[Samba] GPO / Sysvol problems

Gregory Sloop gregs at sloop.net
Thu Jan 24 20:32:14 UTC 2019


And this is some Samba logs from a connect where the profile isn't handled properly.

Near the end, it looks like Samba resets this connection... (I could be wrong - I know nothing about how to read Samba logs.)

---
[2019/01/24 10:36:38.097773,  3] ../lib/util/access.c:361(allow_access)
  Allowed connection from 10.8.20.60 (10.8.20.60)
[2019/01/24 10:36:38.097869,  3] ../source3/smbd/oplock.c:1329(init_oplocks)
  init_oplocks: initializing messages.
[2019/01/24 10:36:38.097940,  3] ../source3/smbd/process.c:1959(process_smb)
  Transaction 0 of length 178 (0 toread)
[2019/01/24 10:36:38.098082,  3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  Selected protocol SMB3_11
[2019/01/24 10:36:38.633900,  3] ../lib/util/util_net.c:256(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name freenas.ad.abc.local (flags 1026) [hostname nor servname provided, or not known]
[2019/01/24 10:36:38.633920,  3] ../source3/lib/util_sock.c:1187(get_mydnsfullname)
  get_mydnsfullname: getaddrinfo failed for name freenas.ad.abc.local [Success]
[2019/01/24 10:36:39.141647,  3] ../lib/util/util_net.c:256(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name freenas.ad.abc.local (flags 1026) [hostname nor servname provided, or not known]
[2019/01/24 10:36:39.141662,  3] ../source3/lib/util_sock.c:1187(get_mydnsfullname)
  get_mydnsfullname: getaddrinfo failed for name freenas.ad.abc.local [Success]
[2019/01/24 10:36:39.142241,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'gssapi_spnego' registered
[2019/01/24 10:36:39.142266,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'gssapi_krb5' registered
[2019/01/24 10:36:39.142278,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'gssapi_krb5_sasl' registered
[2019/01/24 10:36:39.142292,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'spnego' registered
[2019/01/24 10:36:39.142302,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'schannel' registered
[2019/01/24 10:36:39.142313,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'naclrpc_as_system' registered
[2019/01/24 10:36:39.142322,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'sasl-EXTERNAL' registered
[2019/01/24 10:36:39.142333,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'ntlmssp' registered
[2019/01/24 10:36:39.142342,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'ntlmssp_resume_ccache' registered
[2019/01/24 10:36:39.142351,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'http_basic' registered
[2019/01/24 10:36:39.142360,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'http_ntlm' registered
[2019/01/24 10:36:39.142369,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'krb5' registered
[2019/01/24 10:36:39.142379,  3] ../auth/gensec/gensec_start.c:977(gensec_register)
  GENSEC backend 'fake_gssapi_krb5' registered
[2019/01/24 10:36:39.681807,  3] ../lib/util/util_net.c:256(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name freenas.ad.abc.local (flags 1026) [hostname nor servname provided, or not known]
[2019/01/24 10:36:39.681821,  3] ../source3/lib/util_sock.c:1187(get_mydnsfullname)
  get_mydnsfullname: getaddrinfo failed for name freenas.ad.abc.local [Success]
[2019/01/24 10:36:40.217351,  3] ../lib/util/util_net.c:256(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name freenas.ad.abc.local (flags 1026) [hostname nor servname provided, or not known]
[2019/01/24 10:36:40.217370,  3] ../source3/lib/util_sock.c:1187(get_mydnsfullname)
  get_mydnsfullname: getaddrinfo failed for name freenas.ad.abc.local [Success]
[2019/01/24 10:36:40.220635,  3] ../auth/kerberos/kerberos_pac.c:409(kerberos_decode_pac)
  Found account name from PAC: DESKTOP-AD-TEST$ []
[2019/01/24 10:36:40.220656,  3] ../source3/auth/user_krb5.c:51(get_user_from_kerberos_info)
  Kerberos ticket principal name is [DESKTOP-AD-TEST$@AD.ABC.LOCAL]
[2019/01/24 10:36:40.225072,  3] ../source3/param/loadparm.c:3856(lp_load_ex)
  lp_load_ex: refreshing parameters
[2019/01/24 10:36:40.225141,  3] ../source3/param/loadparm.c:543(init_globals)
  Initialising global parameters
[2019/01/24 10:36:40.225251,  3] ../source3/param/loadparm.c:2770(lp_do_section)
  Processing section "[global]"
