[Samba] Troubles upgrading jailed DC from 4.8.7 to 4.8.9

Andrea Venturoli ml at netfence.it
Sun Feb 17 17:26:21 UTC 2019 

Hello.

On several FreeBSD 11.2/amd64 servers, I've got a jail dedicated to 
running Samba as an AD DC.

Some days ago I upgraded one of them from 4.8.7 to 4.8.9 and suddenly 
everything stopped working.
Since it was a production box, I immediately restored the whole jail 
from a backup, with no chance to better investigate.



Today, with more time, I tried on another server and again I run into 
trouble (although I'm not sure the details are exactly the same).

After the upgrade Samba would not start at all, with the following in 
the logs:
> [2019/02/17 18:15:35.200206,  0] ../source4/smbd/server.c:502(binary_smbd_main)
>   samba version 4.8.9 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2018
> root at dc1:~ # [2019/02/17 18:15:35.379881,  0] ../source4/smbd/server.c:674(binary_smbd_main)
>   binary_smbd_main: samba: using 'standard' process model
> [2019/02/17 18:15:35.384663,  0] ../source4/nbt_server/interfaces.c:228(nbtd_add_socket)
>   Failed to bind to 10.1.2.34:137 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> [2019/02/17 18:15:35.384752,  0] ../source4/smbd/service_task.c:36(task_server_terminate)
>   task_server_terminate: task_server_terminate: [nbtd failed to setup interfaces]
> [2019/02/17 18:15:35.396234,  0] ../lib/util/become_daemon.c:138(daemon_ready)
>   daemon_ready: STATUS=daemon 'samba' finished starting up and ready to serve connections
> [2019/02/17 18:15:35.397963,  0] ../source4/smbd/server.c:288(samba_terminate)
>   samba_terminate: samba_terminate of samba 98006: nbtd failed to setup interfaces

10.1.2.34 is the jail's own IP and I'm sure nothing is running on port 
137 there.

Relevant part of my smb4.conf

> [global]
>         allow dns updates=nonsecure
>         log level=1
>         workgroup = XXXXX
>         realm = xxxxx.xxxxxxxx.xx
>         netbios name = DC1
>         server role = active directory domain controller
>         idmap_ldb:use rfc2307 = yes
>         dns forwarder=10.1.2.13 10.1.2.15
>         interfaces=vlan1 10.1.2.34/24
>         bind interfaces only=yes
>         ntlm auth=YES

After a web search I found the solution is to add:
 >         server services=-nbt

Is this problem expected? Or a regression?
Will this workaround have any side-effect?

  bye & Thanks
	av.

More information about the samba mailing list