[Samba] Samba 4 AD - Samba Fails to Start, hdb_samba4_create_kdc (setup KDC database) failed

L.P.H. van Belle belle at bazuin.nl
Thu Dec 31 09:03:12 UTC 2015 

In addition. 
You can try : 
samba-tool dbcheck --cross-ncs --fix

but again, i think quicker with a backup restore or new provisioning. 

Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens L.P.H. van Belle
> Verzonden: donderdag 31 december 2015 9:46
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Samba 4 AD - Samba Fails to Start,
> hdb_samba4_create_kdc (setup KDC database) failed
> 
> Ok,
> 
> First things is see.
> 
> NTP
> drwxr-x---   2 root root         4096 Dec 28 21:12 ntp_signd
> should be root:ntp
> 
> SYVOL
> drwxrwx---+  3 root BUILTIN\administrators    4096 Apr 28  2015 sysvol
> your shows 300000 while mine gives : BUILTIN\administrators
> but i have winbind/nsswitch etc configured on my DC, dont ask why, but i
> need it, and it works good for me.
> 
> so besides your ntp folder this looks all ok.
> 
> Can you tell more about the hardware failure?
> Disk problems, power outage etc what exact happend?
> Did you see an filesystem check the first time starting up after the
> failuere?
> 
> I asume its the only server, do no other DC's.
> Stop all samba processes and backup at least these folders.
> /etc/samba
> /var/lib/samba
> /var/cache/samba
> 
> When you run :  samba-tool fsmo show
> You probely get an error, so try the following.
> samba-tool fsmo sieze
> 
> ( i dont think i will work, but give it a try, any outputs is most welkom
> )
> 
> These do worry me.
> Failed to find object DC=one,DC=cliffbells,DC=com for attribute
> fsmoRoleOwner - Cannot find DN DC=one,DC=cliffbells,DC=com to get
> attribute fsmoRoleOwner for reference dn: (null)
> 
> ./source4/dsdb/common/util.c:1877(samdb_is_pdc)
>   Failed to find if we are the PDC for this ldb: Searching for
> fSMORoleOwner in DC=one,DC=cliffbells,DC=com failed: Cannot find DN
> DC=one,DC=cliffbells,DC=com to get attribute fsmoRoleOwner for reference
> dn: (null)
> 
> which looks like you samba DB is corrected, probely due to the hardware
> failure.
> 
> Do you have a backup, made with samba_backup ?
> ( shown here :
> https://wiki.samba.org/index.php/Backup_and_restore_an_Samba_AD_DC  )
> 
> Because i think you db is corrected and beyond recovery.
> 
> If you have  backupped :
> /etc/samba
> /var/lib/samba
> /var/cache/samba
> 
> You can remove the content of
> /var/lib/samba
> /var/cache/samba
> 
> And reprovision, bases on the posts here and the things i see.
> If you have a backup "any" which have also the samba databases, thats the
> first you can try.
> 
> 
> Greetz,
> 
> Louis
> 
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens JS
> > Verzonden: woensdag 30 december 2015 23:42
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] Samba 4 AD - Samba Fails to Start,
> > hdb_samba4_create_kdc (setup KDC database) failed
> >
> >  <=?windows-1252?Q?L.P.H._van_Belle?=> writes:
> >
> > >
> > > Hai,
> > >
> > > Can be incorrect rights, of corrupted db.
> > >
> > > Can you give the output of
> > >
> > > ls -al /var/lib/samba/
> > > ls -al /var/lib/samba/private
> > > ls -al /var/lib/samba/private/dns
> > >
> > > Greetz,
> > >
> > > Louis
> > >
> >
> >
> >
> > Hi Louis, thanks for your reply, here is the info you requested:
> >
> > ls -al /var/lib/samba/
> > total 1376
> > drwxr-xr-x   8 root root         4096 Dec 13 21:07 .
> > drwxr-xr-x  59 root root         4096 Dec 13 20:16 ..
> > -rw-------   1 root root       421888 Dec 13 21:07 account_policy.tdb
> > drwxr-x---   2 root root         4096 Dec 28 21:12 ntp_signd
> > drwxr-xr-x  10 root root         4096 Dec 13 20:51 printers
> > drwxr-xr-x   6 root root         4096 Dec 28 21:12 private
> > -rw-------   1 root root       528384 Dec 13 21:07 registry.tdb
> > -rw-------   1 root root       421888 Dec 13 21:07 share_info.tdb
> > drwxrwx---+  6 root    3000000   4096 Dec 13 21:59 sysvol
> > drwxrwx--T   2 root sambashare   4096 Dec 13 20:36 usershares
> > drwxr-x---   2 root root         4096 Dec 28 21:12 winbindd_privileged
> >
> >
> > ls -al /var/lib/samba/private/
> > total 11220
> > drwxr-xr-x 6 root root    4096 Dec 28 21:12 .
> > drwxr-xr-x 8 root root    4096 Dec 13 21:07 ..
> > -rw------- 1 root root    2085 Dec 13 21:07 dns_update_cache
> > -rw-r--r-- 1 root root    3183 Dec 13 21:03 dns_update_list
> > -rw------- 1 root root 1286144 Dec 13 21:02 hklm.ldb
> > -rw------- 1 root root 1609728 Dec 23 20:15 idmap.ldb
> > -rw-r--r-- 1 root root      99 Dec 13 21:03 krb5.conf
> > srwxrwxrwx 1 root root       0 Dec 28 21:12 ldapi
> > drwxr-x--- 2 root root    4096 Dec 28 21:12 ldap_priv
> > -r--r--r-- 1 root root     242 Dec 13 21:07 named.conf.update
> > -rw------- 1 root root 1286144 Dec 13 21:41 privilege.ldb
> > -rw------- 1 root root     696 Dec 13 21:07 randseed.tdb
> > -rw------- 1 root root 4247552 Dec 28 07:22 sam.ldb
> > drwx------ 2 root root    4096 Dec 13 21:02 sam.ldb.d
> > -rw------- 1 root root     696 Dec 28 21:12 schannel_store.tdb
> > -rw------- 1 root root    1212 Dec 13 21:03 secrets.keytab
> > -rw------- 1 root root 1286144 Dec 13 21:03 secrets.ldb
> > -rw------- 1 root root  430080 Dec 13 21:03 secrets.tdb
> > -rw------- 1 root root 1286144 Dec 13 21:02 share.ldb
> > drwxr-xr-x 3 root root    4096 Dec 13 21:07 smbd.tmp
> > -rw-r--r-- 1 root root     955 Dec 13 21:03 spn_update_list
> > drwx------ 2 root root    4096 Dec 13 21:07 tls
> >
> >
> > I have no /var/lib/samba/private/dns directory.  Note that I am using
> > Samba's internal DNS server as opposed to Bind9 or anything else.
> >
> > JS
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list