[Samba] Serverinfo Error

Robert A Wooldridge bob.wooldridge at edm-inc.com
Mon Jul 29 15:37:44 UTC 2019 

On 07/29/2019 02:11 AM, L.P.H. van Belle via samba wrote:
> Hai,
>
> There is something going on in your resolving, that im sure.
>
> I dont know where you missing a setting or did a wrong setting,
> but this should all work out of the box.
>
> The PTR lookup responce with ip of the DC, should be hostname.fqdn. and not hostname.
>
> I've also had a good look at the debug script output again.
> That all looks ok to me so i'm wondering, if apparmor is in play here or systemd things.
>
> Im missing rules in apparmor, as shown below.
> You are using internal DNS and not Bind9_DLZ. ( base on smb.conf outputs ) so ..
>
> Can you run :
> cat /var/log/syslog | grep 'DENIED'
No output
> And
> cat /var/log/auditd/auditd.log | grep 'DENIED'
Auditd not installed.
> ( if auditd is installed )
>
> Can you also show me :
> ps faux |egrep "samba|winbind"
athena:~# ps faux |egrep "samba|winbind"
root     11734  0.0  0.0   6076   832 pts/0    S+   10:30 
0:00                      \_ grep -E samba|winbind
root     26888  0.0  0.4  95604 34800 ?        Ss   Jul26   0:00 samba: 
root process
root     26889  0.0  0.2  95604 22060 ?        S    Jul26   0:00  \_ 
samba: task[s3fs_parent]
root     26891  0.0  0.2  95608 20924 ?        S    Jul26   0:00 |   \_ 
samba: tfork waiter process
root     26890  0.0  0.6  96236 50588 ?        S    Jul26   1:14  \_ 
samba: task[dcesrv]
root     26892  0.0  0.4  95676 34320 ?        S    Jul26   0:01  \_ 
samba: task[nbtd]
root     26894  0.0  0.2  95604 21684 ?        S    Jul26   0:00  \_ 
samba: task[wrepl]
root     26895  0.0  0.3  95604 29380 ?        S    Jul26   0:06  \_ 
samba: task[ldapsrv]
root     26896  0.0  0.3  95604 31112 ?        S    Jul26   3:01  \_ 
samba: task[cldapd]
root     26897  0.0  0.4  95792 32868 ?        S    Jul26   0:41  \_ 
samba: conn[kdc_tcp] c[ipv4:10.10.10.235:50790] s[ipv4:10.10.1.10:88] 
server_id[26897.40]
root     26898  0.0  0.4  96244 35024 ?        S    Jul26   3:34  \_ 
samba: task[dreplsrv]
root     26899  0.0  0.2  95604 22060 ?        S    Jul26   0:00  \_ 
samba: task[winbindd_parent]
root     26903  0.0  0.2  95608 20924 ?        S    Jul26   0:00 |   \_ 
samba: tfork waiter process
root     26905  0.0  0.5  96104 43872 ?        Ss   Jul26   0:03 |       
\_ /usr/sbin/winbindd -D --option=server role check:inhibit=yes --foreground
root     26925  0.0  0.4  96336 34096 ?        S    Jul26   0:00 
|           \_ winbindd: domain child [EDM]
root     27112  0.0  0.3  96132 29184 ?        S    Jul26   0:00 
|           \_ winbindd: idmap child
root     26900  0.0  0.3  95604 25504 ?        S    Jul26   0:00  \_ 
samba: task[ntp_signd]
root     26901  0.0  0.4  95604 36224 ?        S    Jul26   0:02  \_ 
samba: task[kccsrv]
root     26902  0.0  0.3  95604 30428 ?        S    Jul26   0:58  \_ 
samba: task[dnsupdate]
root     26904  0.1  0.3  96108 31872 ?        S    Jul26   4:36  \_ 
samba: conn[dns_tcp] c[ipv4:10.10.10.232:60715] s[ipv4:10.10.1.10:53] 
server_id[26904.3]


> And
> netstat -tan|egrep "LISTEN" | grep "53"
athena:~# netstat -tan|egrep "LISTEN" | grep "53"
tcp        0      0 0.0.0.0:49153           0.0.0.0:* LISTEN
tcp        0      0 0.0.0.0:53              0.0.0.0:* LISTEN
tcp6       0      0 :::49153                :::* LISTEN
tcp6       0      0 :::53                   :::* LISTEN

>
> And check some things within systemd.
> Show me also :
>
> networkctl status
athena:~# networkctl status
WARNING: systemd-networkd is not running, output will be incomplete.

●        State: n/a
        Address: 10.10.1.10 on enp0s25
                 fe80::21c:c0ff:feec:2525 on enp0s25
        Gateway: 10.10.1.1 (Intel Corporate) on enp0s25
> networkctl status $(ip a|grep "state UP"| cut -d: -f2)
athena:~# networkctl status $(ip a|grep "state UP"| cut -d: -f2)
WARNING: systemd-networkd is not running, output will be incomplete.

● 2: enp0s25
        Link File: /usr/lib/systemd/network/99-default.link
     Network File: n/a
             Type: ether
            State: n/a (unmanaged)
             Path: pci-0000:00:19.0
           Driver: e1000e
           Vendor: Intel Corporation
            Model: 82567LM-3 Gigabit Network Connection
       HW Address: 00:1c:c0:ec:25:25 (Intel Corporate)
          Address: 10.10.1.10
                   fe80::21c:c0ff:feec:2525
          Gateway: 10.10.1.1 (Intel Corporate)

> timedatectl
athena:~# timedatectl
                Local time: Mon 2019-07-29 10:33:09 CDT
            Universal time: Mon 2019-07-29 15:33:09 UTC
                  RTC time: Mon 2019-07-29 15:33:08
                 Time zone: US/Central (CDT, -0500)
System clock synchronized: yes
               NTP service: inactive
           RTC in local TZ: no
> resolvectl status
athena:~# resolvectl status
Failed to get global data: Unit dbus-org.freedesktop.resolve1.service 
not found.
>
>>> And maybe its an option to try the 4.10.6 package i supply.
>>> Debian buster packages are updated within 1-2 hours.
>> I had to comment out some lines of python to get this far.
>> Should those files be replaced?
> Which files? And which lines exactly?
join.py (/usr/lib/python2.7/dist-packages/samba/join.py on my DC), find 
these lines:

             if ctx.dns_backend != "NONE":
                 ctx.join_add_dns_records()
                 ctx.join_replicate_new_dns_records()

-- 
Bob Wooldridge
EDM Incorporated

More information about the samba mailing list