[Samba] Erros in Samba 4 DC
L.P.H. van Belle
belle at bazuin.nl
Fri Aug 23 06:53:53 UTC 2019
Same for you.
Can you run :
https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh
And post the output, anonimize it where needed.
And install acl, its not installed by default, where its needed for samba-ad-dc and members.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Marcio Demetrio Bacci via samba
> Verzonden: vrijdag 23 augustus 2019 2:30
> Aan: Rowland penny
> CC: sambalist
> Onderwerp: Re: [Samba] Erros in Samba 4 DC
>
> Hi,
>
> >.Is winbind installed ?
> >No, because the Samba tutorial said that for DC it was not necessary.
>
> Sorry, Winbind is instaled, only packages libpam-winbind
> libnss-winbind
> libpam-krb5 aren't installed,
>
> I have follwed the tutorial:
> https://wiki.samba.org/index.php/Distribution-specific_Package
> _Installation#Debian
>
> Regards,
>
> Márcio Bacci
>
> Em qui, 22 de ago de 2019 às 20:11, Marcio Demetrio Bacci <
> marciobacci at gmail.com> escreveu:
>
> > Hi,
> >
> > >Are you using Bind9, if so, post your named.conf files
> (the ones from
> > /etc/bind)
> > No, I'm using DNS Internal.
> >
> >
> > >Is winbind installed ?
> > No, because the Samba tutorial said that for DC it was not
> necessary.
> >
> > Regards,
> >
> > Márcio Bacci
> >
> > Em qui, 22 de ago de 2019 às 15:43, Rowland penny via samba <
> > samba at lists.samba.org> escreveu:
> >
> >> On 22/08/2019 19:22, Marcio Demetrio Bacci via samba wrote:
> >> > Hi,
> >> >
> >> > I noticed some problems in my DC2 (secondary) Logs, as below:
> >> >
> >> > root at samba4-dc2:/var/log/samba# tail log.samba
> >> >
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22
> 14:55:21.106213, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]:
> /usr/sbin/samba_dnsupdate:
> >> GENSEC
> >> > backend 'krb5' registered
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22
> 14:55:21.106248, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]:
> /usr/sbin/samba_dnsupdate:
> >> GENSEC
> >> > backend 'fake_gssapi_krb5' ?istered
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22
> 14:56:13.779939, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]:
> /usr/sbin/rndc: Failed to exec
> >> > child - No such file or directory
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22
> 14:56:13.781786, 0]
> >> > ../source4/dsdb/dns/dns_update?c_done)
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]:
> >> > ../source4/dsdb/dns/dns_update.c:91: Failed rndc update
> - NT_?CESSFUL
> >> > ago 22 14:56:25 samba4-dc2 samba[2811]: [2019/08/22
> 14:56:25.466999, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:56:25 samba4-dc2 samba[2811]:
> /usr/sbin/samba_kcc: ldb_wrap
> >> > open of secrets.ldb
> >> Are you using Bind9, if so, post your named.conf files
> (the ones from
> >> /etc/bind)
> >> >
> >> > root at samba4-dc2:/var/log/samba# tail syslog
> >> >
> >> > Aug 22 15:04:28 samba4-dc2 smbd[17917]: Right[ 0]:
> >> > SeRemoteInteractiveLogonRight
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: [2019/08/22
> 15:04:31.678220, 0]
> >> > ../source4/auth/unix_token.c:79(security_token_to_unix_token)
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: Unable to
> convert first SID
> >> > (S-1-5-21-1712526294-259020848-313593124-9877) in user
> token to a UID.
> >> > Conversion was returned as type 0, full token:
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: [2019/08/22
> 15:04:31.679042, 0]
> >> > ../libcli/security/security_token.c:63(security_token_debug)
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: Security token
> SIDs (6):
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 0]:
> >> > S-1-5-21-1712526294-259020848-313593124-9877
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 1]:
> >> > S-1-5-21-1712526294-259020848-313593124-515
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 2]: S-1-1-0
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 3]: S-1-5-2
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 4]: S-1-5-11
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: SID[ 5]:
> S-1-5-32-554
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: Privileges (0x
> >> 800000):
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: Privilege[ 0]:
> >> > SeChangeNotifyPrivilege
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: Rights (0x
> 400):
> >> > Aug 22 15:04:31 samba4-dc2 smbd[17918]: Right[ 0]:
> >> > SeRemoteInteractiveLogonRight
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: [2019/08/22
> 15:04:41.911678, 0]
> >> > ../source4/auth/unix_token.c:79(security_token_to_unix_token)
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: Unable to
> convert first SID
> >> > (S-1-5-21-1712526294-259020848-313593124-9846) in user
> token to a UID.
