might be the 
> >>>>>>>> biggest part of the problem.
> >>>>>>>>
> >>>>>>>
> >>>>>>> Could be.
> >>>>>>>
> >>>>>> steve
> >>>>>
> >>>> So while we were talking, the Windows guy decided he wanted to try 
> >>>> something different. He found some instructions using 
> >>>> configure/make and was trying to do that. I stopped him before 
> >>>> doing so.
> >>>>
> >>>> Upon trying to remove sernet and then update sernet, we discovered 
> >>>> that some of the packages are being updated, and we couldn't do 
> >>>> either remove or update the packages.
> >>>>
> >>>> So I removed the individual packages (as opposed to all the 
> >>>> packages as a wildcard). We are now installing from the git 
> >>>> directories. He's a little concerned because he's not a Linux guy 
> >>>> and I'm only going to be around for a few months, and packages are 
> >>>> just so easy for a new guy.
> >>>
> >>> You now seem to be trying to use the development files, these are 
> >>> not forced to be stable, I would recommend that you use the latest 
> >>> stable package (if you are going to compile it yourself) : 
> >>> samba.org/samba/ftp/stable/samba-4.1.7.tar.gz
> >>>
> >>> Rowland
> >>>
> >>>>
> >>>> I'll inform you of our progress.
> >>>>
> >>>> I hadn't considered the AD-vs-NT4 domains. Glad you mentioned that. 
> >>>> And thanks for the understanding and patience.
> >>>>
> >>>> steve
> >>>
> >> Rowland,
> >>
> >> Right again. He downloaded 4.2-pre
> >>
> >> We've wiped that and downloaded the file you suggested. I've unzipped 
> >> and untarred that. There is a configure in the root folder 
> >> (samba-4.1.7). The wiki indicates that there should be a samba-master 
> >> folder (when using git). Can I assume that I should use the configure 
> >> in that root folder?
> > Yes, it is just a case of:
> > ./configure
> > make
> > make install
> >
> > This supposes that you are running as root, otherwise the last command 
> > will have to be run with sudo.
> > I take it that you have installed all the required packages to compile 
> > Samba, if you are not sure, take a look here:
> > https://wiki.samba.org/index.php/Samba_4/OS_Requirements
> >
> > Install everything that you haven't got installed, then start the 
> > compile, good luck ;-)
> >
> > Rowland
> I'm running as root. I have everything installed that is required.
> 
> That 4.2 version would allow me to provision.
> The new 4.1.7 version fails on provision with the following:
> 
> ldb: module schema_load initialization failed : No such object
> ldb: module rootdse initialization failed : No such object
> ldb: module samba_dsdb initialization failed : No such object
> ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: (null)
> samdb_connect failed
> VFS connect failed!
> ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed - 
> ProvisioningError: Your filesystem or build does not support posix ACLs, 
> which s3fs requires.  Try the mounting the filesystem with the 'acl' option.
>    File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py", 
> line 398, in run
>      use_rfc2307=use_rfc2307, skip_sysvolacl=False)
>    File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/__init__.py", 
> line 2052, in provision
>      raise ProvisioningError("Your filesystem or build does not support 
> posix ACLs, which s3fs requires.  Try the mounting the filesystem with 
> the 'acl' option.")

Sorry about the useless error message.  Please remove your private
directory and start again, the issue comes from re-running provision and
a bug we had in Samba.  A fix for this will be in 4.2 (I don't recall if
I backported it). 

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list