[Samba] Confusing errors when attempting to run samba in AD DC mode
Dan Egli
mysociety74 at gmail.com
Fri Nov 20 02:27:02 UTC 2020
Hey All,
I don't know what's wrong, or what I may have done wrong, but I THOUGHT I followed all the correct steps to setup samba, and it's not working. Here's what I did:
D/L latest samba code (4.13.1) & extract
install dependencies
./configure --prefix=/usr/local --enable-fhs
(enable-fhs was required to get configure to run through completely)
make
make install
cp /usr/local/etc/samba/smb.conf /etc/samba
samba-tool domain provision
systemctl daemon-reload
systemctl samba start
Here's the output from samba-tool when I ran domain provision:
---- Cut Here ----
# samba-tool domain provision
Realm: pluto.eglifamily.name
Domain [pluto]: EgliFamily
Server Role (dc, member, standalone) [dc]:
DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
DNS forwarder IP address (write 'none' to disable forwarding) [192.168.43.1]:
Administrator password:
Administrator password does not meet the default quality standards.
Administrator password:
Retype password:
INFO 2020-11-19 05:05:28,738 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2122: Looking up IPv4 addresses
WARNING 2020-11-19 05:05:28,738 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2128: More than one IPv4 address found. Using 192.168.56.2
INFO 2020-11-19 05:05:28,738 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2139: Looking up IPv6 addresses
WARNING 2020-11-19 05:05:28,738 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2146: No IPv6 address will be assigned
INFO 2020-11-19 05:05:30,768 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2294: Setting up secrets.ldb
INFO 2020-11-19 05:05:30,864 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2299: Setting up the registry
INFO 2020-11-19 05:05:30,904 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2302: Setting up the privileges database
INFO 2020-11-19 05:05:31,101 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2305: Setting up idmap db
INFO 2020-11-19 05:05:31,248 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2312: Setting up SAM db
INFO 2020-11-19 05:05:31,278 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #897: Setting up sam.ldb partitions and settings
INFO 2020-11-19 05:05:31,281 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #909: Setting up sam.ldb rootDSE
INFO 2020-11-19 05:05:31,318 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1322: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
INFO 2020-11-19 05:05:31,551 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1400: Adding DomainDN: DC=pluto,DC=eglifamily,DC=name
INFO 2020-11-19 05:05:31,594 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1432: Adding configuration container
INFO 2020-11-19 05:05:31,634 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1447: Setting up sam.ldb schema
INFO 2020-11-19 05:05:41,254 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1465: Setting up sam.ldb configuration data
INFO 2020-11-19 05:05:41,767 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1506: Setting up display specifiers
INFO 2020-11-19 05:05:48,527 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1514: Modifying display specifiers and extended rights
INFO 2020-11-19 05:05:48,640 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1521: Adding users container
INFO 2020-11-19 05:05:48,647 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1527: Modifying users container
INFO 2020-11-19 05:05:48,650 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1530: Adding computers container
INFO 2020-11-19 05:05:48,653 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1536: Modifying computers container
INFO 2020-11-19 05:05:48,657 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1540: Setting up sam.ldb data
INFO 2020-11-19 05:05:49,173 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1570: Setting up well known security principals
INFO 2020-11-19 05:05:49,306 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1584: Setting up sam.ldb users and groups
INFO 2020-11-19 05:05:51,176 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #1592: Setting up self join
