[Samba] sys_setgroups failed on Solaris 11
Teddy Brown
tbrown at ctg.queensu.ca
Thu Jun 7 14:04:41 UTC 2018
Hi,
I'm trying to create a new Samba server to share files. We currently have an instance of Samba 3.6 on another server which we are using but need to retire that server.
I recently set up a new AD domain on Samba 4.3.11 on Ubuntu 16.04. There are two domain controllers. Most of the PCs are joined to this AD domain.
Our user accounts and group memberships are maintained in an LDAP directory. On our Linux servers SSSD is used to authenticate and authorize and Solaris servers use nsswitch ldap directly.
I've followed the instructions here to join the new Samba server (Samba 4.4.14 on Solaris 11.3) to the AD domain.
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
My hope is to use AD for authentication, but for the users & groups to be read by the Samba server OS as if our users were on Unix/Linux directly. Our current Samba 3.6 works this way. We assign permissions in Unix. We don't assign permissions using Windows.
Anyways, when I connect it seems work when I authenticate but then it bails on sys_setgroups.
Not sure what to look for now. What information should I provide for help?
#
# smb.conf
#======================= Global Settings =====================================
[global]
security = ADS
workgroup = MYDOMAIN-AD
server string = Samba Server on LEX
server role = standalone server
log file = /var/samba/log/log.%m
max log size = 50
realm = MYDOMAIN-AD.CTG.QUEENSU.CA
passdb backend = tdbsam
interfaces = 10.1.21.220/16
bind interfaces only = yes
wins support = no
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config MYDOMAIN-AD : backend = nss
idmap config MYDOMAIn-AD : range = 100000-999999
#
#
# some output from: smbd -i -d3
....snip...
ldb_wrap open of secrets.ldb
check_ntlm_password: winbind authentication for user [teddy] succeeded
check_ntlm_password: authentication for user [teddy] -> [teddy] -> [teddy] succeeded
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0xe2088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0xe2088215
Adding homes service for user 'teddy' using home directory: '/home/teddy'
adding home's share [teddy] for user 'teddy' at '/home/teddy'
Allowed connection from 10.0.61.1 (10.0.61.1)
Connect path is '/tmp' for service [IPC$]
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
PANIC (pid 23738): sys_setgroups failed
BACKTRACE: 22 stack frames:
....snip....
--
Teddy Brown
Senior Applications Developer
Systems Analyst
Canadian Cancer Trials Group
Queen's University
10 Stuart St, Kingston ON, K7L 3N6
(613) 533-6430
Follow us: [ https://twitter.com/CDNCancerTrials ] [ https://www.linkedin.com/company/canadiancancertrialsgroup | ] [ http://www.cctg.ca/ | cctg.ca ]
More information about the samba
mailing list