[Samba] winbind error after startup on Samba member server
Michael Tokarev
mjt at tls.msk.ru
Sat Jun 15 20:10:07 UTC 2024
14.06.2024 22:05, Peter Milesson via samba:
..
> Hi folks,
>
> I think I have sorted it out. Hopefully.
>
> I installed samba-dsdb-modules, and then the complaints stopped. I had the impression that samba-dsdb-modules are only required on a AD DC, but that's
> probably not completely true.
Wow. Yes, I was thinking merging dsdb modules into samba-ad-dc (it can't be done anyway
since it's also used by sssd but this is a different story).
Maybe winbind should recommend python3-samba and dsdb-modules, or maybe python3-samba
should recommend dsdb-modules. Unfortunately its not really clear which is what and
where it should be used.
> On the other server with frequent complaints about "Failed to connect to '/var/lib/samba/private/secrets.ldb'", it was a dangling misconfiguration in
> smb.conf. The parameter "inherit acls" seems to be the culprit. I set ACLs exclusively from Windows and this parameter is used when setting POSIX
> ACLs. Now, Samba seems to be satisfied.
The secrets.ldb message is well-known and absolutely harmless (but definitely annoying).
It can be mitigated by creating an empty secrets.ldb database with tdbtool:
echo create /var/lib/samba/private/secrets.ldb | tdbtool
It is not related to your initial problem in any way, but it sure might be misleading.
Thank you for sharing your results!
/mjt
--
GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24.
New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E
Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
More information about the samba
mailing list