Repacking database from v1 to v2 format (first record CN=ms-DFSR-MemberReferenceBL,CN=Schema,CN=Configuration,DC=pluto,DC=eglifamily,DC=name)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=rpcContainer-Display,CN=412,CN=DisplaySpecifiers,CN=Configuration,DC=pluto,DC=eglifamily,DC=name)
Repacking database from v1 to v2 format (first record CN=ipsecNegotiationPolicy{72385233-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,DC=pluto,DC=eglifamily,DC=name)
INFO 2020-11-19 05:05:56,759 pid:1035 /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py #1130: Adding DNS accounts
INFO 2020-11-19 05:05:56,936 pid:1035 /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py #1164: Creating CN=MicrosoftDNS,CN=System,DC=pluto,DC=eglifamily,DC=name
INFO 2020-11-19 05:05:57,006 pid:1035 /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py #1177: Creating DomainDnsZones and ForestDnsZones partitions
INFO 2020-11-19 05:05:57,163 pid:1035 /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py #1182: Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=pluto,DC=eglifamily,DC=name)
Repacking database from v1 to v2 format (first record DC=_ldap._tcp.gc,DC=_msdcs.pluto.eglifamily.name,CN=MicrosoftDNS,DC=ForestDnsZones,DC=pluto,DC=eglifamily,DC=name)
INFO 2020-11-19 05:05:58,193 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2026: Setting up sam.ldb rootDSE marking as synchronized
INFO 2020-11-19 05:05:58,203 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2031: Fixing provision GUIDs
INFO 2020-11-19 05:06:01,986 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2365: A Kerberos configuration suitable for Samba AD has been generated at /usr/local/var/lib/samba/private/krb5.conf
INFO 2020-11-19 05:06:01,986 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #2366: Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
INFO 2020-11-19 05:06:03,322 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #490: Once the above files are installed, your Samba AD server will be ready to use
INFO 2020-11-19 05:06:03,326 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #494: Server Role: active directory domain controller
INFO 2020-11-19 05:06:03,326 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #495: Hostname: pluto
INFO 2020-11-19 05:06:03,326 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #496: NetBIOS Domain: EGLIFAMILY
INFO 2020-11-19 05:06:03,326 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #497: DNS Domain: pluto.eglifamily.name
INFO 2020-11-19 05:06:03,326 pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py #498: DOMAIN SID: S-1-5-21-4168811888-1269046505-3358450961
---- Cut Here ----
No log file is created (/var/log/samba is empty), so I can't attach that. But here's what systemctl status samba and journalctl -xe say:
---- Cut Here: systemctl status samba ----
● samba.service - Samba AD Daemon
Loaded: loaded (/etc/systemd/system/samba.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2020-11-19 05:10:10 -00; 2min 56s ago
Docs: man:samba(8)
man:samba(7)
man:smb.conf(5)
Process: 1054 ExecStart=/usr/local/sbin/samba --foreground --no-process-group $SAMBAOPTIONS (code=exited, status=1/FAILURE)
Main PID: 1054 (code=exited, status=1/FAILURE)
CPU: 12.734s
---- Cut Here ----
---- Cut Here: Journalctl -xe ----
Nov 19 05:09:49 pluto samba[1098]: [2020/11/19 05:09:49.004709, 0] ../../source4/dns_server/dns_server.c:648(dns_add_socket)
Nov 19 05:09:49 pluto samba[1098]: Failed to bind to 0.0.0.0:53 TCP - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
Nov 19 05:09:49 pluto systemd[1]: samba.service: Got notification message from PID 1063, but reception only permitted for main PID 1054
Nov 19 05:09:49 pluto systemd[1]: samba.service: Got notification message from PID 1090, but reception only permitted for main PID 1054
Nov 19 05:09:51 pluto winbindd[1090]: [2020/11/19 05:09:51.364555, 0] ../../source3/winbindd/winbindd_cache.c:3203(initialize_winbindd_cache)
Nov 19 05:09:51 pluto winbindd[1090]: initialize_winbindd_cache: clearing cache and re-creating with version number 2
Nov 19 05:09:51 pluto systemd[1]: samba.service: Got notification message from PID 1090, but reception only permitted for main PID 1054
