[Samba] samba 4.1.17 on raspberry pi as ad dc - krb5 problem / ipv6?

Thu Mar 12 16:11:49 MDT 2015

On 12/03/15 21:38, Matthias Busch wrote:
> further testing, log reading and googling has revealed further 
> possible problem sources... with ipv6?
>
> my syslog shows the following errors:
> ---
> Mar 12 18:08:10 ADServer samba[2161]: [2015/03/12 18:08:10.134418, 0] 
> ../source4/smbd/server.c:488(binary_smbd_main)
> Mar 12 18:08:10 ADServer samba[2161]:   samba: using 'standard' 
> process model
> Mar 12 18:08:10 ADServer samba[2238]: [2015/03/12 18:08:10.480443, 0] 
> ../source4/cldap_server/cldap_server.c:122(cldapd_add_socket)
> Mar 12 18:08:10 ADServer samba[2238]:   Failed to bind to ipv6::::389 
> - NT_STATUS_INVALID_PARAMETER_MIX
> Mar 12 18:08:10 ADServer samba[2233]: [2015/03/12 18:08:10.524957, 0] 
> ../source4/rpc_server/dcerpc_server.c:1708(add_socket_rpc_tcp_iface)
> Mar 12 18:08:10 ADServer samba[2233]: 
> service_setup_stream_socket(address=::,port=0) failed - 
> NT_STATUS_INVALID_PARAMETER_MIX
> Mar 12 18:08:10 ADServer samba[2233]: [2015/03/12 18:08:10.584816, 0] 
> ../source4/rpc_server/dcerpc_server.c:1708(add_socket_rpc_tcp_iface)
> Mar 12 18:08:10 ADServer samba[2233]: 
> service_setup_stream_socket(address=::,port=135) failed - 
> NT_STATUS_INVALID_PARAMETER_MIX
> Mar 12 18:08:10 ADServer samba[2161]: [2015/03/12 18:08:10.862890, 0] 
> ../lib/util/become_daemon.c:136(daemon_ready)
> Mar 12 18:08:10 ADServer samba[2239]: [2015/03/12 18:08:10.998189, 0] 
> ../source4/kdc/kdc.c:672(kdc_add_socket)
> Mar 12 18:08:11 ADServer samba[2239]:   Failed to bind to :::88 TCP - 
> NT_STATUS_INVALID_PARAMETER_MIX
> Mar 12 18:08:11 ADServer samba[2239]: [2015/03/12 18:08:11.047385, 0] 
> ../source4/kdc/kdc.c:672(kdc_add_socket)
> Mar 12 18:08:11 ADServer samba[2239]:   Failed to bind to :::464 TCP - 
> NT_STATUS_INVALID_PARAMETER_MIX
> Mar 12 18:08:11 ADServer samba[2251]: [2015/03/12 18:08:11.307424, 0] 
> ../source4/dns_server/dns_server.c:629(dns_add_socket)
> Mar 12 18:08:11 ADServer samba[2251]:   Failed to bind to :::53 TCP - 
> NT_STATUS_INVALID_PARAMETER_MIX
> Mar 12 18:08:20 ADServer smbd[2235]: [2015/03/12 18:08:20.566000, 0] 
> ../lib/util/become_daemon.c:136(daemon_ready)
> Mar 12 18:08:20 ADServer smbd[2235]:   STATUS=daemon 'smbd' finished 
> starting up and ready to serve connectionsopen_socket_in(): socket() 
> call failed: Address family not supported by protocol
> Mar 12 18:08:20 ADServer smbd[2235]: [2015/03/12 18:08:20.636667, 0] 
> ../source3/smbd/server.c:673(smbd_open_one_socket)
> Mar 12 18:08:20 ADServer smbd[2235]:   smbd_open_once_socket: 
> open_socket_in: Address family not supported by protocol
> Mar 12 18:08:20 ADServer smbd[2235]: [2015/03/12 18:08:20.687569, 0] 
> ../source3/lib/util_sock.c:423(open_socket_in)
> Mar 12 18:08:20 ADServer smbd[2235]:   open_socket_in(): socket() call 
> failed: Address family not supported by protocol
> Mar 12 18:08:20 ADServer smbd[2235]: [2015/03/12 18:08:20.690615, 0] 
> ../source3/smbd/server.c:673(smbd_open_one_socket)
> Mar 12 18:08:20 ADServer smbd[2235]:   smbd_open_once_socket: 
> open_socket_in: Address family not supported by protocol
> Mar 12 18:08:31 ADServer samba[2250]: [2015/03/12 18:08:31.153311, 0] 
> ../source4/dsdb/dns/dns_update.c:294(dnsupdate_nameupdate_done)
> Mar 12 18:08:31 ADServer samba[2250]: 
> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - 
> NT_STATUS_IO_TIMEOUT
> Mar 12 18:08:31 ADServer samba[2250]: [2015/03/12 18:08:31.202635, 0] 
> ../source4/dsdb/dns/dns_update.c:323(dnsupdate_spnupdate_done)
> Mar 12 18:08:31 ADServer samba[2250]: 
> ../source4/dsdb/dns/dns_update.c:323: Failed SPN update - 
> NT_STATUS_IO_TIMEOUT
> Mar 12 18:08:34 ADServer samba[2237]: [2015/03/12 18:08:34.649153, 0] 
> ../source4/ldap_server/ldap_server.c:821(add_socket)
> Mar 12 18:08:34 ADServer samba[2237]:   ldapsrv failed to bind to 
> :::389 - NT_STATUS_INVALID_PARAMETER_MIX
>
> ---
>