[2019/01/24 10:36:40.226327,  2] ../source3/param/loadparm.c:2787(lp_do_section)
  Processing section "[rm-profiles]"
[2019/01/24 10:36:40.226584,  2] ../source3/param/loadparm.c:2787(lp_do_section)
  Processing section "[abc-share1]"
[2019/01/24 10:36:40.226842,  3] ../source3/param/loadparm.c:1598(lp_add_ipc)
  adding IPC service
[2019/01/24 10:36:40.227541,  3] ../source3/smbd/password.c:144(register_homes_share)
  Adding homes service for user 'AD\desktop-ad-test$' using home directory: '/home/AD/desktop-ad-test_'
[2019/01/24 10:36:40.231677,  3] ../lib/util/access.c:361(allow_access)
  Allowed connection from 10.8.20.60 (10.8.20.60)
[2019/01/24 10:36:40.231737,  3] ../source3/smbd/service.c:595(make_connection_snum)
  Connect path is '/tmp' for service [IPC$]
[2019/01/24 10:36:40.231765,  3] ../source3/smbd/vfs.c:113(vfs_init_default)
  Initialising default vfs hooks
[2019/01/24 10:36:40.231777,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [/[Default VFS]/]
[2019/01/24 10:36:40.231904,  3] ../source3/smbd/service.c:841(make_connection_snum)
  10.8.20.60 (ipv4:10.8.20.60:52251) connect to service IPC$ initially as user AD\desktop-ad-test$ (uid=21606, gid=20515) (pid 67748)
[2019/01/24 10:36:40.233495,  3] ../source3/rpc_server/srv_pipe.c:748(api_pipe_bind_req)
  api_pipe_bind_req: srvsvc -> srvsvc rpc service
[2019/01/24 10:36:40.233511,  3] ../source3/rpc_server/srv_pipe.c:356(check_bind_req)
  check_bind_req for srvsvc context_id=0
[2019/01/24 10:36:40.233520,  3] ../source3/rpc_server/srv_pipe.c:399(check_bind_req)
  check_bind_req: srvsvc -> srvsvc rpc service
[2019/01/24 10:36:40.234149,  3] ../source3/rpc_server/srv_pipe.c:1528(api_rpcTNP)
  api_rpcTNP: rpc command: SRVSVC_NETSHAREGETINFO
[2019/01/24 10:36:40.780134,  3] ../lib/util/util_net.c:256(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name freenas.ad.abc.local (flags 1026) [hostname nor servname provided, or not known]
[2019/01/24 10:36:40.780148,  3] ../source3/lib/util_sock.c:1187(get_mydnsfullname)
  get_mydnsfullname: getaddrinfo failed for name freenas.ad.abc.local [Success]
[2019/01/24 10:36:41.295431,  3] ../lib/util/util_net.c:256(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name freenas.ad.abc.local (flags 1026) [hostname nor servname provided, or not known]
[2019/01/24 10:36:41.295446,  3] ../source3/lib/util_sock.c:1187(get_mydnsfullname)
  get_mydnsfullname: getaddrinfo failed for name freenas.ad.abc.local [Success]
[2019/01/24 10:36:41.296440,  3] ../auth/kerberos/kerberos_pac.c:409(kerberos_decode_pac)
  Found account name from PAC: toysales01 []
[2019/01/24 10:36:41.296458,  3] ../source3/auth/user_krb5.c:51(get_user_from_kerberos_info)
  Kerberos ticket principal name is [toysales01 at AD.ABC.LOCAL]
[2019/01/24 10:36:41.300497,  3] ../source3/param/loadparm.c:3856(lp_load_ex)
  lp_load_ex: refreshing parameters
[2019/01/24 10:36:41.300544,  3] ../source3/param/loadparm.c:543(init_globals)
  Initialising global parameters
[2019/01/24 10:36:41.300636,  3] ../source3/param/loadparm.c:2770(lp_do_section)
  Processing section "[global]"
[2019/01/24 10:36:41.301696,  2] ../source3/param/loadparm.c:2787(lp_do_section)
  Processing section "[rm-profiles]"
[2019/01/24 10:36:41.301946,  2] ../source3/param/loadparm.c:2787(lp_do_section)
  Processing section "[abc-share1]"
[2019/01/24 10:36:41.302203,  3] ../source3/param/loadparm.c:1598(lp_add_ipc)
  adding IPC service
[2019/01/24 10:36:41.302908,  3] ../source3/smbd/password.c:144(register_homes_share)
  Adding homes service for user 'AD\toysales01' using home directory: '/home/AD/toysales01'
[2019/01/24 10:36:41.307024,  3] ../lib/util/access.c:361(allow_access)
  Allowed connection from 10.8.20.60 (10.8.20.60)
[2019/01/24 10:36:41.307079,  3] ../source3/smbd/service.c:595(make_connection_snum)
  Connect path is '/tmp' for service [IPC$]
[2019/01/24 10:36:41.307105,  3] ../source3/smbd/vfs.c:113(vfs_init_default)
  Initialising default vfs hooks
[2019/01/24 10:36:41.307115,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [/[Default VFS]/]
[2019/01/24 10:36:41.307213,  3] ../source3/smbd/service.c:841(make_connection_snum)
  10.8.20.60 (ipv4:10.8.20.60:52251) connect to service IPC$ initially as user AD\toysales01 (uid=21133, gid=20513) (pid 67748)
[2019/01/24 10:36:41.307733,  3] ../source3/smbd/msdfs.c:1008(get_referred_path)
