[Samba] Troubles upgrading jailed DC from 4.8.7 to 4.8.9
Andrea Venturoli
ml at netfence.it
Sun Feb 17 17:26:21 UTC 2019
Hello.
On several FreeBSD 11.2/amd64 servers, I've got a jail dedicated to
running Samba as an AD DC.
Some days ago I upgraded one of them from 4.8.7 to 4.8.9 and suddenly
everything stopped working.
Since it was a production box, I immediately restored the whole jail
from a backup, with no chance to better investigate.
Today, with more time, I tried on another server and again I run into
trouble (although I'm not sure the details are exactly the same).
After the upgrade Samba would not start at all, with the following in
the logs:
> [2019/02/17 18:15:35.200206, 0] ../source4/smbd/server.c:502(binary_smbd_main)
> samba version 4.8.9 started.
> Copyright Andrew Tridgell and the Samba Team 1992-2018
> root at dc1:~ # [2019/02/17 18:15:35.379881, 0] ../source4/smbd/server.c:674(binary_smbd_main)
> binary_smbd_main: samba: using 'standard' process model
> [2019/02/17 18:15:35.384663, 0] ../source4/nbt_server/interfaces.c:228(nbtd_add_socket)
> Failed to bind to 10.1.2.34:137 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> [2019/02/17 18:15:35.384752, 0] ../source4/smbd/service_task.c:36(task_server_terminate)
> task_server_terminate: task_server_terminate: [nbtd failed to setup interfaces]
> [2019/02/17 18:15:35.396234, 0] ../lib/util/become_daemon.c:138(daemon_ready)
> daemon_ready: STATUS=daemon 'samba' finished starting up and ready to serve connections
> [2019/02/17 18:15:35.397963, 0] ../source4/smbd/server.c:288(samba_terminate)
> samba_terminate: samba_terminate of samba 98006: nbtd failed to setup interfaces
10.1.2.34 is the jail's own IP and I'm sure nothing is running on port
137 there.
Relevant part of my smb4.conf
> [global]
> allow dns updates=nonsecure
> log level=1
> workgroup = XXXXX
> realm = xxxxx.xxxxxxxx.xx
> netbios name = DC1
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
> dns forwarder=10.1.2.13 10.1.2.15
> interfaces=vlan1 10.1.2.34/24
> bind interfaces only=yes
> ntlm auth=YES
After a web search I found the solution is to add:
> server services=-nbt
Is this problem expected? Or a regression?
Will this workaround have any side-effect?
bye & Thanks
av.
More information about the samba
mailing list