There is something going on there, how are you starting samba ?

> those errors look to me like they are ipv6 related. which I think I 
> disabled during configurate...
> And it may be that those can all be ignored. but i am not certain that 
> this is not a symptom for something more serious...
>
> ---  netstat -n -l -p -u -t output
> Proto Recv-Q Send-Q Local Address           Foreign Address 
> State       PID/Program name
> tcp        0      0 0.0.0.0:3268            0.0.0.0:* LISTEN 2237/samba
> tcp        0      0 0.0.0.0:3269            0.0.0.0:* LISTEN 2237/samba
> tcp        0      0 0.0.0.0:389             0.0.0.0:* LISTEN 2237/samba
> tcp        0      0 0.0.0.0:135             0.0.0.0:* LISTEN 2233/samba
> tcp        0      0 0.0.0.0:139             0.0.0.0:* LISTEN 2235/smbd
> tcp        0      0 0.0.0.0:464             0.0.0.0:* LISTEN 2239/samba
> tcp        0      0 0.0.0.0:53              0.0.0.0:* LISTEN 2251/samba
> tcp        0      0 0.0.0.0:22              0.0.0.0:* LISTEN 2187/sshd
> tcp        0      0 127.0.0.1:631           0.0.0.0:* LISTEN 2031/cupsd
> tcp        0      0 0.0.0.0:88              0.0.0.0:* LISTEN 2239/samba
> tcp        0      0 0.0.0.0:636             0.0.0.0:* LISTEN 2237/samba
> tcp        0      0 0.0.0.0:445             0.0.0.0:* LISTEN 2235/smbd
> tcp        0      0 0.0.0.0:1024            0.0.0.0:* LISTEN 2233/samba
> udp        0      0 192.168.7.254:464 
> 0.0.0.0:*                           2239/samba
> udp        0      0 0.0.0.0:464 0.0.0.0:* 2239/samba
> udp        0      0 0.0.0.0:53 0.0.0.0:* 2251/samba
> udp        0      0 192.168.7.254:88 
> 0.0.0.0:*                           2239/samba
> udp        0      0 0.0.0.0:88 0.0.0.0:* 2239/samba
> udp        0      0 0.0.0.0:631 0.0.0.0:* 2031/cupsd
> udp        0      0 192.168.7.254:123 
> 0.0.0.0:*                           2081/ntpd
> udp        0      0 127.0.0.1:123 0.0.0.0:*                           
> 2081/ntpd
> udp        0      0 0.0.0.0:123 0.0.0.0:* 2081/ntpd
> udp        0      0 192.168.7.254:389 
> 0.0.0.0:*                           2238/samba
> udp        0      0 0.0.0.0:389 0.0.0.0:* 2238/samba
> udp        0      0 192.168.7.254:137 
> 0.0.0.0:*                           2234/samba
> udp        0      0 192.168.7.255:137 
> 0.0.0.0:*                           2234/samba
> udp        0      0 0.0.0.0:137 0.0.0.0:* 2234/samba
> udp        0      0 192.168.7.254:138 
> 0.0.0.0:*                           2234/samba
> udp        0      0 192.168.7.255:138 
> 0.0.0.0:*                           2234/samba
> udp        0      0 0.0.0.0:138 0.0.0.0:* 2234/samba
>
> doesnt look to bad... but i dont see kerberos ?

OH yes you do!

tcp        0      0 0.0.0.0:88              0.0.0.0:* LISTEN 2239/samba
udp        0      0 192.168.7.254:88 0.0.0.0:*                           
2239/samba

Rowland