[Samba] Segmentation Fault when trying to set root samba password, IPA as a backend

Mueller mueller at tropenklinik.de
Mon Feb 29 10:19:48 UTC 2016 

I think this will not work with samba 4  anymore.


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de 




-----Ursprüngliche Nachricht-----
Von: Martin Juhl [mailto:mj at casalogic.dk] 
Gesendet: Montag, 29. Februar 2016 11:05
An: Rowland penny <rpenny at samba.org>
Cc: samba at lists.samba.org
Betreff: Re: [Samba] Segmentation Fault when trying to set root samba password, IPA as a backend

Hi

This is samba-4.2.3-11.el7_2.x86_64 on CentOS...

I'm trying to setup a Samba NT4 domain, with FreeIPA as a backend...

Right now everything works.. except that I need a Domain Adminstrator...

smbpasswd -a root, segfaults... probably because the user doesn't exist in FreeIPA

If I create the root user in FreeIPA, it instead gives:

[root at bart samba]# LANG=en smbpasswd -a root No builtin backend found, trying to load plugin Module 'ipasam' loaded
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
pdb_init_ipasam: support for pdb_enum_upn_suffixes enabled for domain bolls.lan New SMB password:
Retype new SMB password:
init_sam_from_ldap: Entry found for user: root
ERROR: Got 0 entries for gid 0, expected at least one
ERROR: Got 0 entries for gid 0, expected at least one Forcing Primary Group to 'Domain Users' for root Failed to modify entry for user root.


I can't create a user with uid=0 or gid=0 in FreeIPA...

I have also tried changing the administrator user:

pdbedit -U S-1-5-21-3189138339-1730592290-4215248117-500 -u mj -r -d 7

but it also fails:

http://pastebin.com/8tpuD6Eg


Config:

[global]
        bind interfaces only = yes
        enable privileges = yes
        workgroup = BOLLS
        netbios name = BART
        realm = BOLLS.LAN
        kerberos method = dedicated keytab
        dedicated keytab file = FILE:/etc/samba/samba.keytab
        create krb5 conf = no
        security = user
        domain master = yes
        domain logons = yes
        log level = 3
        max log size = 100000
        log file = /var/log/samba/log.%m
        passdb backend = ipasam:ldaps://lisa.bolls.lan
        disable spoolss = yes
        ldapsam:trusted = yes
        ldap ssl = off
        ldap suffix = dc=bolls,dc=lan
        ldap user suffix = cn=users,cn=accounts
        ldap group suffix = cn=groups,cn=accounts
        ldap machine suffix = cn=computers,cn=accounts
        rpc_server:epmapper = external
        rpc_server:lsarpc = external
        rpc_server:lsass = external
        rpc_server:lsasd = external
        rpc_server:samr = external
        rpc_server:netlogon = external
        rpc_server:tcpip = yes
        rpc_daemon:epmd = fork
        rpc_daemon:lsasd = fork
        logon path = \\%L\Profiles\%U
        logon drive = H:
        logon home = \\%L\%U

[homes]
        comment = Home Directories
        valid users = %S
        read only = No
        browseable = No
[printers]
        comment = All Printers
        path = /var/spool/samba
        printer admin = root, mj
        create mask = 0600
        guest ok = Yes
        printable = Yes
        browseable = No
[print$]
        comment = Printer Drivers Share
        path = /var/lib/samba/drivers
        write list = mj, root
        printer admin = mj, root
[netlogon]
        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        admin users = root, mj
        guest ok = Yes
        browseable = No
# For profiles to work, create a user directory under the path # shown. i.e., mkdir -p /var/lib/samba/profiles/mj
        [Profiles]
        comment = Roaming Profile Share
        path = /var/lib/samba/profiles
        read only = No
        profile acls = Yes




----- Original meddelelse -----
Fra: "Rowland penny" <rpenny at samba.org>
Til: "samba" <samba at lists.samba.org>
Sendt: mandag, 29. februar 2016 10:14:09
Emne: Re: [Samba] Segmentation Fault when trying to set root samba password, IPA as a backend

On 29/02/16 09:06, Martin Juhl wrote: 
> Hi guys
> 
> 
> When trying to set root's password, I get a segmentation fault: 
> 
> [root at bart ~]# smbpasswd -a root
> No builtin backend found, trying to load plugin Module 'ipasam' loaded
> smbldap_open_connection: connection opened
> ldap_connect_system: successful connection to the LDAP server
> pdb_init_ipasam: support for pdb_enum_upn_suffixes enabled for domain 
> bolls.lan New SMB password:
> Retype new SMB password: 
> Segmentation fault
> 
> What to do??? 
> 
> Regards
> 
> Martin
> 

Hi, what version of Samba is this ? 
Also, how have you set up Samba ? 

Rowland 


-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list