[Samba] upgrade Samba3 to Samb4 NT4 DC and got no currently logon servers

Mario Codeniera mario.codeniera at gmail.com
Wed Oct 14 04:07:12 UTC 2015 

Hi,

Hope can someone give insights or what to do next, regarding with issue
encountered regarding with the upgrade of Samba3 to Samba4  NT4-style
domain with OpenLDAP backend.

It seems the upgrade went well as I could join the domain on the Windows 7
workstations, except adding still the registry mentioned on the link:
https://wiki.samba.org/index.php/Required_settings_for_NT4-style_domains

and issuing the command

> net sam rights grant ulipon SeMachineAccountPrivilege       (where ulipon
> is a user for joining the domain)

As it generate error like "The join operation was not successful.This could
be because an existing computer account having name "timawa-PC" was
previously created using a different set of credentials. Use a different
computer name or contact your system administrator to remove any stale
conflicting account. The error was: Access denied."

But when I restarted the workstation, it keeps displaying *"There are no
currently logon servers available to service the logon request.*" once
login as a domain. This is my query how to overcome this issue.

If I put the  (as we are planning it to upgrade our Windows 7 to Windows
10) in the smb.conf

> max protocol = NT1

"The trust relationship between this workstation and the primary domain
failed."


The logs I got related to printers, it seems no other error:

2015/10/14 16:26:38,  0] ../source3/smbd/server.c:1189(main)
>   smbd version 4.1.12 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2013
> [2015/10/14 16:26:38.641701,  0, pid=3337, effective(0, 0), real(0, 0)]
> ../source3/smbd/server.c:1269(main)
>   standard input is not a socket, assuming -D option
> [2015/10/14 16:26:49.539468,  0, pid=3338, effective(0, 0), real(0, 0)]
> ../lib/util/become_daemon.c:136(daemon_ready)
>   STATUS=daemon 'smbd' finished starting up and ready to serve
> connectionsFailed to fetch record!
>   STATUS=daemon 'smbd' finished starting up and ready to serve
> connectionsUnable to connect to CUPS server localhost:631 - Transport
> endpoint is not connected
>   STATUS=daemon 'smbd' finished starting up and ready to serve
> connectionsfailed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
> [2015/10/14 16:27:49.610194,  0, pid=3364, effective(0, 0), real(0, 0)]
> ../source3/printing/print_cups.c:151(cups_connect)
>   Unable to connect to CUPS server localhost:631 - Transport endpoint is
> not connected
> [2015/10/14 16:27:49.610979,  0, pid=3339, effective(0, 0), real(0, 0)]
> ../source3/printing/print_cups.c:528(cups_async_callback)
>   failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
> [2015/10/14 16:40:50.371719,  0, pid=3487, effective(0, 0), real(0, 0)]
> ../source3/printing/print_cups.c:151(cups_connect)
>   Unable to connect to CUPS server localhost:631 - Transport endpoint is
> not connected
> [2015/10/14 16:40:50.372301,  0, pid=3339, effective(0, 0), real(0, 0)]
> ../source3/printing/print_cups.c:528(cups_async_callback)
>   failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
> [2015/10/14 16:46:32.046063,  0, pid=3339, effective(0, 0), real(0, 0)]
> ../lib/util/pidfile.c:153(pidfile_unlink)
>   Failed to delete pidfile /run/smbd.pid. Error was No such file or
> directory
> [2015/10/14 16:46:32,  0] ../source3/smbd/server.c:1189(main)
>   smbd version 4.1.12 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2013
> [2015/10/14 16:46:32.092789,  0, pid=3594, effective(0, 0), real(0, 0)]
> ../source3/smbd/server.c:1269(main)
>   standard input is not a socket, assuming -D option
> [2015/10/14 16:46:43.108807,  0, pid=3595, effective(0, 0), real(0, 0)]
> ../lib/util/become_daemon.c:136(daemon_ready)
>   STATUS=daemon 'smbd' finished starting up and ready to serve
> connectionsFailed to fetch record!
>   STATUS=daemon 'smbd' finished starting up and ready to serve
> connectionsUnable to connect to CUPS server localhost:631 - Transport
> endpoint is not connected
>   STATUS=daemon 'smbd' finished starting up and ready to serve
> connectionsfailed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
> [2015/10/14 16:47:43.177001,  0, pid=3616, effective(0, 0), real(0, 0)]
> ../source3/printing/print_cups.c:151(cups_connect)
>   Unable to connect to CUPS server localhost:631 - Transport endpoint is
> not connected
> [2015/10/14 16:47:43.177547,  0, pid=3596, effective(0, 0), real(0, 0)]
> ../source3/printing/print_cups.c:528(cups_async_callback)
>   failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL


It will display all the users/groups using getent / id <user> via cli.

> getent group
> getent passwd


By the way I am using:
CentOS Linux release 7.1.1503 (Core)
samba-4.1.12-23.el7_1.x86_64
openldap-2.4.39-7.el7.centos.x86_64

smb.conf
[global]
workgroup = LUMAD
netbios name = samba-ldapsam

deadtime = 10

log level = 1
log file = /var/log/samba/log.%m
max log size = 5000
debug pid = yes
debug uid = yes
syslog = 0
utmp = yes

security = user
domain logons = yes

os level = 64
logon path =
logon home =
logon drive =
logon script =

passdb backend = ldapsam:"ldap://lumad.sandbox.local/"
ldap ssl = no
ldap admin dn = cn=admin,dc=lumad,dc=sandbox,dc=local
ldap delete dn = no

## Sync UNIX password with Samba password
## Method 1:
ldap password sync = yes
## Method 2:
;ldap password sync = no
;unix password sync = yes
;passwd program = /usr/sbin/smbldap-passwd -u '%u'
;passwd chat = "Changing *\nNew password*" %n\n "*Retype new password*"
%n\n"

ldap suffix = dc=lumad,dc=sandbox,dc=local
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap idmap suffix = ou=idmap

add user script = /usr/sbin/smbldap-useradd -m '%u' -t 1
rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold'
delete user script = /usr/sbin/smbldap-userdel '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
add machine script = /usr/sbin/smbldap-useradd -w '%u' -t 1


Dos charset = CP932
Unix charset = UTF-8


[homes]
  comment = Home Directories
  browseable = yes
  writable = yes
#[printers]
#  comment = All Printers
#  path = /var/spool/samba
#  printable = Yes
#  print ok = Yes
#  browseable = No
[netlogon]
  comment = Network Logon Service
  path = /var/lib/samba/netlogon
  browseable = No
  writable = No
[Profiles]
  path = /var/lib/samba/profiles
  create mask = 0755
  directory mask = 0755
  writable = Yes

[sambashare]
    writeable = yes
    browseable = yes
    path = /sambashare


Thanks,
Mario

More information about the samba mailing list