[Samba] Samba, Time Machine, and ADS
Johan Hattne
johan at hattne.se
Wed Sep 4 23:25:18 UTC 2019
Dear all;
I’m running smbd 4.9.5-Debian and I’m struggling to get Time Machine support to work. The server is running Debian Buster, and the client is macOS High Sierra. I can mount the share just fine on its own, but as soon as I tell Time Machine to “Back Up Now”, it says “Preparing Backup,“ “Looking for Backup Disk,” and then nothing. The little red exclamation mark tells me that "The network backup disk could not be accessed because there was a problem with the network username or password.”
I’ve been tailing the logs but nothing sticks out to my untrained eyes, except that nowhere does there seem to be any indication of the identity of the authenticating user—thus my suspicion that AD is somehow involved. What I do get is this:
[2019/09/04 16:16:27.522157, 5] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2019/09/04 16:16:27.522173, 5] ../source3/auth/token_util.c:866(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2019/09/04 16:16:27.522201, 5] ../source3/smbd/uid.c:509(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2019/09/04 16:16:27.522365, 3] ../source3/smbd/server_exit.c:237(exit_server_common)
Server exit (NT_STATUS_END_OF_FILE)
And this is the full smb.conf:
[global]
client signing = mandatory
server signing = mandatory
kerberos method = secrets and keytab
load printers = no
realm = AD.EXAMPLE.COM
security = ADS
workgroup = AD
idmap config *:backend = tdb2
idmap config *:range = 1000-9999
idmap config AD:backend = ad
idmap config AD:range = 10000-9999999999
log file = /var/log/samba/log.%m
max log size = 1000
log level = 5
netbios name = MYHOST
server string = Samba %v (%h)
vfs objects = catia fruit streams_xattr
fruit:time machine = yes
fruit:time machine max size = 1024G
[TimeMachineBackup]
writeable = yes
browsable = yes
path = /var/timemachine
Cluebat, anyone?
// Best wishes; Johan
More information about the samba
mailing list