Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] problems with initial install, simple server config
191 views
Skip to first unread message
Andy Smith
Jan 15, 2016, 6:10:03 AM1/15/16
to
Hi list,
I'm attempting my first ever install of Samba4, my requirements are
pretty simple: I just need the quickest easiest way to get a standalone
server for use as a Windows file server with password aging and password
complexity rules.
My OS is FreeBSD 10.2 running on ZFS, samba from binary package
samba43-4.3.3.
I've had a google for some guides and I've been using the steps here:
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller#Provisioning_the_Samba_Active_Directory
However when I run the interactive provisioning I'm getting this error
when provisioning as a DC:
Setting up self join
ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed -
ProvisioningError: Your filesystem or build does not support posix ACLs,
which s3fs requires. Try the mounting the filesystem with the 'acl'
option.
If I try provisioning as a standalone I get no errors but after
provisioning Winbind doesn't seem to work. Ie:
[root@samba1 ~]# wbinfo -p
Ping to winbindd succeeded
[root@samba1 ~]# wbinfo -u
Error looking up domain users
[root@samba1 ~]# wbinfo --user-info=andys
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user andys
Grateful for any advise,
thanks, Andy.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Rowland penny
Jan 15, 2016, 7:00:03 AM1/15/16
to
On 15/01/16 10:19, Andy Smith wrote:
>
>
> Hi list,
>
> I'm attempting my first ever install of Samba4, my requirements are
> pretty simple: I just need the quickest easiest way to get a standalone
> server for use as a Windows file server with password aging and password
> complexity rules.
>
> My OS is FreeBSD 10.2 running on ZFS, samba from binary package
> samba43-4.3.3.
>
> I've had a google for some guides and I've been using the steps here:
>
> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller#Provisioning_the_Samba_Active_Directory
>
>
> However when I run the interactive provisioning I'm getting this error
> when provisioning as a DC:
>
> Setting up self join
> ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed -
> ProvisioningError: Your filesystem or build does not support posix ACLs,
> which s3fs requires. Try the mounting the filesystem with the 'acl'
> option.
The error message is pretty explicit, your underlying filesystem doesn't
>
>
> Hi list,
>
> I'm attempting my first ever install of Samba4, my requirements are
> pretty simple: I just need the quickest easiest way to get a standalone
> server for use as a Windows file server with password aging and password
> complexity rules.
>
> My OS is FreeBSD 10.2 running on ZFS, samba from binary package
> samba43-4.3.3.
>
> I've had a google for some guides and I've been using the steps here:
>
> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller#Provisioning_the_Samba_Active_Directory
>
>
> However when I run the interactive provisioning I'm getting this error
> when provisioning as a DC:
>
> Setting up self join
> ERROR(<class 'samba.provision.ProvisioningError'>): Provision failed -
> ProvisioningError: Your filesystem or build does not support posix ACLs,
> which s3fs requires. Try the mounting the filesystem with the 'acl'
> option.
understand posix ACLs. I think you have three choices here if you want
an AD DC:
Search the internet for info on how to make Samba 4 provision on ZFS.
Use the ntvfs backend instead of s3fs, this is not something I would
recommend, the ntvfs backend is not really maintained any more and could
be removed at any time.
Use a different OS or filesystem that does understand posix ACLs
>
> If I try provisioning as a standalone I get no errors but after
> provisioning Winbind doesn't seem to work. Ie:
up a standalone server, see the Samba wiki, but you will still have the
posix ACLs problem, but there is a vfs to get round this.
Rowland
Andy Smith
Jan 15, 2016, 7:50:03 AM1/15/16
to
on 2016-01-15, ROWLAND PENNY wrote:
> The error message is pretty explicit, your underlying filesystem doesn't
> understand posix ACLs. I think you have three choices here if you want
> an AD DC:
thanks for replying. Yes it is pretty explicit, but at this point I
haven't been allowed to specify what directories in what file systems I
want to share. What directory is it testing for posix ACLs? I can mount
UFS or configure ZFS correctly for this purpose, but I don't necessarily
want to touch my root ZFS file system.
Understood regarding provisioning, strange to include several options
that do not work tho!
thanks again, Andy.
Rowland penny
Jan 15, 2016, 8:20:04 AM1/15/16
to
On 15/01/16 12:16, Andy Smith wrote:
>
>
> on 2016-01-15, ROWLAND PENNY wrote:
>
>> The error message is pretty explicit, your underlying filesystem doesn't
>> understand posix ACLs. I think you have three choices here if you want
>> an AD DC:
> Hi Rowland,
>
> thanks for replying. Yes it is pretty explicit, but at this point I
> haven't been allowed to specify what directories in what file systems I
> want to share. What directory is it testing for posix ACLs? I can mount
> UFS or configure ZFS correctly for this purpose, but I don't necessarily
> want to touch my root ZFS file system.
Try running 'samba -b' this will show you where the AD DC expects to
>
>
> on 2016-01-15, ROWLAND PENNY wrote:
>
>> The error message is pretty explicit, your underlying filesystem doesn't
>> understand posix ACLs. I think you have three choices here if you want
>> an AD DC:
> Hi Rowland,
>
> thanks for replying. Yes it is pretty explicit, but at this point I
> haven't been allowed to specify what directories in what file systems I
> want to share. What directory is it testing for posix ACLs? I can mount
> UFS or configure ZFS correctly for this purpose, but I don't necessarily
> want to touch my root ZFS file system.
find things, you should be able to work out from there what needs
changing on your system.
>
> Understood regarding provisioning, strange to include several options
> that do not work tho!
use them, everything does work on Linux which I suppose is Samba's main
target.
'ntvfs' was created in the early phase of Samba4, but was ultimately
dropped in favour of 's3fs', I understand it was dropped because of the
amount of work that was required to complete everything it was designed
to do and a lack of time (or something like this).
Rowland
Andy Smith
Jan 15, 2016, 10:00:05 AM1/15/16
to
On 2016-01-15, ROWLAND PENNY wrote:
> Try running 'samba -b' this will show you where the AD DC expects to
> find things, you should be able to work out from there what needs
> changing on your system.
I ran samba-tool with debug 9 and I think the issue is where it tries to
create the sysvol volume, so I've created a new ZFS file system there
and applied the following two options:
aclmode=passthrough
aclinherit=passthrough
Andy Smith
Jan 15, 2016, 10:20:04 AM1/15/16
to
On 2016-01-15 15:22, Andy Smith wrote:
> On 2016-01-15, ROWLAND PENNY wrote:
>
>> Try running 'samba -b' this will show you where the AD DC expects to
>> find things, you should be able to work out from there what needs
>> changing on your system.
>
> Ok thanks. I wasn't sure which of the listed directories was important. I ran samba-tool with debug 9 and I think the issue is where it tries to create the sysvol volume, so I've created a new ZFS file system there and applied the following two options:
>
> aclmode=passthrough
>
> aclinherit=passthrough
I then re-ran the provisioning with the option -use-ntvfs and it
completes successfully.
I was still getting errors from wbinfo but turns out some old winbindd
daemons were hanging around so in the end it seems to be working. Have
been able to authenticate from a Windows machine to IPC$ and see the
sysvol and netlogon volumes.
thanks for your help! Andy.
0 new messages