[Samba] After upgrade to 4.9.4, internal DNS no longer working
L.P.H. van Belle
belle at bazuin.nl
Thu Dec 27 11:18:01 UTC 2018
Ps.
I forgot, to ask.
Which is used : systemd-networkd or NetworkManager?
The why is shown here:
https://wiki.archlinux.org/index.php/Systemd-resolved
The wiki of arch is very good, i do use these these often. ( yes even for my debian servers ).
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Viktor Trojanovic via samba
> Verzonden: donderdag 27 december 2018 11:58
> Aan: Rowland Penny; samba at lists.samba.org
> Onderwerp: Re: [Samba] After upgrade to 4.9.4, internal DNS
> no longer working
>
> Hi Louis and Rowland,
>
> Thanks for all your input. In answer to your questions, yes,
> all packages were upgraded to 4.9.4 so that was not the issue
> – the error messages you’ve seen in this regard are from
> during the upgrade. I can only guess that something was
> removed too early. Also both hostname and resolv.conf were
> set up correctly. But these points seem moot now as I was
> able to solve the issue.
>
> I didn’t touch the base system which was upgraded but I did
> downgrade Samba and dependencies (samba, smbclient,
> libwbclient) back to v4.7.4, I then just overwrote the Samba
> folder (/var/lib/samba) which contains private and sysvol
> with a recent backup – and everything works again. Users can
> log in, GPOs are being distributed. I have not yet tried to
> upgrade again, I’ll leave this for some other day.
>
> samba-tool dbcheck isn’t showing any errors. samba-tool ntacl
> sysvolcheck does complain about an incorrect db acl on a gpo
> directory so I ran sysvolreset. The error remains but doesn’t
> seem to bother the AD otherwise. Still, to be safe, here is
> the error:
>
> $ sudo samba-tool ntacl sysvolcheck
> ERROR(<class 'samba.provision.ProvisioningError'>): uncaught
> exception - ProvisioningError: DB ACL on GPO directory
> /var/lib/samba/sysvol/samdom.example.com/Policies/{31B2F340-01
> 6D-11D2-945F-00C04FB984F9}
> O:LAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;
> OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f0
> 1ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)
> does not match expected value
> O:DAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;
> OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f0
> 1ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)
> from GPO object
> File
> "/usr/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 176, in _run
> return self.run(*args, **kwargs)
> File
> "/usr/lib/python2.7/site-packages/samba/netcmd/ntacl.py",
> line 270, in run
> lp)
> File
> "/usr/lib/python2.7/site-packages/samba/provision/__init__.py"
> , line 1723, in checksysvolacl
> direct_db_access)
> File
> "/usr/lib/python2.7/site-packages/samba/provision/__init__.py"
> , line 1674, in check_gpos_acl
> domainsid, direct_db_access)
> File
> "/usr/lib/python2.7/site-packages/samba/provision/__init__.py"
> , line 1621, in check_dir_acl
> raise ProvisioningError('%s ACL on GPO directory %s %s
> does not match expected value %s from GPO object' %
> (acl_type(direct_db_access), path, fsacl_sddl, acl))
>
> Any advice on how to take care of this error, or can this be
> safely ignored?
>
> Thanks,
> Viktor
>
>
> From: Rowland Penny via samba
> Sent: Donnerstag, 27. Dezember 2018 11:29
> To: samba at lists.samba.org
> Subject: Re: [Samba] After upgrade to 4.9.4, internal DNS no
> longer working
>
> On Thu, 27 Dec 2018 11:07:08 +0100
> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
>
> > Gooood morning Rowland, :-)
> >
> > Your late ;-)..
> > What i also did see, so its more clear for others also.
> >
> > > Dez 22 21:08:31 dc1 systemd[1]: Starting Samba AD Daemon...
> > > Dez 22 21:08:31 dc1 kernel: audit: type=1131
> > > audit(1545509311.984:52): pid=1 uid=0 auid=4294967295
> > > ses=4294967295 msg='unit=samba comm="systemd"
> > > exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
> > > res=failed' Dez 22 21:08:32 dc1 samba[733]: root process[733]:
> > > [2018/12/22
> >
> > This line: exe="/usr/lib/systemd/systemd" hostname=? addr=?
> > terminal=? res=failed'
> >
> > So incorrect hostname/resolving resulting in this problem.
>
> I actually think it could be a symptom and not the root cause. It
> could be that two main things happened, systemd was upgraded and with
> it 'resolved' was installed and smbclient wasn't upgraded.
>
> I think that if 'resolved' is removed and ALL Samba packages are
> upgraded, he might get it to work again.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list