[Samba] Unable to fetch value for secret BCKUPKEY_, are we an undetected RODC?

Garming Sam garming at catalyst.net.nz
Sun Jul 3 22:51:37 UTC 2016 

If it is that bug that you're referencing, besides obviously upgrading,
you could try to patch it yourself. Whether or not you need to patch
this, probably depends on whether or not your users are actually seeing
issues. All that seems to  happen is that it's entering a failure case
when it hasn't actually failed.

https://www.samba.org/samba/patches/

Cheers,

Garming

On 04/07/16 07:06, Mark Foley wrote:
> I upgraded from 4.1.23 to 4.2.12 and am now getting (lots of) messages:
>
> Unable to fetch value for secret BCKUPKEY_, are we an undetected RODC?
>
> I found an almost identical message (titled: "Update samba4 from 4.1.17 to 4.2.1 failed") on
> the web from May 22, 2015 at:
>
> http://samba.2283325.n4.nabble.com/Update-samba4-from-4-1-17-to-4-2-1-failed-td4686215.html
>
> but saw no resolution other than suggestions by Rowland Penny to remove certain smb.conf
> settings, none of which I have.
>
> That page references a bug report https://bugzilla.samba.org/show_bug.cgi?id=11416, with a
> response on 2016-04-08 saying the problem is fixed in 4.3 and above.
>
> Seems like this is a problem going from 4.1 to 4.2, but not fixed until 4.3.
>
> Is there anything I can or should do about this?
>
> --Mark
>

-------------- next part --------------
From d787b74e135a33878138f1844b65f754c1ecde8f Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Wed, 4 Mar 2015 10:29:53 +0100
Subject: [PATCH 1/3] backupkey: Slightly simplify
 bkrp_do_retrieve_server_wrap_key

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
---
 source4/rpc_server/backupkey/dcesrv_backupkey.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index 4037d18..a2d7ec3 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -1425,7 +1425,8 @@ static WERROR bkrp_do_retrieve_server_wrap_key(TALLOC_CTX *mem_ctx, struct ldb_c
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(10, ("Error while fetching secret %s\n", secret_name));
 		return WERR_INVALID_DATA;
-	} else if (guid_binary.length == 0) {
+	}
+	if (guid_binary.length == 0) {
 		/* RODC case, we do not have secrets locally */
 		DEBUG(1, ("Unable to fetch value for secret %s, are we an undetected RODC?\n",
 			  secret_name));
-- 
1.9.1


From 36eda38daf007b929ba11bf3774106d86f81c37e Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Wed, 4 Mar 2015 10:35:47 +0100
Subject: [PATCH 2/3] backupkey: Fix CID 1273293 Uninitialized scalar variable

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
---
 source4/rpc_server/backupkey/dcesrv_backupkey.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index a2d7ec3..90e458b 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -1426,7 +1426,7 @@ static WERROR bkrp_do_retrieve_server_wrap_key(TALLOC_CTX *mem_ctx, struct ldb_c
 		DEBUG(10, ("Error while fetching secret %s\n", secret_name));
 		return WERR_INVALID_DATA;
 	}
-	if (guid_binary.length == 0) {
+	if (lsa_secret.length == 0) {
 		/* RODC case, we do not have secrets locally */
 		DEBUG(1, ("Unable to fetch value for secret %s, are we an undetected RODC?\n",
 			  secret_name));
-- 
1.9.1


From b2fe6b86b788ea943d63a57581f35dab9ebf693a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Wed, 4 Mar 2015 10:36:40 +0100
Subject: [PATCH 3/3] backupkey: Remove an unused variable

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
---
 source4/rpc_server/backupkey/dcesrv_backupkey.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index 90e458b..45c3086 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -1403,7 +1403,7 @@ static WERROR bkrp_do_retrieve_server_wrap_key(TALLOC_CTX *mem_ctx, struct ldb_c
 					       struct GUID *guid)
 {
 	NTSTATUS status;
-	DATA_BLOB guid_binary, lsa_secret;
+	DATA_BLOB lsa_secret;
 	char *secret_name;
 	char *guid_string;
 	enum ndr_err_code ndr_err;
-- 
1.9.1

More information about the samba mailing list