[Samba] andoid access samba4 share
Hello, i installed the app ES Datei Explorer on my andoid phone 4.0.4. I can access the share, but i cannot open any files, i get the error invalid parameter. When i try to access a windows server or samba3, it works perfectly. I also tried some other apps named AndSMBm,... nothing can open files on a share... smbd.log: ... [2013/02/19 13:01:40.290922, 3, pid=26840] ../source3/smbd/error.c:82(error_packet_set) NT error packet at ../source3/smbd/reply.c(3943) cmd=46 (SMBreadX) NT_STATUS_INVALID_PARAMETER ... When i change the backend from s3fs to smb, it works! I use samba4.0.2. Whats the problem of the s3fs? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] GPOs don't work after update from Samba4.0 alpha 17 to 4.0.1
Do you used wmi filters for your gpos?
Original-Nachricht
Datum: Sun, 27 Jan 2013 13:25:22 +0100
Von: x-dimens...@gmx.net
An: samba@lists.samba.org
Betreff: [Samba] GPOs don\'t work after update from Samba4.0 alpha 17 to 4.0.1
Hi!
I have updated our server from Samba 4 alpha 17 to Samba 4.0.1.
Everything seems to work fine after some reconfiguration, but our
GPOs are not working anymore.
Samba 4 alpha 17 was using ntvfs and the root partition with the sysvol
share was mounted with user_xattr only in /etc/fstab.
Samba 4.0.1 is now set to use s3fs and the root partition is mouted with
user_xattr,acl,barrier=1.
After updating to the newer Samba release i run samba-tool ntacl
sysvolreset like it was described in the release notes.
Gpresult /H shows me that only the Default Domain Policy is loaded, but
not all the policies in the OU.
Gpupdate /force shows this error on a client:
---
Die Richtlinie wird aktualisiert...
Die Aktualisierung der Benutzerrichtlinie wurde erfolgreich abgeschlossen.
Die Computerrichtlinie konnte nicht erfolgreich aktualisiert werden.
Folgende Probleme sind aufgetreten:
Fehler bei der Verarbeitung der Gruppenrichtlinie. Der WMI-Filter (Windows
Management Instrumentation) für das Gruppenrichtlinienobjekt
cn={97E400EB-EDFD-4024-A9D5-1BB8261ABE01},cn=policies,cn=system,DC=mynetwork,DC=lan
konnte nicht ausgewertet werden. Dies kann darauf zurückzuführen sein,
dass RSoP deaktiviert ist, oder dass der WMI-Dienst deaktiviert oder
angehalten wurde, bzw. andere WMI-Fehler aufgetreten sind. Stellen Sie
sicher, dass
der WMI-Dienst gestartet ist und dass der Starttyp auf automatischen Start
festgelegt ist. Neue Gruppenrichtlinienobjekte oder -einstellungen werden
nicht verarbeitet, bis dieses Ereignis behoben wurde.
---
Google Translate:
The policy is updated ...
Updating the user policy has been successfully completed.The computer
policy could not be updated successfully. The following problems:
Error processing of Group Policy. The WMI filter (Windows Management
Instrumentation) for the GPO cn = {97E400EB-4024-A9D5-EDFD-1BB8261ABE01}, cn
=
policies, cn = System, DC = mynetwork, DC = lan could not be evaluated.
This may be due to the fact that RSOP is disabled, or that the WMI service is
disabled or stopped, or other WMI errors. Make sure that the WMI service
is started and that the startup type is set to start automatically. New
Group Policy objects or settings will not be processed until this event is
resolved.
---
How can i get my GPOs to work again?
Thanks for help!
