I'm not giving up. :)
I now tried a
net ads join -s /etc/samba/smb3.conf -U samba-admin -d 10
in order to find out what the real problem might be. After a successful
LDAP ping and some other good looking messages, I get the following error:
-------- snip --------
[2009/09/10 07:42:39, 3] lib/util_sock.c:open_socket_out(1400)
Connecting to 192.168.182.185 at port 445
[2009/09/10 07:42:39, 2] lib/util_sock.c:open_socket_out(1440)
error connecting to 192.168.182.185:445 (Connection refused)
[2009/09/10 07:42:39, 3] lib/util_sock.c:open_socket_out(1400)
Connecting to 192.168.182.185 at port 139
[2009/09/10 07:42:39, 2] lib/util_sock.c:open_socket_out(1440)
error connecting to 192.168.182.185:139 (Connection refused)
[2009/09/10 07:42:39, 2] libsmb/cliconnect.c:cli_connect(1577)
Error connecting to 192.168.182.185 (Connection refused)
[2009/09/10 07:42:39, 1] libsmb/cliconnect.c:cli_start_connection(1656)
cli_start_connection: failed to connect to GUARDIAN.LOHRMAN<20>
(0.0.0.0). Error NT_STATUS_CONNECTION_REFUSED
[2009/09/10 07:42:39, 1] libnet/libnet_join.c:libnet_Join(1908)
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : NULL
netbios_domain_name : NULL
dns_domain_name : NULL
forest_name : NULL
dn : NULL
domain_sid : NULL
domain_sid : (NULL SID)
modified_config : 0x00 (0)
error_string : 'failed to lookup DC info for
domain 'LOHRMANN.DE' over rpc: The connection was refused'
domain_is_ad : 0x00 (0)
result : DOS code 0x000004c9
[2009/09/10 07:42:39, 10] intl/lang_tdb.c:lang_tdb_init(138)
lang_tdb_init: /usr/share/samba/de_DE.UTF-8.msg: No such file or
directory
Failed to join domain: failed to lookup DC info for domain 'LOHRMANN.DE'
over rpc: The connection was refused
[2009/09/10 07:42:39, 2] utils/net.c:main(769)
return code = -1
-------- snap -------
I understand that ports 445 and 139 are for the CIFS interface which is
disabled in Samba4 as I plan to start Samba in merged-mode and thus the
CIFS interface shall be provided by Samba3. However, a quick test
enabling the CIFS interface in Samba4 resulted in no real difference,
except that a connection on port 445 could be established (though a
connection on port 139 was refused although the port is open according
to a port scan).
Running net ads info successfully delivers information about the server.
However it seems it cannot determine the server's current time.
Running net ads status delivers no information at all. Running it in
debug-mode it says "Could not open connection to LDAP server
guardian.lohrmann.de:389: Transport endpoint is not connected".
Unfortunately I have no more ideas how to identify the problem. Any help
is really appreciated!
Thx
Chris
Am 08.09.2009 11:41, schrieb Christian Geiger:
I've investigated further onto this problem by starting smbd with debug
level 10. The "no version information available" message seems not to be
the problem. It further looks like smbd can generally connect to the
Samba4-ADS ("pdb backend ads has a valid init" and several successful
pathtree_add, though my interpretation might be wrong).
The real problem seems to be connected to the user:
-------- snip --------
Cache entry with key = IDMAP/UID2SID/0 couldn't be found
uid_to_sid: winbind failed to find a sid for uid 0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
NT user token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: uid 0 -> sid S-1-22-1-0
Cache entry with key = IDMAP/GID2SID/0 couldn't be found
gid_to_sid: winbind failed to find a sid for gid 0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
NT user token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: gid 0 -> sid S-1-5-21-1185138813-3764441650-1242382106-0
Create local NT token for S-1-22-1-0
Cache entry with key = IDMAP/SID2GID/S-1-5-32-544 couldn't be found
-------- snap --------
To my understanding, winbind cannot find a sid for user root (who has
uid 0). That's probably due to the fact that I started smbd as root user
for testing purposes.
