[Samba] Problem after upgrading to 4.9
Sergio Belkin
sebelk at gmail.com
Wed Dec 12 13:15:47 UTC 2018
Well, really weird for me. I've interruped the inteactive samba, run again
with systemd, and now it works.... hehehe, don't now why.... happy, but I
don't know why now it works again....
El mié., 12 dic. 2018 a las 10:07, Sergio Belkin (<sebelk at gmail.com>)
escribió:
> Thanks Louis;
>
>
> /etc/krb5.conf
>
> [libdefaults]
> default_realm = EXAMPLE.COM
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
> /etc/resolv.conf
>
> search example.com
> nameserver 192.168.50.40
>
> /etc/hosts
>
>
> 127.0.0.1 localhost samba4.example.com
> 192.168.50.40 samba4.example.com samba4 ldap.example.com
>
>
> Output off:
> samba-tool dbcheck --cross-ncs
>
> NOTE: old (due to rename or delete) DN string component for
> lastKnownParent in object
> DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted
> Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com -
> DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com
> Not fixing old string component
> NOTE: old (due to rename or delete) DN string component for
> lastKnownParent in object
> DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted
> Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com -
> DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com
>
> Not fixing old string component
> Checked 3626 objects (0 errors)
>
> Something interesting: if I run samba -i outside systemd workf fine...
> weird, I see that systemd run:
> ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS
>
>
> Thanks in advance!
>
> El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (<
> samba at lists.samba.org>) escribió:
>
>> Hai,
>>
>> Can you post
>> /etc/krb5.conf
>> /etc/resolv.conf
>> /etc/hosts
>>
>> Output off:
>> samba-tool dbcheck --cross-ncs
>>
>> And last question, are there any DC removed from the domain.
>>
>>
>> 50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=>
>> 192.168.50.40]
>> My guess here the UUID is a removed DC.
>>
>> You samba config looks fine to me.
>>
>> Greetz,
>>
>> Louis
>>
>>
>>
>> > -----Oorspronkelijk bericht-----
>> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> > Sergio Belkin via samba
>> > Verzonden: woensdag 12 december 2018 13:25
>> > Aan: samba at lists.samba.org
>> > Onderwerp: [Samba] Problem after upgrading to 4.9
>> >
>> > Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to
>> > samba 4.9 but
>> > now it fails, these are the errors:
>> >
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>> > 09:14:49.372290, 0]
>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
>> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid
>> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
>> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4
>> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
>> > NT_STATUS_LOGON_FAILURE
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>> > 09:14:49.372338, 0]
>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
>> > /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server
>> > 192.168.50.40 failed with (3221225581, 'The attempted logon
>> > is invalid.
>> > This is either due to a bad username or authentication information.')
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>> > 09:14:49.381318, 0]
>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
>> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid
>> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
>> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4
>> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
>> > NT_STATUS_LOGON_FAILURE
>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
>> > 09:14:49.381385, 0]
>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>> >
>> > I've no modified the smb.conf which is:
>> >
>> > [global]
>> > dns forwarder = 8.8.8.8
>> > netbios name = SAMBA4
>> > realm = EXAMPLE.COM
>> > interfaces = lo eth0
>> > server role = active directory domain controller
>> > workgroup = EXAMPLE
>> > idmap_ldb:use rfc2307 = yes
>> > # Audit settings
>> > full_audit:prefix = %u|%I|%m|%S
>> > full_audit:failure = connect
>> > full_audit:success = mkdir rmdir read pread write pwrite
>> > rename unlink
>> > full_audit:facility = local5
>> > full_audit:priority = notice
>> > # TLS settings
>> > tls enabled = yes
>> > tls certfile = tls/ldap.example-aid.com/fullchain.pem
>> > tls keyfile = tls/ldap.example-aid.com/privkey.pem
>> > tls cafile =
>> > #log auth
>> > log level = 1 auth_audit:3 auth_json_audit:3
>> > [netlogon]
>> > path = /var/lib/samba/sysvol/example-aid.com/scripts
>> > read only = No
>> > [sysvol]
>> > path = /var/lib/samba/sysvol
>> > read only = No
>> > [lab]
>> > path = /srv/samba/lab
>> > read only = no
>> > vfs objects = full_audit
>> >
>> > I cannot even 'to kinit', I get:
>> > kinit: krb5_get_init_creds: unable to reach any KDC in realm
>> > EXAMPLE.COM
>> >
>> > Please could you help me?
>> >
>> > Thanks in advance...
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > Thanks in advance
>> > --
>> > --
>> > Sergio Belkin
>> > LPIC-2 Certified - http://www.lpi.org
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions: https://lists.samba.org/mailman/options/samba
>> >
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>
>
>
> --
> --
> Sergio Belkin
> LPIC-2 Certified - http://www.lpi.org
>
--
--
Sergio Belkin
LPIC-2 Certified - http://www.lpi.org
More information about the samba
mailing list