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: Re: samba4 binddlz performance
Original-Nachricht Datum: Mon, 03 Dec 2012 15:40:31 +0100 Von: Thomas Manninger dbgtmas...@gmx.at An: m...@samba.org Betreff: Re: [Samba] samba4 binddlz performance Original-Nachricht Datum: Fri, 23 Nov 2012 14:32:31 -0800 Von: Matthieu Patou m...@samba.org An: samba@lists.samba.org Betreff: Re: [Samba] samba4 binddlz performance On 11/19/2012 07:11 AM, Thomas Manninger wrote: Hello, i am using samba4rc2. I have problems with the bind9 dlz module, i get very long response times from interal queries. root@s-srv01:~# dig s-srv04.test.local @192.168.0.4 ; DiG 9.8.0-P4 s-srv04.test.local @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 64478 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;s-srv04.test.local. IN A ;; ANSWER SECTION: s-srv04.test.local. 900 IN A 192.168.0.4 ;; AUTHORITY SECTION: test.local. 900 IN NS s-srv01.test.local. test.local. 900 IN NS s-srv04.test.local. ;; ADDITIONAL SECTION: s-srv01.test.local. 900 IN A 192.168.0.1 ;; Query time: 1239 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:07:59 2012 ;; MSG SIZE rcvd: 108 .local is normally used for mdns (see. http://en.wikipedia.org/wiki/MDNS#Host_Discovery), can you try with another kind of tld (ie. use domain test.corp). external queries are a little bit faster: root@s-srv01:~# dig google.com @192.168.0.4 ; DiG 9.8.0-P4 google.com @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 56403 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13, ADDITIONAL: 6 ;; QUESTION SECTION: ;google.com.IN A ;; ANSWER SECTION: google.com. 300 IN A 173.194.35.135 google.com. 300 IN A 173.194.35.136 google.com. 300 IN A 173.194.35.137 google.com. 300 IN A 173.194.35.142 google.com. 300 IN A 173.194.35.128 google.com. 300 IN A 173.194.35.129 google.com. 300 IN A 173.194.35.130 google.com. 300 IN A 173.194.35.131 google.com. 300 IN A 173.194.35.132 google.com. 300 IN A 173.194.35.133 google.com. 300 IN A 173.194.35.134 ;; AUTHORITY SECTION: . 45846 IN NS a.root-servers.net. . 45846 IN NS c.root-servers.net. . 45846 IN NS b.root-servers.net. . 45846 IN NS g.root-servers.net. . 45846 IN NS f.root-servers.net. . 45846 IN NS j.root-servers.net. . 45846 IN NS e.root-servers.net. . 45846 IN NS i.root-servers.net. . 45846 IN NS l.root-servers.net. . 45846 IN NS k.root-servers.net. . 45846 IN NS h.root-servers.net. . 45846 IN NS d.root-servers.net. . 45846 IN NS m.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 45846 IN A 198.41.0.4 b.root-servers.net. 45846 IN A 192.228.79.201 c.root-servers.net. 45846 IN A 192.33.4.12 d.root-servers.net. 45846 IN A 128.8.10.90 e.root-servers.net. 45846 IN A 192.203.230.10 f.root-servers.net. 45846 IN A 192.5.5.241 ;; Query time: 281 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:09:06 2012 ;; MSG SIZE rcvd: 511 When i change to the samba4 internal dns server, i get response time about ~1-2ms. But why is the bind dlz modul so slooow..? you can use kcachegrind to trace bind in foreground mode in order to see where the time is spent. Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I started bind with: valgrind --tool=callgring /usr/sbin/named -c /etc/bind/named.conf -f So i get any answers, bind is very slow. Now, i have a callgrind file, but i dont can read this file... I only see, that ltdb_search_indexed needs incl. 96%.. can somebody helps me?? file is included as attachment. thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman
[Samba] Fwd: Re: samba4 binddlz performance
