[Samba] Samba 4.8 RODC not working
Rowland Penny
rpenny at samba.org
Wed Jun 13 10:17:49 UTC 2018
On Wed, 13 Jun 2018 11:33:48 +0200 (CEST)
Gaetan SLONGO <gslongo at it-optics.com> wrote:
>
>
>
>
> Here it is. It talks about homes share but I think we don't care ?
> Final error is not explicit to me.. Maybe you?
>
>
>
> INFO: Current debug levels:
> all: 10
> tdb: 10
> printdrivers: 10
> lanman: 10
> smb: 10
> rpc_parse: 10
> rpc_srv: 10
> rpc_cli: 10
> passdb: 10
> sam: 10
> auth: 10
> winbind: 10
> vfs: 10
> idmap: 10
> quota: 10
> acls: 10
> locking: 10
> msdfs: 10
> dmapi: 10
> registry: 10
> scavenger: 10
> dns: 10
> ldb: 10
> tevent: 10
> auth_audit: 10
> auth_json_audit: 10
> kerberos: 10
> drs_repl: 10
> smb2: 10
> smb2_credits: 10
> winbindd version 4.8.2-SerNet-RedHat-10.el7 started.
> Copyright Andrew Tridgell and the Samba Team 1992-2018
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384) INFO: Current debug levels:
> all: 10
> tdb: 10
> printdrivers: 10
> lanman: 10
> smb: 10
> rpc_parse: 10
> rpc_srv: 10
> rpc_cli: 10
> passdb: 10
> sam: 10
> auth: 10
> winbind: 10
> vfs: 10
> idmap: 10
> quota: 10
> acls: 10
> locking: 10
> msdfs: 10
> dmapi: 10
> registry: 10
> scavenger: 10
> dns: 10
> ldb: 10
> tevent: 10
> auth_audit: 10
> auth_json_audit: 10
> kerberos: 10
> drs_repl: 10
> smb2: 10
> smb2_credits: 10
> Processing section "[global]"
> doing parameter netbios name = DMZRODC
> doing parameter realm = ADS.MYDOMAIN.BE
> doing parameter server role = active directory domain controller
> doing parameter workgroup = MYDOMAIN
> doing parameter log level = 10
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> messaging_dgm_ref: messaging_dgm_init returned Succès
> messaging_dgm_ref: unique = 11509548009454711159
> Registering messaging pointer for type 2 - private_data=(nil)
> Registering messaging pointer for type 9 - private_data=(nil)
> Registered MSG_REQ_POOL_USAGE
> Registering messaging pointer for type 11 - private_data=(nil)
> Registering messaging pointer for type 12 - private_data=(nil)
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> Registering messaging pointer for type 1 - private_data=(nil)
> Registering messaging pointer for type 5 - private_data=(nil)
> Registering messaging pointer for type 51 - private_data=(nil)
> messaging_init_internal: my id: 13124
> lp_load_ex: refreshing parameters
> Freeing parametrics:
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384) INFO: Current debug levels:
> all: 10
> tdb: 10
> printdrivers: 10
> lanman: 10
> smb: 10
> rpc_parse: 10
> rpc_srv: 10
> rpc_cli: 10
> passdb: 10
> sam: 10
> auth: 10
> winbind: 10
> vfs: 10
> idmap: 10
> quota: 10
> acls: 10
> locking: 10
> msdfs: 10
> dmapi: 10
> registry: 10
> scavenger: 10
> dns: 10
> ldb: 10
> tevent: 10
> auth_audit: 10
> auth_json_audit: 10
> kerberos: 10
> drs_repl: 10
> smb2: 10
> smb2_credits: 10
> Processing section "[global]"
> doing parameter netbios name = DMZRODC
> doing parameter realm = ADS.MYDOMAIN.BE
> doing parameter server role = active directory domain controller
> doing parameter workgroup = MYDOMAIN
> doing parameter log level = 10
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> added interface eth0 ip=192.168.19.5 bcast=192.168.19.255
> netmask=255.255.255.0 Netbios name list:-
> my_netbios_names[0]="DMZRODC"
> added interface eth0 ip=192.168.19.5 bcast=192.168.19.255
> netmask=255.255.255.0 exit_daemon: STATUS=daemon failed to start:
> Failed to create session, error code 1
>
>
Not that it helps, but I have now notice why you want the RODC, you
want to do something stupid like putting it into a DMZ zone.
This is not recommended, it is a security risk.
If you must do this, then do you have a share in smb.conf called
'[homes]', if so, remove the trailing 's' i.e. make it '[home]' and
read the wiki.
Running out of ideas now, except, can you ping a DC from the RODC ?
Rowland
More information about the samba
mailing list