> >> > Conversion was returned as type 0, full token:
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: [2019/08/22
> 15:04:41.912554, 0]
> >> > ../libcli/security/security_token.c:63(security_token_debug)
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: Security token
> SIDs (6):
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 0]:
> >> > S-1-5-21-1712526294-259020848-313593124-9846
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 1]:
> >> > S-1-5-21-1712526294-259020848-313593124-515
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 2]: S-1-1-0
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 3]: S-1-5-2
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 4]: S-1-5-11
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: SID[ 5]:
> S-1-5-32-554
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: Privileges (0x
> >> 800000):
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: Privilege[ 0]:
> >> > SeChangeNotifyPrivilege
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: Rights (0x
> 400):
> >> > Aug 22 15:04:41 samba4-dc2 smbd[17923]: Right[ 0]:
> >> > SeRemoteInteractiveLogonRight
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: [2019/08/22
> 15:04:57.666287, 0]
> >> > ../source4/auth/unix_token.c:79(security_token_to_unix_token)
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: Unable to
> convert first SID
> >> > (S-1-5-21-1712526294-259020848-313593124-9200) in user
> token to a UID.
> >> > Conversion was returned as type 0, full token:
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: [2019/08/22
> 15:04:57.667152, 0]
> >> > ../libcli/security/security_token.c:63(security_token_debug)
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: Security token
> SIDs (6):
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 0]:
> >> > S-1-5-21-1712526294-259020848-313593124-9200
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 1]:
> >> > S-1-5-21-1712526294-259020848-313593124-515
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 2]: S-1-1-0
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 3]: S-1-5-2
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 4]: S-1-5-11
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: SID[ 5]:
> S-1-5-32-554
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: Privileges (0x
> >> 800000):
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: Privilege[ 0]:
> >> > SeChangeNotifyPrivilege
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: Rights (0x
> 400):
> >> > Aug 22 15:04:57 samba4-dc2 smbd[17925]: Right[ 0]:
> >> > SeRemoteInteractiveLogonRight
> >> >
> >> >
> >> > /etc/init.d/samba-ad-dc status
> >> > ??? samba-ad-dc.service - Samba AD Daemon
> >> > Loaded: loaded
> (/lib/systemd/system/samba-ad-dc.service; enabled;
> >> vendor
> >> > preset: enabled)
> >> > Active: active (running) since Tue 2019-08-20
> 06:15:09 -03; 2 days
> >> ago
> >> > Docs: man:samba(8)
> >> > man:samba(7)
> >> > man:smb.conf(5)
> >> > Main PID: 2799 (samba)
> >> > Status: "samba: ready to serve connections..."
> >> > Tasks: 12 (limit: 4915)
> >> > CGroup: /system.slice/samba-ad-dc.service
> >> > ??????2799 /usr/sbin/samba
> >> > ??????2801 /usr/sbin/samba
> >> > ??????2802 /usr/sbin/samba
> >> > ??????2803 /usr/sbin/samba
> >> > ??????2804 /usr/sbin/samba
> >> > ??????2806 /usr/sbin/samba
> >> > ??????2807 /usr/sbin/samba
> >> > ??????2808 /usr/sbin/samba
> >> > ??????2810 /usr/sbin/samba
> >> > ??????2811 /usr/sbin/samba
> >> > ??????2812 /usr/sbin/samba
> >> > ??????2813 /usr/sbin/samba
> >> >
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22
> 14:55:21.106213, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]:
> /usr/sbin/samba_dnsupdate:
> >> GENSEC
> >> > backend 'krb5' registered
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]: [2019/08/22
> 14:55:21.106248, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:55:21 samba4-dc2 samba[2812]:
> /usr/sbin/samba_dnsupdate:
> >> GENSEC
> >> > backend 'fake_gssapi_krb5' ?istered
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22
> 14:56:13.779939, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]:
> /usr/sbin/rndc: Failed to exec
> >> > child - No such file or directory
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]: [2019/08/22
> 14:56:13.781786, 0]
> >> > ../source4/dsdb/dns/dns_update?c_done)
> >> > ago 22 14:56:13 samba4-dc2 samba[2812]:
> >> > ../source4/dsdb/dns/dns_update.c:91: Failed rndc update
> - NT_?CESSFUL
> >> > ago 22 14:56:25 samba4-dc2 samba[2811]: [2019/08/22
> 14:56:25.466999, 0]
> >> > ../lib/util/util_runcmd.c:316(?andler)
> >> > ago 22 14:56:25 samba4-dc2 samba[2811]:
> /usr/sbin/samba_kcc: ldb_wrap
> >> > open of secrets.ldb
> >> > Hint: Some lines were ellipsized, use -l to show in full.
> >>
> >> Why oh why would anything not print the entire output and
> then tell you
> >> how to get it ?
> >>
> >> Why not just print the entire output ?
> >>
> >> >
> >> > How could you resolve these errors?
> >> >
> >> > Regards,
> >> >
> >> > Márcio Bacci
> >>
> >> Is winbind installed ?
> >>
> >> Rowland
> >>
> >>
> >>
> >> --
> >> To unsubscribe from this list go to the following URL and read the
> >> instructions: https://lists.samba.org/mailman/options/samba
> >>
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list