Original-Nachricht Datum: Fri, 23 Nov 2012 14:32:31 -0800 Von: Matthieu Patou m...@samba.org An: samba@lists.samba.org Betreff: Re: [Samba] samba4 binddlz performance On 11/19/2012 07:11 AM, Thomas Manninger wrote: Hello, i am using samba4rc2. I have problems with the bind9 dlz module, i get very long response times from interal queries. root@s-srv01:~# dig s-srv04.test.local @192.168.0.4 ; DiG 9.8.0-P4 s-srv04.test.local @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 64478 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;s-srv04.test.local. IN A ;; ANSWER SECTION: s-srv04.test.local. 900 IN A 192.168.0.4 ;; AUTHORITY SECTION: test.local. 900 IN NS s-srv01.test.local. test.local. 900 IN NS s-srv04.test.local. ;; ADDITIONAL SECTION: s-srv01.test.local. 900 IN A 192.168.0.1 ;; Query time: 1239 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:07:59 2012 ;; MSG SIZE rcvd: 108 .local is normally used for mdns (see. http://en.wikipedia.org/wiki/MDNS#Host_Discovery), can you try with another kind of tld (ie. use domain test.corp). external queries are a little bit faster: root@s-srv01:~# dig google.com @192.168.0.4 ; DiG 9.8.0-P4 google.com @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 56403 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13, ADDITIONAL: 6 ;; QUESTION SECTION: ;google.com.IN A ;; ANSWER SECTION: google.com. 300 IN A 173.194.35.135 google.com. 300 IN A 173.194.35.136 google.com. 300 IN A 173.194.35.137 google.com. 300 IN A 173.194.35.142 google.com. 300 IN A 173.194.35.128 google.com. 300 IN A 173.194.35.129 google.com. 300 IN A 173.194.35.130 google.com. 300 IN A 173.194.35.131 google.com. 300 IN A 173.194.35.132 google.com. 300 IN A 173.194.35.133 google.com. 300 IN A 173.194.35.134 ;; AUTHORITY SECTION: . 45846 IN NS a.root-servers.net. . 45846 IN NS c.root-servers.net. . 45846 IN NS b.root-servers.net. . 45846 IN NS g.root-servers.net. . 45846 IN NS f.root-servers.net. . 45846 IN NS j.root-servers.net. . 45846 IN NS e.root-servers.net. . 45846 IN NS i.root-servers.net. . 45846 IN NS l.root-servers.net. . 45846 IN NS k.root-servers.net. . 45846 IN NS h.root-servers.net. . 45846 IN NS d.root-servers.net. . 45846 IN NS m.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 45846 IN A 198.41.0.4 b.root-servers.net. 45846 IN A 192.228.79.201 c.root-servers.net. 45846 IN A 192.33.4.12 d.root-servers.net. 45846 IN A 128.8.10.90 e.root-servers.net. 45846 IN A 192.203.230.10 f.root-servers.net. 45846 IN A 192.5.5.241 ;; Query time: 281 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:09:06 2012 ;; MSG SIZE rcvd: 511 When i change to the samba4 internal dns server, i get response time about ~1-2ms. But why is the bind dlz modul so slooow..? you can use kcachegrind to trace bind in foreground mode in order to see where the time is spent. Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Startup time of bind is also very slow: Dec 3 20:10:06 srv named[20349]: samba_dlz: trying container 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern' Dec 3 20:10:10 srv named[20349]: samba_dlz: configured writeable zone '110.168.192.in-addr.arpa' Dec 3 20:10:10 srv named[20349]: samba_dlz: trying container 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern' Dec 3 20:10:14 srv named[20349]: samba_dlz: configured writeable zone '111.168.192.in-addr.arpa' Dec 3 20:10:14 srv named[20349]: samba_dlz: trying container 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern' Dec 3 20:10:18 srv named[20349]: samba_dlz: configured
Re: [Samba] samba4 binddlz performance
I think, i am in the near of the solution of my problem. The search of a user is very fast (1sec): ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator But the search of a record is very slow (~3sec): ldbsearch -H /var/lib/samba/private/sam.ldb -b DC=mb.intern,CN=MicrosoftDNS,CN=System,dc=mb,dc=intern dc=mbdom2 There are missing indexes in the ldb database?? Where can i can the index, or add some?? thanks! Original-Nachricht Datum: Fri, 23 Nov 2012 14:32:31 -0800 Von: Matthieu Patou m...@samba.org An: samba@lists.samba.org Betreff: Re: [Samba] samba4 binddlz performance On 11/19/2012 07:11 AM, Thomas Manninger wrote: Hello, i am using samba4rc2. I have problems with the bind9 dlz module, i get very long response times from interal queries. root@s-srv01:~# dig s-srv04.test.local @192.168.0.4 ; DiG 9.8.0-P4 s-srv04.test.local @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 64478 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;s-srv04.test.local. IN A ;; ANSWER SECTION: s-srv04.test.local. 