[Samba] NT_STATUS_NO_MEMORY accessing a DC shared resource
Ing. Claudio Nicora
claudio.nicora at gmail.com
Thu Jul 5 12:03:43 UTC 2018
I have a working Samba 4.7.6 DC with the default /sysvol and /netlogon
shares.
These shares work perfectly and domain users can access them without any
issue.
Now, to ease experimenting with config files and stuff (it's not a
production server), I've added a /rootdisk share (path=/) limiting its
access ro root and domain admins:
---------
# cat /etc/samba/smb.conf
[global]
bind interfaces only = Yes
interfaces = lo eth_lan
netbios name = SRVADDC
realm = SAMDOM.LOCAL
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
workgroup = SAMDOM
#username map = /etc/samba/username.map
[netlogon]
path = /var/lib/samba/sysvol/samdom.it/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[RootDisk]
path = /
read only = No
valid users = root SAMDOM\myuser @"SAMDOM\domain admins"
force user = root
force group = root
create mode = 0640
force create mode = 0640
-----
It worked at first but now, after about 2 days, it stopped working and I
can't connect to it from Windows anymore.
Running this from a command prompt:
net use * \\srvaddc.samdom.local\RootDisk
returns this error message (translated from localized one, so it could
not be exactly the same in English):
-----
System error 8.
Insufficient memory to execute the command
-----
This is the samba log (level 4) of the client trying to connect with the
NT_STATUS_NO_MEMORY error:
-----
[2018/07/05 13:48:12.411901, 3]
../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect)
ldb_wrap open of secrets.ldb
[2018/07/05 13:48:12.423964, 3]
../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect)
ldb_wrap open of privilege.ldb
[2018/07/05 13:48:12.480798, 3]
../source3/smbd/password.c:144(register_homes_share)
Adding homes service for user 'SAMDOM\myuser' using home directory:
'/home/SAMDOM/myuser'
[2018/07/05 13:48:12.482416, 3] ../lib/util/access.c:365(allow_access)
Allowed connection from 10.0.0.10 (10.0.0.10)
[2018/07/05 13:48:12.482509, 3]
../source3/smbd/service.c:595(make_connection_snum)
Connect path is '/tmp' for service [IPC$]
[2018/07/05 13:48:12.482581, 3] ../source3/smbd/vfs.c:113(vfs_init_default)
Initialising default vfs hooks
[2018/07/05 13:48:12.482619, 3] ../source3/smbd/vfs.c:139(vfs_init_custom)
Initialising custom vfs hooks from [/[Default VFS]/]
[2018/07/05 13:48:12.482657, 3] ../source3/smbd/vfs.c:139(vfs_init_custom)
Initialising custom vfs hooks from [acl_xattr]
[2018/07/05 13:48:12.482696, 3] ../source3/smbd/vfs.c:139(vfs_init_custom)
Initialising custom vfs hooks from [dfs_samba4]
[2018/07/05 13:48:12.482738, 2]
../source3/modules/vfs_acl_xattr.c:236(connect_acl_xattr)
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service IPC$
[2018/07/05 13:48:12.485807, 3]
../source3/smbd/service.c:841(make_connection_snum)
10.0.0.10 (ipv4:10.0.0.10:50263) connect to service IPC$ initially as
user SAMDOM\myuser (uid=3000071, gid=100) (pid 11670)
[2018/07/05 13:48:12.486968, 3]
../source3/smbd/msdfs.c:1008(get_referred_path)
get_referred_path: |RootDisk| in dfs path \srvaddc.samdom.it\RootDisk
is not a dfs root.
[2018/07/05 13:48:12.487048, 3]
../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
status[NT_STATUS_NOT_FOUND] || at ../source3/smbd/smb2_ioctl.c:309
[2018/07/05 13:48:12.489682, 3] ../lib/util/access.c:365(allow_access)
Allowed connection from 10.0.0.10 (10.0.0.10)
[2018/07/05 13:48:12.489742, 3]
../libcli/security/dom_sid.c:210(dom_sid_parse_endp)
string_to_sid: SID root is not in a valid format
[2018/07/05 13:48:12.491233, 3]
../libcli/security/dom_sid.c:210(dom_sid_parse_endp)
string_to_sid: SID SAMDOM\myuser is not in a valid format
[2018/07/05 13:48:12.558201, 1]
../source3/param/loadparm.c:2480(lp_idmap_range)
idmap range not specified for domain '*'
[2018/07/05 13:48:12.577539, 1]
../source3/auth/token_util.c:442(add_local_groups)
SID S-1-5-21-299502267-616249376-1417001333-4174 -> getpwuid(3000002)
failed
[2018/07/05 13:48:12.577678, 3]
../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
status[NT_STATUS_NO_MEMORY] || at ../source3/smbd/smb2_tcon.c:135
[2018/07/05 13:48:14.672221, 2] ../source3/smbd/service.c:1120(close_cnum)
10.0.0.10 (ipv4:10.0.0.10:50263) closed connection to service sysvol
-----
What shall I check?
More information about the samba
mailing list