[Samba] Segmentation Fault when trying to set root samba password, IPA as a backend
Martin Juhl
mj at casalogic.dk
Mon Feb 29 10:04:41 UTC 2016
Hi
This is samba-4.2.3-11.el7_2.x86_64 on CentOS...
I'm trying to setup a Samba NT4 domain, with FreeIPA as a backend...
Right now everything works.. except that I need a Domain Adminstrator...
smbpasswd -a root, segfaults... probably because the user doesn't exist in FreeIPA
If I create the root user in FreeIPA, it instead gives:
[root at bart samba]# LANG=en smbpasswd -a root
No builtin backend found, trying to load plugin
Module 'ipasam' loaded
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
pdb_init_ipasam: support for pdb_enum_upn_suffixes enabled for domain bolls.lan
New SMB password:
Retype new SMB password:
init_sam_from_ldap: Entry found for user: root
ERROR: Got 0 entries for gid 0, expected at least one
ERROR: Got 0 entries for gid 0, expected at least one
Forcing Primary Group to 'Domain Users' for root
Failed to modify entry for user root.
I can't create a user with uid=0 or gid=0 in FreeIPA...
I have also tried changing the administrator user:
pdbedit -U S-1-5-21-3189138339-1730592290-4215248117-500 -u mj -r -d 7
but it also fails:
http://pastebin.com/8tpuD6Eg
Config:
[global]
bind interfaces only = yes
enable privileges = yes
workgroup = BOLLS
netbios name = BART
realm = BOLLS.LAN
kerberos method = dedicated keytab
dedicated keytab file = FILE:/etc/samba/samba.keytab
create krb5 conf = no
security = user
domain master = yes
domain logons = yes
log level = 3
max log size = 100000
log file = /var/log/samba/log.%m
passdb backend = ipasam:ldaps://lisa.bolls.lan
disable spoolss = yes
ldapsam:trusted = yes
ldap ssl = off
ldap suffix = dc=bolls,dc=lan
ldap user suffix = cn=users,cn=accounts
ldap group suffix = cn=groups,cn=accounts
ldap machine suffix = cn=computers,cn=accounts
rpc_server:epmapper = external
rpc_server:lsarpc = external
rpc_server:lsass = external
rpc_server:lsasd = external
rpc_server:samr = external
rpc_server:netlogon = external
rpc_server:tcpip = yes
rpc_daemon:epmd = fork
rpc_daemon:lsasd = fork
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root, mj
create mask = 0600
guest ok = Yes
printable = Yes
browseable = No
[print$]
comment = Printer Drivers Share
path = /var/lib/samba/drivers
write list = mj, root
printer admin = mj, root
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
admin users = root, mj
guest ok = Yes
browseable = No
# For profiles to work, create a user directory under the path
# shown. i.e., mkdir -p /var/lib/samba/profiles/mj
[Profiles]
comment = Roaming Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
----- Original meddelelse -----
Fra: "Rowland penny" <rpenny at samba.org>
Til: "samba" <samba at lists.samba.org>
Sendt: mandag, 29. februar 2016 10:14:09
Emne: Re: [Samba] Segmentation Fault when trying to set root samba password, IPA as a backend
On 29/02/16 09:06, Martin Juhl wrote:
> Hi guys
>
>
> When trying to set root's password, I get a segmentation fault:
>
> [root at bart ~]# smbpasswd -a root
> No builtin backend found, trying to load plugin
> Module 'ipasam' loaded
> smbldap_open_connection: connection opened
> ldap_connect_system: successful connection to the LDAP server
> pdb_init_ipasam: support for pdb_enum_upn_suffixes enabled for domain bolls.lan
> New SMB password:
> Retype new SMB password:
> Segmentation fault
>
> What to do???
>
> Regards
>
> Martin
>
Hi, what version of Samba is this ?
Also, how have you set up Samba ?
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list