[Samba] Problem after upgrading to 4.9
L.P.H. van Belle
belle at bazuin.nl
Wed Dec 12 13:28:00 UTC 2018
about that systemd part.
systemctl daemon-reload
systemctl samba-ad-dc stop
clear the logs in /va/log/samba
systemctl samba-ad-dc start
and and extra check on the dns part.
sudo /usr/sbin/samba_dnsupdate --verbose
and check your logs again to make sure your all ok.
Greetz,
Louis
Van: Sergio Belkin [mailto:sebelk at gmail.com]
Verzonden: woensdag 12 december 2018 14:16
Aan: L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Problem after upgrading to 4.9
Well, really weird for me. I've interruped the inteactive samba, run again with systemd, and now it works.... hehehe, don't now why.... happy, but I don't know why now it works again....
El mié., 12 dic. 2018 a las 10:07, Sergio Belkin (<sebelk at gmail.com>) escribió:
Thanks Louis;
/etc/krb5.conf
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = true
/etc/resolv.conf
search example.com
nameserver 192.168.50.40
/etc/hosts
127.0.0.1 localhost samba4.example.com
192.168.50.40 samba4.example.com samba4 ldap.example.com
Output off:
samba-tool dbcheck --cross-ncs
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com
Not fixing old string component
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com
Not fixing old string component
Checked 3626 objects (0 errors)
Something interesting: if I run samba -i outside systemd workf fine... weird, I see that systemd run:
ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS
Thanks in advance!
El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (<samba at lists.samba.org>) escribió:
Hai,
Can you post
/etc/krb5.conf
/etc/resolv.conf
/etc/hosts
Output off:
samba-tool dbcheck --cross-ncs
And last question, are there any DC removed from the domain.
50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
My guess here the UUID is a removed DC.
You samba config looks fine to me.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Sergio Belkin via samba
> Verzonden: woensdag 12 december 2018 13:25
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Problem after upgrading to 4.9
>
> Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to
> samba 4.9 but
> now it fails, these are the errors:
>
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
> 09:14:49.372290, 0]
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
> /usr/sbin/samba_dnsupdate: Failed to bind to uuid
> 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
> ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4
-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
> NT_STATUS_LOGON_FAILURE
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
> 09:14:49.372338, 0]
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
> /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server
> 192.168.50.40 failed with (3221225581, 'The attempted logon
> is invalid.
> This is either due to a bad username or authentication information.')
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
> 09:14:49.381318, 0]
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]:
> /usr/sbin/samba_dnsupdate: Failed to bind to uuid
> 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
> ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4
-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]
> NT_STATUS_LOGON_FAILURE
> dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12
> 09:14:49.381385, 0]
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>
> I've no modified the smb.conf which is:
>
> [global]
> dns forwarder = 8.8.8.8
> netbios name = SAMBA4
> realm = EXAMPLE.COM
> interfaces = lo eth0
> server role = active directory domain controller
> workgroup = EXAMPLE
> idmap_ldb:use rfc2307 = yes
> # Audit settings
> full_audit:prefix = %u|%I|%m|%S
> full_audit:failure = connect
> full_audit:success = mkdir rmdir read pread write pwrite
> rename unlink
> full_audit:facility = local5
> full_audit:priority = notice
> # TLS settings
> tls enabled = yes
> tls certfile = tls/ldap.example-aid.com/fullchain.pem
> tls keyfile = tls/ldap.example-aid.com/privkey.pem
> tls cafile =
> #log auth
> log level = 1 auth_audit:3 auth_json_audit:3
> [netlogon]
> path = /var/lib/samba/sysvol/example-aid.com/scripts
> read only = No
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
> [lab]
> path = /srv/samba/lab
> read only = no
> vfs objects = full_audit
>
> I cannot even 'to kinit', I get:
> kinit: krb5_get_init_creds: unable to reach any KDC in realm
> EXAMPLE.COM
>
> Please could you help me?
>
> Thanks in advance...
>
>
>
>
>
>
>
> Thanks in advance
> --
> --
> Sergio Belkin
> LPIC-2 Certified - http://www.lpi.org
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
--
Sergio Belkin
LPIC-2 Certified - http://www.lpi.org
--
--
Sergio Belkin
LPIC-2 Certified - http://www.lpi.org
More information about the samba
mailing list