[Samba] Erros in Samba 4 DC
Marcio Demetrio Bacci
marciobacci at gmail.com
Thu Aug 22 18:22:05 UTC 2019
Hi,
I noticed some problems in my DC2 (secondary) Logs, as below:
root at samba4-dc2:/var/log/samba# tail log.samba
ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22 14:55:21.106213, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:55:21 samba4-dc2 samba[2812]: /usr/sbin/samba_dnsupdate: GENSEC
backend 'krb5' registered
ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22 14:55:21.106248, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:55:21 samba4-dc2 samba[2812]: /usr/sbin/samba_dnsupdate: GENSEC
backend 'fake_gssapi_krb5' …istered
ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22 14:56:13.779939, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:56:13 samba4-dc2 samba[2812]: /usr/sbin/rndc: Failed to exec
child - No such file or directory
ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22 14:56:13.781786, 0]
../source4/dsdb/dns/dns_update…c_done)
ago 22 14:56:13 samba4-dc2 samba[2812]:
../source4/dsdb/dns/dns_update.c:91: Failed rndc update - NT_…CESSFUL
ago 22 14:56:25 samba4-dc2 samba[2811]: [2019/08/22 14:56:25.466999, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:56:25 samba4-dc2 samba[2811]: /usr/sbin/samba_kcc: ldb_wrap
open of secrets.ldb
root at samba4-dc2:/var/log/samba# tail syslog
Aug 22 15:04:28 samba4-dc2 smbd[17917]: Right[ 0]:
SeRemoteInteractiveLogonRight
Aug 22 15:04:31 samba4-dc2 smbd[17918]: [2019/08/22 15:04:31.678220, 0]
../source4/auth/unix_token.c:79(security_token_to_unix_token)
Aug 22 15:04:31 samba4-dc2 smbd[17918]: Unable to convert first SID
(S-1-5-21-1712526294-259020848-313593124-9877) in user token to a UID.
Conversion was returned as type 0, full token:
Aug 22 15:04:31 samba4-dc2 smbd[17918]: [2019/08/22 15:04:31.679042, 0]
../libcli/security/security_token.c:63(security_token_debug)
Aug 22 15:04:31 samba4-dc2 smbd[17918]: Security token SIDs (6):
Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 0]:
S-1-5-21-1712526294-259020848-313593124-9877
Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 1]:
S-1-5-21-1712526294-259020848-313593124-515
Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 2]: S-1-1-0
Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 3]: S-1-5-2
Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 4]: S-1-5-11
Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 5]: S-1-5-32-554
Aug 22 15:04:31 samba4-dc2 smbd[17918]: Privileges (0x 800000):
Aug 22 15:04:31 samba4-dc2 smbd[17918]: Privilege[ 0]:
SeChangeNotifyPrivilege
Aug 22 15:04:31 samba4-dc2 smbd[17918]: Rights (0x 400):
Aug 22 15:04:31 samba4-dc2 smbd[17918]: Right[ 0]:
SeRemoteInteractiveLogonRight
Aug 22 15:04:41 samba4-dc2 smbd[17923]: [2019/08/22 15:04:41.911678, 0]
../source4/auth/unix_token.c:79(security_token_to_unix_token)
Aug 22 15:04:41 samba4-dc2 smbd[17923]: Unable to convert first SID
(S-1-5-21-1712526294-259020848-313593124-9846) in user token to a UID.