900 IN A 192.168.0.4 ;; AUTHORITY SECTION: test.local. 900 IN NS s-srv01.test.local. test.local. 900 IN NS s-srv04.test.local. ;; ADDITIONAL SECTION: s-srv01.test.local. 900 IN A 192.168.0.1 ;; Query time: 1239 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:07:59 2012 ;; MSG SIZE rcvd: 108 .local is normally used for mdns (see. http://en.wikipedia.org/wiki/MDNS#Host_Discovery), can you try with another kind of tld (ie. use domain test.corp). external queries are a little bit faster: root@s-srv01:~# dig google.com @192.168.0.4 ; DiG 9.8.0-P4 google.com @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 56403 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13, ADDITIONAL: 6 ;; QUESTION SECTION: ;google.com.IN A ;; ANSWER SECTION: google.com. 300 IN A 173.194.35.135 google.com. 300 IN A 173.194.35.136 google.com. 300 IN A 173.194.35.137 google.com. 300 IN A 173.194.35.142 google.com. 300 IN A 173.194.35.128 google.com. 300 IN A 173.194.35.129 google.com. 300 IN A 173.194.35.130 google.com. 300 IN A 173.194.35.131 google.com. 300 IN A 173.194.35.132 google.com. 300 IN A 173.194.35.133 google.com. 300 IN A 173.194.35.134 ;; AUTHORITY SECTION: . 45846 IN NS a.root-servers.net. . 45846 IN NS c.root-servers.net. . 45846 IN NS b.root-servers.net. . 45846 IN NS g.root-servers.net. . 45846 IN NS f.root-servers.net. . 45846 IN NS j.root-servers.net. . 45846 IN NS e.root-servers.net. . 45846 IN NS i.root-servers.net. . 45846 IN NS l.root-servers.net. . 45846 IN NS k.root-servers.net. . 45846 IN NS h.root-servers.net. . 45846 IN NS d.root-servers.net. . 45846 IN NS m.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 45846 IN A 198.41.0.4 b.root-servers.net. 45846 IN A 192.228.79.201 c.root-servers.net. 45846 IN A 192.33.4.12 d.root-servers.net. 45846 IN A 128.8.10.90 e.root-servers.net. 45846 IN A 192.203.230.10 f.root-servers.net. 45846 IN A 192.5.5.241 ;; Query time: 281 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:09:06 2012 ;; MSG SIZE rcvd: 511 When i change to the samba4 internal dns server, i get response time about ~1-2ms. But why is the bind dlz modul so slooow..? you can use kcachegrind to trace bind in foreground mode in order to see where the time is spent. Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 binddlz performance
Hello, i am using samba4rc2. I have problems with the bind9 dlz module, i get very long response times from interal queries. root@s-srv01:~# dig s-srv04.test.local @192.168.0.4 ; DiG 9.8.0-P4 s-srv04.test.local @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 64478 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;s-srv04.test.local. IN A ;; ANSWER SECTION: s-srv04.test.local. 900 IN A 192.168.0.4 ;; AUTHORITY SECTION: test.local. 900 IN NS s-srv01.test.local. test.local. 900 IN NS s-srv04.test.local. ;; ADDITIONAL SECTION: s-srv01.test.local. 900 IN A 192.168.0.1 ;; Query time: 1239 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:07:59 2012 ;; MSG SIZE rcvd: 108 external queries are a little bit faster: root@s-srv01:~# dig google.com @192.168.0.4 ; DiG 9.8.0-P4 google.com @192.168.0.4 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 56403 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13, ADDITIONAL: 6 ;; QUESTION SECTION: ;google.com.IN A ;; ANSWER SECTION: google.com. 300 IN A 173.194.35.135 google.com. 300 IN A 173.194.35.136 google.com. 300 IN A 173.194.35.137 google.com. 300 IN A 173.194.35.142 google.com. 300 IN A 173.194.35.128 google.com. 300 IN A 173.194.35.129 google.com. 300 IN A 173.194.35.130 google.com. 300 IN A 173.194.35.131 google.com. 300 IN A 173.194.35.132 google.com. 300 IN A 173.194.35.133 google.com. 300 IN A 173.194.35.134 ;; AUTHORITY SECTION: . 45846 IN NS a.root-servers.net. . 45846 IN NS c.root-servers.net. . 45846 IN NS b.root-servers.net. . 45846 IN NS g.root-servers.net. . 45846 IN NS f.root-servers.net. . 45846 IN NS j.root-servers.net. . 