  get_referred_path: |rm-profiles| in dfs path \rm-freenas\rm-profiles is not a dfs root.
[2019/01/24 10:36:41.307752,  3] ../source3/smbd/smb2_server.c:3115(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_NOT_FOUND] || at ../source3/smbd/smb2_ioctl.c:309
[2019/01/24 10:36:41.308242,  3] ../lib/util/access.c:361(allow_access)
  Allowed connection from 10.8.20.60 (10.8.20.60)
[2019/01/24 10:36:41.308296,  3] ../source3/smbd/service.c:595(make_connection_snum)
  Connect path is '/mnt/abc-zfs-01/ad-profiles' for service [rm-profiles]
[2019/01/24 10:36:41.308328,  3] ../source3/smbd/vfs.c:113(vfs_init_default)
  Initialising default vfs hooks
[2019/01/24 10:36:41.308338,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [/[Default VFS]/]
[2019/01/24 10:36:41.308349,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [streams_xattr]
[2019/01/24 10:36:41.308575,  3] ../lib/util/modules.c:167(load_module_absolute_path)
  load_module_absolute_path: Module '/usr/local/lib/shared-modules/vfs/streams_xattr.so' loaded
[2019/01/24 10:36:41.308595,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [zfsacl]
[2019/01/24 10:36:41.308899,  3] ../lib/util/modules.c:167(load_module_absolute_path)
  load_module_absolute_path: Module '/usr/local/lib/shared-modules/vfs/zfsacl.so' loaded
[2019/01/24 10:36:41.308917,  3] ../source3/smbd/vfs.c:139(vfs_init_custom)
  Initialising custom vfs hooks from [zfs_space]
[2019/01/24 10:36:41.318027,  3] ../lib/util/modules.c:167(load_module_absolute_path)
  load_module_absolute_path: Module '/usr/local/lib/shared-modules/vfs/zfs_space.so' loaded
[2019/01/24 10:36:41.318207,  2] ../source3/smbd/service.c:841(make_connection_snum)
  10.8.20.60 (ipv4:10.8.20.60:52251) connect to service rm-profiles initially as user AD\toysales01 (uid=21133, gid=20513) (pid 67748)
[2019/01/24 10:36:41.323899,  2] ../source3/smbd/open.c:1404(open_file)
  AD\toysales01 opened file user-profiles/toysales01.V6/6A6DCA49-668C-4DD1-8A7F-9D5B61E8EE92.tmp read=No write=Yes (numopen=1)
[2019/01/24 10:36:41.359714,  3] ../source3/smbd/smb2_write.c:212(smb2_write_complete_internal)
  smb2: fnum 135800876, file user-profiles/toysales01.V6/6A6DCA49-668C-4DD1-8A7F-9D5B61E8EE92.tmp, length=65536 offset=0 wrote=65536
[2019/01/24 10:36:41.377982,  3] ../source3/smbd/smb2_write.c:212(smb2_write_complete_internal)
  smb2: fnum 135800876, file user-profiles/toysales01.V6/6A6DCA49-668C-4DD1-8A7F-9D5B61E8EE92.tmp, length=200 offset=0 wrote=200
[2019/01/24 10:36:41.378677,  3] ../source3/smbd/smb2_server.c:3115(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_INVALID_INFO_CLASS] || at ../source3/smbd/smb2_getinfo.c:154
[2019/01/24 10:36:41.382830,  2] ../source3/smbd/close.c:789(close_normal_file)
  AD\toysales01 closed file user-profiles/toysales01.V6/6A6DCA49-668C-4DD1-8A7F-9D5B61E8EE92.tmp (numopen=0) NT_STATUS_OK
[2019/01/24 10:36:41.385800,  3] ../source3/smbd/nttrans.c:2036(smbd_do_query_security_desc)
  smbd_do_query_security_desc: sd_size = 48.
[2019/01/24 10:36:41.385816,  3] ../source3/smbd/smb2_server.c:3115(smbd_smb2_request_error_ex)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_BUFFER_TOO_SMALL] | +info| at ../source3/smbd/smb2_getinfo.c:171
[2019/01/24 10:36:41.388014,  3] ../source3/smbd/nttrans.c:2036(smbd_do_query_security_desc)
  smbd_do_query_security_desc: sd_size = 48.
[2019/01/24 10:36:50.919650,  3] ../source3/smbd/service.c:1120(close_cnum)
  10.8.20.60 (ipv4:10.8.20.60:52251) closed connection to service IPC$
[2019/01/24 10:36:56.279328,  3] ../source3/smbd/service.c:1120(close_cnum)
  10.8.20.60 (ipv4:10.8.20.60:52251) closed connection to service IPC$
[2019/01/24 10:36:56.279475,  2] ../source3/smbd/service.c:1120(close_cnum)
  10.8.20.60 (ipv4:10.8.20.60:52251) closed connection to service rm-profiles
[2019/01/24 10:36:56.283783,  3] ../source3/smbd/server_exit.c:248(exit_server_common)
  Server exit (NT_STATUS_CONNECTION_RESET)
[2019/01/24 10:36:56.360475,  3] ../source3/lib/util_procid.c:54(pid_to_procid)
  pid_to_procid: messaging_dgm_get_unique failed: No such file or directory

---

I'm glad to provide more logs, but this seems like the most relevant portions.
[This is a "full" log, I can step up verbosity to "debug," if needed.]

Thanks!

-Greg


More information about the samba mailing list