[Samba] [OT?] VM or Container for an AD DC?

Tue Sep 19 15:25:37 UTC 2017

> ...googling around seems to me that are ''old limitation'', now gone.

No.

root at vdcsv1:~# samba-tool domain provision --server-role=dc --use-rfc2307 --dns-backend=BIND9_DLZ --realm=AD.FVG.LNF.IT --domain=LNFFVG
Administrator password will be set randomly!
You are not root or your system do not support xattr, using tdb backend for attributes. 
not using extended attributes to store ACLs and other metadata. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=ad,DC=fvg,DC=lnf,DC=it
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
process_usershare_file: share name unknown service (snum == -1) contains invalid characters (any of %<>*?|/\+=;:",)
xattr_tdb_removexattr() failed to get vfs_handle->data!
process_usershare_file: share name unknown service (snum == -1) contains invalid characters (any of %<>*?|/\+=;:",)
Security context active token stack underflow!
PANIC (pid 13321): Security context active token stack underflow!
BACKTRACE: 35 stack frames:
 #0 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(log_stack_trace+0x1a) [0x7f07ff93c85a]
 #1 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(smb_panic_s3+0x20) [0x7f07ff93c940]
 #2 /usr/lib/x86_64-linux-gnu/libsamba-util.so.0(smb_panic+0x2f) [0x7f0811f9bfcf]
 #3 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(sec_ctx_active_token+0x6a) [0x7f07fda0821a]
 #4 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(try_chown+0xa9) [0x7f07fda13ed9]
 #5 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(set_nt_acl+0x155) [0x7f07fda14085]
 #6 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(+0x1ee161) [0x7f07fdadd161]
 #7 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(smb_vfs_call_fset_nt_acl+0x2d) [0x7f07fda0c5bd]
 #8 /usr/lib/x86_64-linux-gnu/samba/vfs/acl_xattr.so(+0x2699) [0x7f07ec4ff699]
 #9 /usr/lib/x86_64-linux-gnu/samba/vfs/acl_xattr.so(+0x5216) [0x7f07ec502216]
 #10 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(smb_vfs_call_fset_nt_acl+0x2d) [0x7f07fda0c5bd]
 #11 /usr/lib/python2.7/dist-packages/samba/samba3/smbd.x86_64-linux-gnu.so(+0x27fb) [0x7f07fde417fb]
 #12 /usr/bin/python2.7(PyEval_EvalFrameEx+0x4d79) [0x4cdbb9]
 #13 /usr/bin/python2.7(PyEval_EvalCodeEx+0x3c9) [0x4c7a59]
 #14 /usr/bin/python2.7(PyEval_EvalFrameEx+0x8bd) [0x4c96fd]
 #15 /usr/bin/python2.7(PyEval_EvalFrameEx+0xb2a) [0x4c996a]
 #16 /usr/bin/python2.7(PyEval_EvalCodeEx+0x3c9) [0x4c7a59]
 #17 /usr/bin/python2.7(PyEval_EvalFrameEx+0x8bd) [0x4c96fd]
 #18 /usr/bin/python2.7(PyEval_EvalCodeEx+0x3c9) [0x4c7a59]
 #19 /usr/bin/python2.7(PyEval_EvalFrameEx+0x8bd) [0x4c96fd]
 #20 /usr/bin/python2.7() [0x4e4518]
 #21 /usr/bin/python2.7(PyEval_EvalFrameEx+0x3ec9) [0x4ccd09]
 #22 /usr/bin/python2.7() [0x4e4518]
 #23 /usr/bin/python2.7(PyEval_EvalFrameEx+0x3ec9) [0x4ccd09]
 #24 /usr/bin/python2.7() [0x4e4518]
 #25 /usr/bin/python2.7(PyEval_EvalFrameEx+0x3ec9) [0x4ccd09]
 #26 /usr/bin/python2.7() [0x4e4518]
 #27 /usr/bin/python2.7(PyEval_EvalFrameEx+0x3ec9) [0x4ccd09]
 #28 /usr/bin/python2.7(PyEval_EvalCodeEx+0x3c9) [0x4c7a59]
 #29 /usr/bin/python2.7() [0x50160f]
 #30 /usr/bin/python2.7(PyRun_FileExFlags+0x82) [0x4f6c32]
 #31 /usr/bin/python2.7(PyRun_SimpleFileExFlags+0x197) [0x4f5d37]
 #32 /usr/bin/python2.7(Py_Main+0x55d) [0x4981cd]
 #33 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f08127d0b45]
 #34 /usr/bin/python2.7() [0x497b8b]
Can not dump core: corepath not set up
root at vdcsv1:~# 

OK, samba need a VM. ;-)

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)