45846 IN NS e.root-servers.net. . 45846 IN NS i.root-servers.net. . 45846 IN NS l.root-servers.net. . 45846 IN NS k.root-servers.net. . 45846 IN NS h.root-servers.net. . 45846 IN NS d.root-servers.net. . 45846 IN NS m.root-servers.net. ;; ADDITIONAL SECTION: a.root-servers.net. 45846 IN A 198.41.0.4 b.root-servers.net. 45846 IN A 192.228.79.201 c.root-servers.net. 45846 IN A 192.33.4.12 d.root-servers.net. 45846 IN A 128.8.10.90 e.root-servers.net. 45846 IN A 192.203.230.10 f.root-servers.net. 45846 IN A 192.5.5.241 ;; Query time: 281 msec ;; SERVER: 192.168.0.4#53(192.168.0.4) ;; WHEN: Mon Nov 19 16:09:06 2012 ;; MSG SIZE rcvd: 511 When i change to the samba4 internal dns server, i get response time about ~1-2ms. But why is the bind dlz modul so slooow..? bind version is 9.8.0. What can i doo?? Regards, Tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 binddlz performance
And my named.conf:
options {
tkey-gssapi-keytab /var/lib/samba/private/dns.keytab;
allow-query { any; };
allow-transfer { any; };
listen-on-v6 { any; };
};
dlz samba4.zone {
database dlopen /usr/lib/samba/bind9/dlz_bind9_9.so {
/*
* update-policy {
* grant TEST.LOCAL ms-self * A ;
* grant Administrator@TEST.LOCAL wildcard
* A SRV CNAME;
* grant s-srv01$@TEST.local wildcard * A
SRV CNAME;
* };
*/
/*
* the list of principals and what they can change is
created
* dynamically by Samba, based on the membership of the
domain controllers
* group. The provision just creates this file as an
empty file.
*/
include /var/lib/samba/private/named.conf.update;
/* we need to use check-names ignore so _msdcs A
records can be created */
check-names ignore;
};
;
};
syslog named startup:
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: configured writeable zone
'32.168.192.in-addr.arpa'
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: trying container
'CN=MicrosoftDNS,CN=System,DC=test,DC=local'
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: configured writeable zone
'0.168.192.in-addr.arpa'
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: trying container
'CN=MicrosoftDNS,CN=System,DC=test,DC=local'
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: configured writeable zone
'2.168.192.in-addr.arpa'
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: trying container
'CN=MicrosoftDNS,CN=System,DC=test,DC=local'
Nov 19 16:01:50 s-srv01 named[27310]: samba_dlz: configured writeable zone
'test.local'
Nov 19 16:01:50 s-srv01 named[27310]: set up managed keys zone for view
_default, file 'managed-keys.bind'
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: 0.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: 127.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: 254.169.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone:
100.51.198.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone:
113.0.203.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone:
255.255.255.255.IN-ADDR.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone:
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: D.F.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: 8.E.F.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: 9.E.F.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: A.E.F.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone: B.E.F.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: automatic empty zone:
8.B.D.0.1.0.0.2.IP6.ARPA
Nov 19 16:01:50 s-srv01 named[27310]: command channel listening on 127.0.0.1#953
Nov 19 16:01:50 s-srv01 named[27310]: command channel listening on ::1#953
Nov 19 16:01:50 s-srv01 named[27310]: managed-keys-zone ./IN: loading from
master file managed-keys.bind failed: file not found
Nov 19 16:01:50 s-srv01 named[27310]: managed-keys-zone ./IN: loaded serial 0
Nov 19 16:01:50 s-srv01 named[27310]: running
Original-Nachricht
Datum: Mon, 19 Nov 2012 16:11:30 +0100
Von: Thomas Manninger dbgtmas...@gmx.at
An: samba@lists.samba.org
Betreff: [Samba] samba4 binddlz performance
Hello,
i am using samba4rc2.