Conversion was returned as type 0, full token:
Aug 22 15:04:41 samba4-dc2 smbd[17923]: [2019/08/22 15:04:41.912554, 0]
../libcli/security/security_token.c:63(security_token_debug)
Aug 22 15:04:41 samba4-dc2 smbd[17923]: Security token SIDs (6):
Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 0]:
S-1-5-21-1712526294-259020848-313593124-9846
Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 1]:
S-1-5-21-1712526294-259020848-313593124-515
Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 2]: S-1-1-0
Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 3]: S-1-5-2
Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 4]: S-1-5-11
Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 5]: S-1-5-32-554
Aug 22 15:04:41 samba4-dc2 smbd[17923]: Privileges (0x 800000):
Aug 22 15:04:41 samba4-dc2 smbd[17923]: Privilege[ 0]:
SeChangeNotifyPrivilege
Aug 22 15:04:41 samba4-dc2 smbd[17923]: Rights (0x 400):
Aug 22 15:04:41 samba4-dc2 smbd[17923]: Right[ 0]:
SeRemoteInteractiveLogonRight
Aug 22 15:04:57 samba4-dc2 smbd[17925]: [2019/08/22 15:04:57.666287, 0]
../source4/auth/unix_token.c:79(security_token_to_unix_token)
Aug 22 15:04:57 samba4-dc2 smbd[17925]: Unable to convert first SID
(S-1-5-21-1712526294-259020848-313593124-9200) in user token to a UID.
Conversion was returned as type 0, full token:
Aug 22 15:04:57 samba4-dc2 smbd[17925]: [2019/08/22 15:04:57.667152, 0]
../libcli/security/security_token.c:63(security_token_debug)
Aug 22 15:04:57 samba4-dc2 smbd[17925]: Security token SIDs (6):
Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 0]:
S-1-5-21-1712526294-259020848-313593124-9200
Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 1]:
S-1-5-21-1712526294-259020848-313593124-515
Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 2]: S-1-1-0
Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 3]: S-1-5-2
Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 4]: S-1-5-11
Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 5]: S-1-5-32-554
Aug 22 15:04:57 samba4-dc2 smbd[17925]: Privileges (0x 800000):
Aug 22 15:04:57 samba4-dc2 smbd[17925]: Privilege[ 0]:
SeChangeNotifyPrivilege
Aug 22 15:04:57 samba4-dc2 smbd[17925]: Rights (0x 400):
Aug 22 15:04:57 samba4-dc2 smbd[17925]: Right[ 0]:
SeRemoteInteractiveLogonRight
/etc/init.d/samba-ad-dc status
● samba-ad-dc.service - Samba AD Daemon
Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled; vendor
preset: enabled)
Active: active (running) since Tue 2019-08-20 06:15:09 -03; 2 days ago
Docs: man:samba(8)
man:samba(7)
man:smb.conf(5)
Main PID: 2799 (samba)
Status: "samba: ready to serve connections..."
Tasks: 12 (limit: 4915)
CGroup: /system.slice/samba-ad-dc.service
├─2799 /usr/sbin/samba
├─2801 /usr/sbin/samba
├─2802 /usr/sbin/samba
├─2803 /usr/sbin/samba
├─2804 /usr/sbin/samba
├─2806 /usr/sbin/samba
├─2807 /usr/sbin/samba
├─2808 /usr/sbin/samba
├─2810 /usr/sbin/samba
├─2811 /usr/sbin/samba
├─2812 /usr/sbin/samba
└─2813 /usr/sbin/samba
ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22 14:55:21.106213, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:55:21 samba4-dc2 samba[2812]: /usr/sbin/samba_dnsupdate: GENSEC
backend 'krb5' registered
ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22 14:55:21.106248, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:55:21 samba4-dc2 samba[2812]: /usr/sbin/samba_dnsupdate: GENSEC
backend 'fake_gssapi_krb5' …istered
ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22 14:56:13.779939, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:56:13 samba4-dc2 samba[2812]: /usr/sbin/rndc: Failed to exec
child - No such file or directory
ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22 14:56:13.781786, 0]
../source4/dsdb/dns/dns_update…c_done)
ago 22 14:56:13 samba4-dc2 samba[2812]:
../source4/dsdb/dns/dns_update.c:91: Failed rndc update - NT_…CESSFUL
ago 22 14:56:25 samba4-dc2 samba[2811]: [2019/08/22 14:56:25.466999, 0]
../lib/util/util_runcmd.c:316(…andler)
ago 22 14:56:25 samba4-dc2 samba[2811]: /usr/sbin/samba_kcc: ldb_wrap
open of secrets.ldb
Hint: Some lines were ellipsized, use -l to show in full.
How could you resolve these errors?
Regards,
Márcio Bacci
More information about the samba
mailing list