[Samba] Samba using pdb ldapsam fails upon startup

Rowland Penny rpenny at samba.org
Wed Nov 2 17:54:15 UTC 2016 

On Wed, 2 Nov 2016 17:56:11 +0100
Karsten Voigt via samba <samba at lists.samba.org> wrote:

> Dear all,
> 
> I freshly installed a new smb-server that should act as file server
> with some smb-shares.
> 
> The pdc is a Windows 2008 r2 server.
> 
> My smb.conf is as follows:
> 
> [global]
>          workgroup = agroup
>          server string = ssmbserver
>          #passdb backend = tdbsam
>          map to guest = Bad User
>          usershare allow guests = No
>          security = domain
>          wins support = No
>          domain logons = No
>          domain master = No
>          # LDAP
>          idmap backend = ldap:ldap://apdc.agroup.privat
>          ldap suffix = DC=agroup,DC=privat
>          ldap admin dn = CN=Administrator,CN=users,DC=agroup,DC=privat
>          ldap user suffix = ou=Users
>          ldap group suffix = ou=Groups
>          ldap idmap suffix = ou=Idmap
>          ldap machine suffix = ou=Machines
>          ldap passwd sync = Yes
>          ldap ssl = Off
>          passdb backend = ldapsam:ldap://apdc.agroup.privat
>          idmap gid = 1000-20000
>          idmap uid = 1000-20000
>          username level = 1
>          realm = AGROUP.PRIVAT
>          template homedir = /home/%D/%U
>          winbind refresh tickets = yes
>          password server = *
> [homes]
> [...]
> 
> If I try to start samba, the error message will be as follows:
> 
> -- Logs begin at Thu 2016-09-08 15:01:19 CEST, end at Wed 2016-11-02 
> 16:28:57 CET. --
> Nov 02 16:28:52 asmbserver systemd[1]: smb.service: Supervising
> process 19785 which is not our child. We'll most likely not notice
> when it exits. Nov 02 16:28:57 asmbserver smbd[19785]: [2016/11/02
> 16:28:57.807635,
> 0] ../source3/passdb/pdb_ldap_util.c:313(smbldap_search_domain_info)
> Nov 02 16:28:57 asmbserver smbd[19785]: smbldap_search_domain_info:
> Adding domain info for ASMBSERVER failed with NT_STATUS_UNSUCCESSFUL
> Nov 02 16:28:57 asmbserver smbd[19785]: [2016/11/02 16:28:57.807745,
> 0] ../source3/passdb/pdb_ldap.c:6558(pdb_ldapsam_init_common) Nov 02
> 16:28:57 asmbserver smbd[19785]: pdb_init_ldapsam: WARNING: Could not
> get domain info, nor add one to the domain. We cannot work reliably
> without it. Nov 02 16:28:57 asmbserver smbd[19785]: [2016/11/02
> 16:28:57.807779,
> 0] ../source3/passdb/pdb_interface.c:179(make_pdb_method_name) Nov 02
> 16:28:57 asmbserver smbd[19785]: pdb backend
> ldapsam:ldap://apdc.privat did not correctly init (error was
> NT_STATUS_CANT_ACCESS_DOMAIN_INFO) Nov 02 16:28:57 asmbserver
> systemd[1]: smb.service: main process exited, code=exited,
> status=1/FAILURE Nov 02 16:28:57 asmbserver systemd[1]: Failed to
> start Samba SMB Daemon. -- Subject: Unit smb.service has failed
> 
> When I use passwd tdbsam, it will work fine, but I guess I use the 
> NIS-accounts instead.
> 
> Thanks in advance,
> 
> Karsten
> 
> 

Are you really running a 2008R2 as an NT4-style PDC ??
Or is it actually an AD DC ?

If the later, see here:

 https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member

Rowland

More information about the samba mailing list