[Samba] CTDB Question w/ Winbind
Robert Buck
robert.buck at som.com
Mon Oct 5 13:31:59 UTC 2020
Hi Martin
It seems as though, when I go from `clustering = no` to `clustering = yes`,
if I do a domain join, it will fail. However, if I do a `systemctl restart
ctdb` (knowing full well it will fail every time), if after this I add a
sleep(15), then do a domain join, then do a `systemctl restart ctdb`, then
the join will have worked, AND CTDB will start properly. So in a nutshell,
in Ansible,
- do all the samba setup without clustering on, even winbind setup; verify
it works
- do all the ctdb setup and turn clustering on, but we must again
domain-join, but only after having run restart-ctdb once first, then after
the join, do another restart-ctdb
Only then does the system come to a stable point.
This appears to be the only way to have a repeatable deployment process of
CTDB over multiple regions globally.
Any thoughts or recommendations?
Bob
On Thu, Oct 1, 2020 at 9:35 AM Robert Buck <robert.buck at som.com> wrote:
> And more information, wondering about DNS issues or DC issues...
>
> # wbinfo --ping-dc
>
> checking the NETLOGON for domain[MYDOMAINNAME] dc connection to "" failed
>
> failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND
>
> On Thu, Oct 1, 2020 at 9:21 AM Robert Buck <robert.buck at som.com> wrote:
>
>> Martin,
>>
>> Here you go,
>>
>> # echo "mypassword" | net --no-dns-updates -U service-account-name ads
>> testjoin domain.local
>>
>> kerberos_kinit_password NETBIOS_NAME$@DOMAIN.LOCAL failed: Client not
>> found in Kerberos database
>>
>> Join to domain is not valid: The name provided is not a properly formed
>> account name.
>>
>> On Wed, Sep 30, 2020 at 9:34 PM Martin Schwenke <martin at meltin.net>
>> wrote:
>>
>>> Hi Bob,
>>>
>>> On Wed, 30 Sep 2020 08:59:41 -0400, Robert Buck <robert.buck at som.com>
>>> wrote:
>>>
>>> > [...]
>>> > Sep 30 12:58:25 euw2-samba-server-c21-01 winbindd[484378]: * Could not
>>> > fetch our SID - did we join?*
>>> >
>>> > Sep 30 12:58:25 euw2-samba-server-c21-01 winbindd[484378]: *[2020/09/30
>>> > 12:58:25.161629, 0]
>>> > ../../source3/winbindd/winbindd.c:1462(winbindd_register_handlers)*
>>> >
>>> > Sep 30 12:58:25 euw2-samba-server-c21-01 winbindd[484378]: * unable to
>>> > initialize domain list*
>>>
>>> This looks to be a generic winbind and domain joining issue, which
>>> probably doesn't have anything to do with CTDB. Phew... :-)
>>>
>>> Searching for "Could not fetch our SID - did we join?" gets a bunch of
>>> hits, including this one:
>>>
>>>
>>> http://samba.2283325.n4.nabble.com/Winbind-error-quot-Could-not-fetch-our-SID-did-we-join-quot-td4726277.html
>>>
>>> Did you use "net ads join" to join the domain? What does "net ads
>>> testjoin" say?
>>>
>>> peace & happiness,
>>> martin
>>>
>>>
>>
>> --
>>
>> BOB BUCK
>> SENIOR PLATFORM SOFTWARE ENGINEER
>>
>> SKIDMORE, OWINGS & MERRILL
>> 7 WORLD TRADE CENTER
>> 250 GREENWICH STREET
>> NEW YORK, NY 10007
>> T (212) 298-9624
>> ROBERT.BUCK at SOM.COM
>>
>
>
> --
>
> BOB BUCK
> SENIOR PLATFORM SOFTWARE ENGINEER
>
> SKIDMORE, OWINGS & MERRILL
> 7 WORLD TRADE CENTER
> 250 GREENWICH STREET
> NEW YORK, NY 10007
> T (212) 298-9624
> ROBERT.BUCK at SOM.COM
>
--
BOB BUCK
SENIOR PLATFORM SOFTWARE ENGINEER
SKIDMORE, OWINGS & MERRILL
7 WORLD TRADE CENTER
250 GREENWICH STREET
NEW YORK, NY 10007
T (212) 298-9624
ROBERT.BUCK at SOM.COM
More information about the samba
mailing list