Nov 19 05:09:51 pluto winbindd[1090]: [2020/11/19 05:09:51.381221, 0] ../../lib/util/become_daemon.c:135(daemon_ready)
Nov 19 05:09:51 pluto winbindd[1090]: daemon_ready: daemon 'winbindd' finished starting up and ready to serve connections
Nov 19 05:09:51 pluto systemd[1]: samba.service: Got notification message from PID 1063, but reception only permitted for main PID 1054
Nov 19 05:09:51 pluto smbd[1063]: [2020/11/19 05:09:51.597873, 0] ../../lib/util/become_daemon.c:135(daemon_ready)
Nov 19 05:09:51 pluto smbd[1063]: daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.101174, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate: Traceback (most recent call last):
Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.101174, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate: File "/usr/local/sbin/samba_dnsupdate", line 56, in <module>
Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.101174, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate: import dns.resolver
Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.104507, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate: ModuleNotFoundError: No module named 'dns'
Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.224499, 0] ../../source4/dsdb/dns/dns_update.c:85(dnsupdate_nameupdate_done)
Nov 19 05:09:52 pluto samba[1096]: dnsupdate_nameupdate_done: Failed DNS update with exit code 1
Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0] ../../source4/smbd/service_stream.c:372(stream_setup_socket)
Nov 19 05:10:00 pluto samba[1066]: stream_setup_socket: Failed to listen on :::389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0] ../../source4/ldap_server/ldap_server.c:1185(add_socket)
Nov 19 05:10:00 pluto samba[1066]: add_socket: ldapsrv failed to bind to :::389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0] ../../source4/smbd/service_stream.c:372(stream_setup_socket)
Nov 19 05:10:00 pluto samba[1066]: stream_setup_socket: Failed to listen on 0.0.0.0:389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0] ../../source4/ldap_server/ldap_server.c:1185(add_socket)
Nov 19 05:10:00 pluto samba[1066]: add_socket: ldapsrv failed to bind to 0.0.0.0:389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.277308, 0] ../../source4/smbd/service_task.c:36(task_server_terminate)
Nov 19 05:10:00 pluto samba[1066]: task_server_terminate: task_server_terminate: [Failed to startup ldap server task]
Nov 19 05:10:00 pluto samba[1054]: [2020/11/19 05:10:00.277308, 0] ../../source4/smbd/server.c:377(samba_terminate)
Nov 19 05:10:00 pluto samba[1054]: samba_terminate: samba_terminate of samba 1054: Failed to startup ldap server task
Nov 19 05:10:00 pluto systemd[1]: samba.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support:https://gentoo.org/support/
░░
░░ An ExecStart= process belonging to unit samba.service has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Nov 19 05:10:10 pluto systemd[1]: samba.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support:https://gentoo.org/support/
░░
░░ The unit samba.service has entered the 'failed' state with result 'exit-code'.
Nov 19 05:10:10 pluto systemd[1]: Failed to start Samba AD Daemon.
░░ Subject: A start job for unit samba.service has failed
░░ Defined-By: systemd
░░ Support:https://gentoo.org/support/
░░
░░ A start job for unit samba.service has finished with a failure.
░░
░░ The job identifier is 552 and the job result is failed.
Nov 19 05:10:10 pluto systemd[1]: samba.service: Consumed 12.734s CPU time.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support:https://gentoo.org/support/
░░
░░ The unit samba.service completed and consumed the indicated resources.
---- Cut Here ----
Oh, and here's the smb.conf file (what there is of it)
---- Cut Here ----
# Global parameters
[global]
dns forwarder = 192.168.43.1
netbios name = PLUTO
realm = PLUTO.EGLIFAMILY.NAME
server role = active directory domain controller
workgroup = EGLIFAMILY
[sysvol]
path = /usr/local/var/lib/samba/sysvol
read only = No
[netlogon]
path = /usr/local/var/lib/samba/sysvol/pluto.eglifamily.name/scripts
read only = No
---- Cut Hre ----
Any help is greatly appreciated!!! Why isn't samba starting?
--
This email has been checked for viruses by AVG.
https://www.avg.com
More information about the samba
mailing list