[Samba] canonicalize_connect_path failed for service
emailthomasrob at gmail.com
Mon Apr 23 10:09:50 UTC 2018
We did the classicupgrade. Post the classicupgrade, we added a Windows
2008R2 server and dcpomo'd it. The original Samba box (classic DC) was
where we did the classicupgrade. Did you mean that we need to shut that
box down? Leaving a Windows DC (FSMO?) and Samba member server? Sorry I
was not aware of this step. What if we hadn't added a Windows 08 box?
Here is the smb.conf
# Global parameters
netbios name = CDR-FS01
security = ADS
workgroup = CDR
realm = CDR.INTERNAL
idmap config * : backend = tdb
idmap config * : range = 3000-7999
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
idmap config CDR:backend = ad
idmap config CDR:schema_mode = rfc2307
idmap config CDR:range = 5000-6000
log level = 2 auth:5
log file = /var/log/samba/sambalog.%m
logon script = %U.bat
comment = Home Directories
create mask = 0700
directory mask = 0700
browseable = No
read only = No
path = %H/samba
follow symlinks = yes
wide links = yes
I've tried both files winbind and the reverse. Same results.
On Mon, Apr 23, 2018 at 6:22 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Mon, 23 Apr 2018 16:48:15 +1000
> Rob Thoman via samba <samba at lists.samba.org> wrote:
> > Hi,
> > Our setup:
> > Samba (classic) DC: cdr-dc01
> > Samba (classic) member server: cdr-fs01. This is also a file server
> > AD realm: CDR.internal
> > We migrated to AD and came across an issue with accessing shares. The
> > shares in question worked pre-migrated. i.e using a windows machine a
> > user was able to access that share. The share in question was locked
> > down to just that user
> > Post migration, we are able to access any shares which are not locked
> > down to users i.e shares which are accessible to groups.
> > For the particular share in question, we get
> > canonicalize_connect_path failed for service user01, path
> > /home/CDR/user01/samba
> > There is no /home/CDR .
> Oh yes there is ;-)
> > Where is this coming from?
> From 'template homedir', it is the default setting.
> > The curios thing getent passwd gives the following
> > user01:*:3029:3000:user01:/home/CDR/user01:/bin/false
> > The user is not in the local /etc/passwd
> As it it shouldn't be
> > The cdr-fs01 has been joined to the AD domain, and we have the
> > following in /etc/nsswitch.conf
> > shadow: files
> > passwd: winbind files
> > group: winbind files
> It should be 'files winbind'
> What is the AD DC ?
> Can you please post the smb.conf from 'cdr-fs01'
> How did you migrate ? did you use 'samba-tool domain classicupgrade' ?
> If you did is the original PDC still running as a PDC ? if so, turn it
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba