[Samba] Confusing errors when attempting to run samba in AD DC mode
Arnaud FLORENT
aflorent at iris-tech.fr
Fri Nov 20 07:59:18 UTC 2020
hi
a process is already using port 389 and prevents samba to use it
any openldap service running?
ldapsrv failed to bind to 0.0.0.0:389 -
NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
Le 20/11/2020 à 03:27, Dan Egli via samba a écrit :
> Hey All,
> I don't know what's wrong, or what I may have done wrong, but I
> THOUGHT I followed all the correct steps to setup samba, and it's not
> working. Here's what I did:
> D/L latest samba code (4.13.1) & extract
> install dependencies
> ./configure --prefix=/usr/local --enable-fhs
> (enable-fhs was required to get configure to run through completely)
> make
> make install
> cp /usr/local/etc/samba/smb.conf /etc/samba
> samba-tool domain provision
> systemctl daemon-reload
> systemctl samba start
>
> Here's the output from samba-tool when I ran domain provision:
> ---- Cut Here ----
> # samba-tool domain provision
> Realm: pluto.eglifamily.name
> Domain [pluto]: EgliFamily
> Server Role (dc, member, standalone) [dc]:
> DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> [SAMBA_INTERNAL]:
> DNS forwarder IP address (write 'none' to disable forwarding)
> [192.168.43.1]:
> Administrator password:
> Administrator password does not meet the default quality standards.
> Administrator password:
> Retype password:
> INFO 2020-11-19 05:05:28,738
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2122: Looking up IPv4 addresses
> WARNING 2020-11-19 05:05:28,738
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2128: More than one IPv4 address found. Using 192.168.56.2
> INFO 2020-11-19 05:05:28,738
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2139: Looking up IPv6 addresses
> WARNING 2020-11-19 05:05:28,738
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2146: No IPv6 address will be assigned
> INFO 2020-11-19 05:05:30,768
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2294: Setting up secrets.ldb
> INFO 2020-11-19 05:05:30,864
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2299: Setting up the registry
> INFO 2020-11-19 05:05:30,904
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2302: Setting up the privileges database
> INFO 2020-11-19 05:05:31,101
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2305: Setting up idmap db
> INFO 2020-11-19 05:05:31,248
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2312: Setting up SAM db
> INFO 2020-11-19 05:05:31,278
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #897: Setting up sam.ldb partitions and settings
> INFO 2020-11-19 05:05:31,281
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #909: Setting up sam.ldb rootDSE
> INFO 2020-11-19 05:05:31,318
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1322: Pre-loading the Samba 4 and AD schema
> Unable to determine the DomainSID, can not enforce uniqueness
> constraint on local domainSIDs
>
> INFO 2020-11-19 05:05:31,551
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1400: Adding DomainDN: DC=pluto,DC=eglifamily,DC=name
> INFO 2020-11-19 05:05:31,594
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1432: Adding configuration container
> INFO 2020-11-19 05:05:31,634
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1447: Setting up sam.ldb schema
> INFO 2020-11-19 05:05:41,254
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1465: Setting up sam.ldb configuration data
> INFO 2020-11-19 05:05:41,767
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1506: Setting up display specifiers
> INFO 2020-11-19 05:05:48,527
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1514: Modifying display specifiers and extended rights
> INFO 2020-11-19 05:05:48,640
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1521: Adding users container
> INFO 2020-11-19 05:05:48,647
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1527: Modifying users container
> INFO 2020-11-19 05:05:48,650
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1530: Adding computers container
> INFO 2020-11-19 05:05:48,653
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1536: Modifying computers container
> INFO 2020-11-19 05:05:48,657
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1540: Setting up sam.ldb data
> INFO 2020-11-19 05:05:49,173
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1570: Setting up well known security principals
> INFO 2020-11-19 05:05:49,306
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1584: Setting up sam.ldb users and groups
> INFO 2020-11-19 05:05:51,176
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #1592: Setting up self join
> Repacking database from v1 to v2 format (first record
> CN=ms-DFSR-MemberReferenceBL,CN=Schema,CN=Configuration,DC=pluto,DC=eglifamily,DC=name)
> Repack: re-packed 10000 records so far
> Repacking database from v1 to v2 format (first record
> CN=rpcContainer-Display,CN=412,CN=DisplaySpecifiers,CN=Configuration,DC=pluto,DC=eglifamily,DC=name)
> Repacking database from v1 to v2 format (first record
> CN=ipsecNegotiationPolicy{72385233-70FA-11D1-864C-14A300000000},CN=IP
> Security,CN=System,DC=pluto,DC=eglifamily,DC=name)
> INFO 2020-11-19 05:05:56,759 pid:1035
> /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py
> #1130: Adding DNS accounts
> INFO 2020-11-19 05:05:56,936 pid:1035
> /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py
> #1164: Creating CN=MicrosoftDNS,CN=System,DC=pluto,DC=eglifamily,DC=name
> INFO 2020-11-19 05:05:57,006 pid:1035
> /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py
> #1177: Creating DomainDnsZones and ForestDnsZones partitions
> INFO 2020-11-19 05:05:57,163 pid:1035
> /usr/local/lib/python3.7/site-packages/samba/provision/sambadns.py
> #1182: Populating DomainDnsZones and ForestDnsZones partitions
> Repacking database from v1 to v2 format (first record
> DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=pluto,DC=eglifamily,DC=name)
> Repacking database from v1 to v2 format (first record
> DC=_ldap._tcp.gc,DC=_msdcs.pluto.eglifamily.name,CN=MicrosoftDNS,DC=ForestDnsZones,DC=pluto,DC=eglifamily,DC=name)
> INFO 2020-11-19 05:05:58,193
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2026: Setting up sam.ldb rootDSE marking as synchronized
> INFO 2020-11-19 05:05:58,203
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2031: Fixing provision GUIDs
> INFO 2020-11-19 05:06:01,986
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2365: A Kerberos configuration suitable for Samba AD has been
> generated at /usr/local/var/lib/samba/private/krb5.conf
> INFO 2020-11-19 05:06:01,986
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #2366: Merge the contents of this file with your system krb5.conf or
> replace it with this one. Do not create a symlink!
> INFO 2020-11-19 05:06:03,322
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #490: Once the above files are installed, your Samba AD server will be
> ready to use
> INFO 2020-11-19 05:06:03,326
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #494: Server Role: active directory domain controller
> INFO 2020-11-19 05:06:03,326
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #495: Hostname: pluto
> INFO 2020-11-19 05:06:03,326
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #496: NetBIOS Domain: EGLIFAMILY
> INFO 2020-11-19 05:06:03,326
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #497: DNS Domain: pluto.eglifamily.name
> INFO 2020-11-19 05:06:03,326
> pid:1035/usr/local/lib/python3.7/site-packages/samba/provision/__init__.py
> #498: DOMAIN SID: S-1-5-21-4168811888-1269046505-3358450961
> ---- Cut Here ----
>
> No log file is created (/var/log/samba is empty), so I can't attach
> that. But here's what systemctl status samba and journalctl -xe say:
> ---- Cut Here: systemctl status samba ----
> ● samba.service - Samba AD Daemon
> Loaded: loaded (/etc/systemd/system/samba.service; enabled;
> vendor preset: disabled)
> Active: failed (Result: exit-code) since Thu 2020-11-19 05:10:10
> -00; 2min 56s ago
> Docs: man:samba(8)
> man:samba(7)
> man:smb.conf(5)
> Process: 1054 ExecStart=/usr/local/sbin/samba --foreground
> --no-process-group $SAMBAOPTIONS (code=exited, status=1/FAILURE)
> Main PID: 1054 (code=exited, status=1/FAILURE)
> CPU: 12.734s
> ---- Cut Here ----
>
> ---- Cut Here: Journalctl -xe ----
> Nov 19 05:09:49 pluto samba[1098]: [2020/11/19 05:09:49.004709, 0]
> ../../source4/dns_server/dns_server.c:648(dns_add_socket)
> Nov 19 05:09:49 pluto samba[1098]: Failed to bind to 0.0.0.0:53 TCP
> - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> Nov 19 05:09:49 pluto systemd[1]: samba.service: Got notification
> message from PID 1063, but reception only permitted for main PID 1054
> Nov 19 05:09:49 pluto systemd[1]: samba.service: Got notification
> message from PID 1090, but reception only permitted for main PID 1054
> Nov 19 05:09:51 pluto winbindd[1090]: [2020/11/19 05:09:51.364555, 0]
> ../../source3/winbindd/winbindd_cache.c:3203(initialize_winbindd_cache)
> Nov 19 05:09:51 pluto winbindd[1090]: initialize_winbindd_cache:
> clearing cache and re-creating with version number 2
> Nov 19 05:09:51 pluto systemd[1]: samba.service: Got notification
> message from PID 1090, but reception only permitted for main PID 1054
> Nov 19 05:09:51 pluto winbindd[1090]: [2020/11/19 05:09:51.381221, 0]
> ../../lib/util/become_daemon.c:135(daemon_ready)
> Nov 19 05:09:51 pluto winbindd[1090]: daemon_ready: daemon
> 'winbindd' finished starting up and ready to serve connections
> Nov 19 05:09:51 pluto systemd[1]: samba.service: Got notification
> message from PID 1063, but reception only permitted for main PID 1054
> Nov 19 05:09:51 pluto smbd[1063]: [2020/11/19 05:09:51.597873, 0]
> ../../lib/util/become_daemon.c:135(daemon_ready)
> Nov 19 05:09:51 pluto smbd[1063]: daemon_ready: daemon 'smbd'
> finished starting up and ready to serve connections
> Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.101174, 0]
> ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
> Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate:
> Traceback (most recent call last):
> Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.101174, 0]
> ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
> Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate:
> File "/usr/local/sbin/samba_dnsupdate", line 56, in <module>
> Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.101174, 0]
> ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
> Nov 19 05:09:52 pluto samba[1096]:
