[Samba] Wrong interface on AD Provisioning

Rowland penny rpenny at samba.org
Mon Dec 28 20:53:23 UTC 2015


On 28/12/15 20:26, Marc Muehlfeld wrote:
> Hello Rowland,
>
>
> Am 28.12.2015 um 10:57 schrieb Rowland penny:
>> Hi Marc, if, as you say, you need to remove everything before
>> reprovisioning, why are there these lines in the provisioning code
>> (/samba/provision/__init__.py):
>>
>>   def provision(logger, session_info, smbconf=None,
>>
>>      """Provision samba4
>>
>>      :note: caution, this wipes all existing data!
>>      """
>
> My current DC smb.conf:
> # grep "interfaces" /etc/samba/smb.conf
> 	interfaces = lo eth0
> 	bind interfaces only = yes
>
> # ls -l /etc/samba/smb.conf
> -rw-r--r-- 1 root root 947 13. Okt 2014  /etc/samba/smb.conf
>
>
> Then I'm re-provision without removing the smb.conf, but using the 2nd
> interface (eth1) instead of eth0:
> # samba-tool domain provision --option="interfaces=lo eth1"
> --option="bind interfaces only=yes" --use-rfc2307 --use-xattrs=yes
> --interactive
>
>
> The smb.conf stayed unchanged (same timestamp):
> # grep "interfaces" /etc/samba/smb.conf
> 	interfaces = lo eth0
> 	bind interfaces only = yes
>
> # ls -l /etc/samba/smb.conf
> -rw-r--r-- 1 root root 947 13. Okt 2014  /etc/samba/smb.conf
>
>
> If you remove the smb.conf file instead before the re-provisioning,
> you'll find the interface options given to samba-tool in that file:
>
> # grep "interfaces" /etc/samba/smb.conf
> 	interfaces = lo eth1
> 	bind interfaces only = Yes
>
>
> BTW: If you use a different realm on the second provisioning, samba-tool
> will fail:
> # samba-tool domain provision --option="interfaces=lo eth1"
> --option="bind interfaces only=yes" --use-rfc2307 --use-xattrs=yes
> --interactive
> Realm [SAMDOM.EXAMPLE.COM]: DEMO.MARC-MUEHLFELD.DE
>   Domain [DEMO]:
>   Server Role (dc, member, standalone) [dc]:
>   DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> [SAMBA_INTERNAL]:
>   DNS forwarder IP address (write 'none' to disable forwarding) [10.99.0.1]:
> Administrator password:
> Retype password:
> ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed -
> ProvisioningError: guess_names: 'realm=SAMDOM.EXAMPLE.COM' in
> /etc/samba//smb.conf must match chosen realm 'DEMO.MARC-MUEHLFELD.DE'!
> Please remove the smb.conf file and let provision generate it
>    File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
> line 442, in run
>      nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
>    File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 2025, in provision
>      sitename=sitename, rootdn=rootdn, domain_names_forced=(samdb_fill ==
> FILL_DRS))
>    File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 609, in guess_names
>      raise ProvisioningError("guess_names: 'realm=%s' in %s must match
> chosen realm '%s'!  Please remove the smb.conf file and let provision
> generate it" % (lp.get("realm").upper(), lp.configfile, realm))
>
>
> If the code should replace the smb.conf, then might be a bug. Can you
> please create a bug report, if this is the case?
>
>

Hi Marc, good find, who knew there was a bug in the interactive 
provision code if you don't remove the smb.conf and want to change the 
realm name ?
As you found it, I think you should file the bug report and if you can, 
fix it, probably the easiest way would be to remove the interactive 
provision code, never really seen the point to it. :-)

Rowland



More information about the samba mailing list