[Samba] winbindd fails to start

James B. Byrne byrnejb at harte-lyne.ca
Mon Aug 12 13:45:34 UTC 2024


Rowland Penny rpenny at samba.org
Fri Aug 9 15:25:00 UTC 2024
On Fri, 9 Aug 2024 10:40:18 -0400
"James B. Byrne via samba" <samba at lists.samba.org> wrote:

>> I am testing samba-4.19 on FreeBSd-14.1 and am getting this error in
>> the log.wb-<DOMAIN> file:
>>
>> ../../source3/winbindd/winbindd_dual.c:1965(winbindd_sig_term_handler)
>>
>> I suspect that this may caused by an ip4 address assignment clash as
>> I am using the configuration and data structures copied from our
>> running Samba-4.13 DC.

> Can you clarify what the above means ?
> It sounds like you have installed Samba 4.19.x and then copied the
> smb.conf and idmap.ldb etc from your running DC.

Thanks for your assistance.

The situation is this:  I run our samba_server 4.13 DC in a FreeBSd-13.2 jail
running on a 13.2 host.  I have transferred a copy of that jail to a different
host running FreeBSd-14.1 and reconfigured the network addresses assigned to
the jail to avoid clashing with the existing, and running, samba DC.

On the target host I have upgraded the transferred jail to FreeBSd-14.1 and
upgraded the packages thereon.  This required moving to Samba-4.19. 
Samba_server is running on the upgraded jail and I have resolved all of the
errors I discovered in the logs save one: winbindd will not start.

>>
>> When I run winbindd interactively I see this:
>>
>> # /usr/local/sbin/winbindd -i -d 11
>> INFO: Current debug levels:

> You should never run winbind yourself on a Samba AD DC, you should
> allow the 'samba' binary to start it.

If winbind would start, which it does not.  I am running it manually to
discover why winbind will not start from samba_server.



>  . . .

>> Processing section "[global]"
. . .
>> doing parameter interfaces = localhost smb4-2

> Try using the required interface instead of the hostname.


[root at smb4-2 ~]# /usr/local/sbin/winbindd -i -d 11
INFO: Current debug levels:
  all: 11
  tdb: 11
  printdrivers: 11
  lanman: 11
  smb: 11

  acls: 11
  locking: 11
  msdfs: 11
  dmapi: 11
  registry: 11
  scavenger: 11
  dns: 11
  ldb: 11
  tevent: 11
  auth_audit: 11
  auth_json_audit: 11
  kerberos: 11
  drs_repl: 11
  smb2: 11
  smb2_credits: 11
  dsdb_audit: 11
  dsdb_json_audit: 11
  dsdb_password_audit: 11
  dsdb_password_json_audit: 11
  dsdb_transaction_audit: 11
  dsdb_transaction_json_audit: 11
  dsdb_group_audit: 11
  dsdb_group_json_audit: 11
lp_load_ex: refreshing parameters
Initialising global parameters
INFO: Current debug levels:
  all: 11
  tdb: 11
  printdrivers: 11
  lanman: 11
  smb: 11
  rpc_parse: 11
  rpc_srv: 11
  rpc_cli: 11
  passdb: 11
  sam: 11
  auth: 11
  winbind: 11
  vfs: 11
  idmap: 11
  quota: 11
  acls: 11
  locking: 11
  msdfs: 11
  dmapi: 11
  registry: 11
  scavenger: 11
  dns: 11
  ldb: 11
  tevent: 11
  auth_audit: 11
  auth_json_audit: 11
  kerberos: 11
  drs_repl: 11
  smb2: 11
  smb2_credits: 11
  dsdb_audit: 11
  dsdb_json_audit: 11
  dsdb_password_audit: 11
  dsdb_password_json_audit: 11
  dsdb_transaction_audit: 11
  dsdb_transaction_json_audit: 11
  dsdb_group_audit: 11
  dsdb_group_json_audit: 11
Processing section "[global]"
doing parameter netbios name = SMB4-2
doing parameter disable netbios = yes
doing parameter interfaces = em1, 192.168.216.164/16
doing parameter realm = BROCKLEY.HARTE-LYNE.CA
doing parameter server role = active directory domain controller
doing parameter workgroup = BROCKLEY
doing parameter idmap_ldb:use rfc2307 = yes
doing parameter vfs objects = acl_xattr dfs_samba4 zfsacl
doing parameter socket options = TCP_NODELAY SO_KEEPALIVE
doing parameter bind interfaces only = Yes
doing parameter interfaces = localhost em1
doing parameter dns forwarder = 216.185.71.33 216.185.71.34
doing parameter dns update command = /usr/local/sbin/samba_dnsupdate
doing parameter nsupdate command = /usr/local/bin/samba-nsupdate## Global
parameters
doing parameter allow dns updates = nonsecure
doing parameter log level = 1
doing parameter log file = /var/log/samba4/smbd.log
doing parameter max log size = 10000
doing parameter debug timestamp = yes
doing parameter load printers = no
doing parameter printing = bsd
doing parameter printcap name = /dev/null
doing parameter disable spoolss = yes
vfs objects specified with all required AD DC modules
pm_process() returned Yes
lp_servicenumber: couldn't find homes
added interface lo0 ip=127.0.162.1 bcast=127.0.162.1 netmask=255.255.255.255
added interface em1 ip=192.168.216.164 bcast=192.168.216.164
netmask=255.255.255.255

ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or
interactive (-i)

Usage: winbindd [-?nDiFV] [-?|--help] [--usage] [-n|--no-caching]
[-d|--debuglevel=DEBUGLEVEL] [--debug-stdout]
        [-s|--configfile=CONFIGFILE] [--option=name=value]
[-l|--log-basename=LOGFILEBASE] [--leak-report] [--leak-report-full]
        [-D|--daemon] [-i|--interactive] [-F|--foreground] [--no-process-group]
[-V|--version]

I have changed the interfaces setting to:

   bind interfaces only = Yes
   interfaces = localhost em1

per your suggestion.  However, winbindd still fails t start.


The error respecting logging confuses me as the -i (interactive ) option is
specified.

I am also confused by the message: lp_servicenumber: couldn't find homes.  This
is what the smb4.conf file contains:

### Unix users home directories.  (not used on this system)
#[homes]
#   comment = Home Directories
#   browseable = no
#   writable = yes

We do not use samba based printing.

### Disable printing
  load printers = no
  printing = bsd
  printcap name = /dev/null
  disable spoolss = yes


I infer that this message is strictly informational.  What else needs to be
done to get this to start?




-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
   Unencrypted messages have no legal claim to privacy
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3




More information about the samba mailing list