> /usr/local/sbin/samba_dnsupdate: import dns.resolver
> Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.104507, 0]
> ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
> Nov 19 05:09:52 pluto samba[1096]: /usr/local/sbin/samba_dnsupdate:
> ModuleNotFoundError: No module named 'dns'
> Nov 19 05:09:52 pluto samba[1096]: [2020/11/19 05:09:52.224499, 0]
> ../../source4/dsdb/dns/dns_update.c:85(dnsupdate_nameupdate_done)
> Nov 19 05:09:52 pluto samba[1096]: dnsupdate_nameupdate_done: Failed
> DNS update with exit code 1
> Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0]
> ../../source4/smbd/service_stream.c:372(stream_setup_socket)
> Nov 19 05:10:00 pluto samba[1066]: stream_setup_socket: Failed to
> listen on :::389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0]
> ../../source4/ldap_server/ldap_server.c:1185(add_socket)
> Nov 19 05:10:00 pluto samba[1066]: add_socket: ldapsrv failed to
> bind to :::389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0]
> ../../source4/smbd/service_stream.c:372(stream_setup_socket)
> Nov 19 05:10:00 pluto samba[1066]: stream_setup_socket: Failed to
> listen on 0.0.0.0:389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.273975, 0]
> ../../source4/ldap_server/ldap_server.c:1185(add_socket)
> Nov 19 05:10:00 pluto samba[1066]: add_socket: ldapsrv failed to
> bind to 0.0.0.0:389 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
> Nov 19 05:10:00 pluto samba[1066]: [2020/11/19 05:10:00.277308, 0]
> ../../source4/smbd/service_task.c:36(task_server_terminate)
> Nov 19 05:10:00 pluto samba[1066]: task_server_terminate:
> task_server_terminate: [Failed to startup ldap server task]
> Nov 19 05:10:00 pluto samba[1054]: [2020/11/19 05:10:00.277308, 0]
> ../../source4/smbd/server.c:377(samba_terminate)
> Nov 19 05:10:00 pluto samba[1054]: samba_terminate: samba_terminate
> of samba 1054: Failed to startup ldap server task
> Nov 19 05:10:00 pluto systemd[1]: samba.service: Main process exited,
> code=exited, status=1/FAILURE
> ░░ Subject: Unit process exited
> ░░ Defined-By: systemd
> ░░ Support:https://gentoo.org/support/
> ░░
> ░░ An ExecStart= process belonging to unit samba.service has exited.
> ░░
> ░░ The process' exit code is 'exited' and its exit status is 1.
> Nov 19 05:10:10 pluto systemd[1]: samba.service: Failed with result
> 'exit-code'.
> ░░ Subject: Unit failed
> ░░ Defined-By: systemd
> ░░ Support:https://gentoo.org/support/
> ░░
> ░░ The unit samba.service has entered the 'failed' state with result
> 'exit-code'.
> Nov 19 05:10:10 pluto systemd[1]: Failed to start Samba AD Daemon.
> ░░ Subject: A start job for unit samba.service has failed
> ░░ Defined-By: systemd
> ░░ Support:https://gentoo.org/support/
> ░░
> ░░ A start job for unit samba.service has finished with a failure.
> ░░
> ░░ The job identifier is 552 and the job result is failed.
> Nov 19 05:10:10 pluto systemd[1]: samba.service: Consumed 12.734s CPU
> time.
> ░░ Subject: Resources consumed by unit runtime
> ░░ Defined-By: systemd
> ░░ Support:https://gentoo.org/support/
> ░░
> ░░ The unit samba.service completed and consumed the indicated resources.
> ---- Cut Here ----
>
>
> Oh, and here's the smb.conf file (what there is of it)
> ---- Cut Here ----
> # Global parameters
> [global]
> dns forwarder = 192.168.43.1
> netbios name = PLUTO
> realm = PLUTO.EGLIFAMILY.NAME
> server role = active directory domain controller
> workgroup = EGLIFAMILY
>
> [sysvol]
> path = /usr/local/var/lib/samba/sysvol
> read only = No
>
> [netlogon]
> path =
> /usr/local/var/lib/samba/sysvol/pluto.eglifamily.name/scripts
> read only = No
> ---- Cut Hre ----
>
> Any help is greatly appreciated!!! Why isn't samba starting?
>
>
--
Arnaud FLORENT
IRIS Technologies
More information about the samba
mailing list