I have problems with the bind9 dlz module, i get very long response times
from interal queries.
root@s-srv01:~# dig s-srv04.test.local @192.168.0.4
; DiG 9.8.0-P4 s-srv04.test.local @192.168.0.4
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 64478
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;s-srv04.test.local. IN A
;; ANSWER SECTION:
s-srv04.test.local. 900 IN A 192.168.0.4
;; AUTHORITY SECTION:
test.local. 900 IN NS s-srv01.test.local.
test.local. 900 IN NS s-srv04.test.local.
;; ADDITIONAL SECTION:
s-srv01.test.local. 900 IN A 192.168.0.1
;; Query time: 1239 msec
;; SERVER: 192.168.0.4#53(192.168.0.4)
;; WHEN: Mon Nov 19 16:07:59 2012
;; MSG SIZE rcvd: 108
external queries are a little bit faster:
root@s
[Samba] samba4 ad problems
Hello, i have a samba4 ad domain with 5 domain controllers. Since 2-3 weeks, i have problems with kerberos, log.samba: [2012/11/16 16:21:11, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:21:12, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:21:12, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:21:14, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:21:24, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:21:24, 0] ../source4/dsdb/repl/drepl_out_helpers.c:829(dreplsrv_update_refs_done) UpdateRefs failed with WERR_DS_DRA_ACCESS_DENIED/NT code 0xc0002105 for 0854286a-4fd6-42a8-bc79-4487b61c7733._msdcs.test.local CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:21:44, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 3 objects (0 linked attributes) for DC=test,DC=local [2012/11/16 16:21:53, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for DC=test,DC=local [2012/11/16 16:21:53, 0] ../source4/dsdb/repl/drepl_out_helpers.c:829(dreplsrv_update_refs_done) UpdateRefs failed with WERR_DS_DRA_ACCESS_DENIED/NT code 0xc0002105 for 0854286a-4fd6-42a8-bc79-4487b61c7733._msdcs.test.local DC=test,DC=local [2012/11/16 16:23:49, 2] ../source4/libcli/dgram/dgramsocket.c:92(dgm_socket_recv) No mailslot handler for 'ÃMAILSLOTÃLANMAN' [2012/11/16 16:25:06, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Configuration,DC=test,DC=local [2012/11/16 16:25:19, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Configuration,DC=test,DC=local [2012/11/16 16:25:19, 0] ../source4/dsdb/repl/drepl_out_helpers.c:829(dreplsrv_update_refs_done) UpdateRefs failed with WERR_DS_DRA_ACCESS_DENIED/NT code 0xc0002105 for 0854286a-4fd6-42a8-bc79-4487b61c7733._msdcs.test.local CN=Configuration,DC=test,DC=local [2012/11/16 16:26:01, 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp:da93641c-ad62-4a93-bf2d-5eae845237ab._msdcs.test.local[1024,seal,krb5] NT_STATUS_INVALID_PARAMETER [2012/11/16 16:26:01, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:26:11, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:26:12, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:26:13, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:26:13, 0] ../source4/dsdb/repl/drepl_out_helpers.c:829(dreplsrv_update_refs_done) UpdateRefs failed with WERR_DS_DRA_ACCESS_DENIED/NT code 0xc0002105 for 0854286a-4fd6-42a8-bc79-4487b61c7733._msdcs.test.local CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:26:14, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:26:49, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=test,DC=local [2012/11/16 16:26:50, 2] ../source4/dsdb/repl/replicated_objects.c:779(dsdb_replicated_objects_commit) Replicated 0 objects (0 linked attributes) for DC=test,DC=local [2012/11/16 16:26:51, 1] ../source4/auth/gensec/gensec_gssapi.c:645(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed [2012/11/16 16:26:56, 1]