Unfortunately this is where my knowledge ends. I'm a rather newbie to
Samba and LDAP, so help is really appreciated. I'm quite sure it's just
a small thing I missed.
Can anyone help?
Thx!
Chris
Am 07.09.2009 12:25, schrieb Christian Geiger:
Hi all,
I got a problem while trying to set up a Samba 3.4 Server in hybrid-mode.
After trying for some time I managed doing a merged-build of Samba3 and
Samba4 and I can now start samba4 without getting errors. However, the
same is not true for Samba3: starting it, I get the below error message.
Has anyone an idea about what the reason could be? Did I miss anything
during build/setup?
Thank you very much in advance for your help! If you need any further
information, please let me know.
Best regards
Chris
----------------------
=> console output smbd
-------- snip --------
r...@guardian:/var/run/samba/samba3# smbd -i -s /etc/samba/smb3.conf
smbd: /usr/local/lib/liblber-2.4.so.2: no version information available
(required by smbd)
smbd: /usr/local/lib/libldap_r-2.4.so.2: no version information available
(required by smbd)
smbd version 3.4.0-GIT-38995d7-devel started.
Copyright Andrew Tridgell and the Samba Team 1992-2009
===============================================================
INTERNAL ERROR: Signal 6 in pid 1395 (3.4.0-GIT-38995d7-devel)
Please read the Trouble-Shooting section of the Samba3-HOWTO
From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
===============================================================
smb_panic: clobber_region() last called from [sid_to_fstring(178)]
PANIC (pid 1395): internal error
BACKTRACE: 18 stack frames:
#0 smbd(log_stack_trace+0x2b) [0x84874ab]
#1 smbd(smb_panic+0x180) [0x848724e]
#2 smbd [0x8470ab8]
#3 smbd [0x8470ac9]
#4 [0xb7f13400]
#5 /lib/tls/i686/cmov/libc.so.6(abort+0x188) [0xb7bee098]
#6 /usr/lib/libtalloc.so.1(talloc_free+0x22d) [0xb7afa5dd]
#7 /usr/lib/libwbclient.so.0(wbcFreeMemory+0x21) [0xb7d3cd93]
#8 /usr/lib/libwbclient.so.0(wbcSidToGid+0xb4) [0xb7d3f26d]
#9 smbd(winbind_sid_to_gid+0x3e) [0x8444936]
#10 smbd(sid_to_gid+0x1bd) [0x8409419]
#11 smbd(create_local_nt_token+0x3f8) [0x8507eca]
#12 smbd(get_root_nt_token+0x1be) [0x8506fff]
#13 smbd(svcctl_init_keys+0x2d) [0x832a88c]
#14 smbd(registry_init_full+0xa4) [0x8923a4c]
#15 smbd(main+0xe68) [0x895fed1]
#16 /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7bd7775]
#17 smbd [0x80de0e1]
smb_panic(): calling panic action [/bin/sleep 999999999]
-------- snap --------
----------------------
=> console output samba4
-------- snip --------
r...@guardian:/usr/local/samba/etc# samba4 -i -s /etc/samba/smb4.conf
samba version 3.4.0-GIT-38995d7-devel started.
Copyright Andrew Tridgell and the Samba Team 1992-2009
samba: using 'standard' process model
-------- snap --------
----------------------
=> smb3.conf
-------- snip --------
[globals]
netbios name = guardian
workgroup = myworkgroup
realm = mydomain.de
security = ads
passdb backend = ads
pid directory = /var/run/samba/samba3/
[netlogon]
path = /usr/local/samba/var/locks/sysvol/mydomain.de/scripts
read only = no
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = no
[share]
path = /share
read only = no
-------- snap -------
----------------------
=> smb4.conf
-------- snip --------
[globals]
netbios name = guardian
workgroup = myworkgroup
realm = mydomain.de
server role = domain controller
server services = ldap, cldap, kdc
socket address = 127.0.0.1
pid directory = /var/run/samba/samba4/
-------- snap --------
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
