Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Re: [Samba] FreeBSD-11 Samba44 DNS
339 views
Skip to first unread message
Rowland Penny via samba
Feb 9, 2017, 2:40:03 PM2/9/17
to
On Thu, 9 Feb 2017 14:28:19 -0500
"James B. Byrne via samba" <sa...@lists.samba.org> wrote:
> I have provisioned an AD-DC using Samba-v.4.4 on a FreeBSD-11.0 host.
> For some reason this DC is not listening on port 53. The
> configuration file has this entry:
>
> server role = active directory domain controller
>
> On our current AD-DC which is a Samba-4.3 service Samba listens on 53.
> But it does not do so for the 4.4 version. Both services were
> provisioned in much the same fashion.
>
> Did something change? Have I overlooked something?
>
No, can you post your smb4.conf
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
"James B. Byrne via samba" <sa...@lists.samba.org> wrote:
> I have provisioned an AD-DC using Samba-v.4.4 on a FreeBSD-11.0 host.
> For some reason this DC is not listening on port 53. The
> configuration file has this entry:
>
> server role = active directory domain controller
>
> On our current AD-DC which is a Samba-4.3 service Samba listens on 53.
> But it does not do so for the 4.4 version. Both services were
> provisioned in much the same fashion.
>
> Did something change? Have I overlooked something?
>
No, can you post your smb4.conf
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
James B. Byrne via samba
Feb 9, 2017, 2:40:03 PM2/9/17
to
I have provisioned an AD-DC using Samba-v.4.4 on a FreeBSD-11.0 host.
For some reason this DC is not listening on port 53. The
configuration file has this entry:
server role = active directory domain controller
On our current AD-DC which is a Samba-4.3 service Samba listens on 53.
But it does not do so for the 4.4 version. Both services were
provisioned in much the same fashion.
Did something change? Have I overlooked something?
--
For some reason this DC is not listening on port 53. The
configuration file has this entry:
server role = active directory domain controller
On our current AD-DC which is a Samba-4.3 service Samba listens on 53.
But it does not do so for the 4.4 version. Both services were
provisioned in much the same fashion.
Did something change? Have I overlooked something?
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:Byr...@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
James B. Byrne via samba
Feb 9, 2017, 2:50:03 PM2/9/17
to
Well, I have discovered the proximate cause of why samba-4.4 is not
listening on 53. It is because the DNS service dies due to missing
files in /var/db/samba4/private/. Specifically dns_update_list. There
are a number of missing files in the samba error logs.
No such file or directory: '/var/db/samba4/private/spn_update_list'
No such file or directory: '/var/db/samba4/private/dns_update_list
Also these files are present on the samba-4.3 server but not on the
samba-4.4.
dns_update_cache
hklm.ldb
randseed.tbd
secrets.keytab
I have no recollection or notes respecting having to manually copy or
create these files. Nor can I find a reference to dns_update_list on
the Samba wiki.
Comments welcome.
listening on 53. It is because the DNS service dies due to missing
files in /var/db/samba4/private/. Specifically dns_update_list. There
are a number of missing files in the samba error logs.
No such file or directory: '/var/db/samba4/private/spn_update_list'
No such file or directory: '/var/db/samba4/private/dns_update_list
Also these files are present on the samba-4.3 server but not on the
samba-4.4.
dns_update_cache
hklm.ldb
randseed.tbd
secrets.keytab
I have no recollection or notes respecting having to manually copy or
create these files. Nor can I find a reference to dns_update_list on
the Samba wiki.
Comments welcome.
Rowland Penny via samba
Feb 9, 2017, 3:10:02 PM2/9/17
to
On Thu, 9 Feb 2017 14:40:02 -0500
them for you. How did you provision ?
Rowland
> Well, I have discovered the proximate cause of why samba-4.4 is not
> listening on 53. It is because the DNS service dies due to missing
> files in /var/db/samba4/private/. Specifically dns_update_list. There
> are a number of missing files in the samba error logs.
>
>
> No such file or directory: '/var/db/samba4/private/spn_update_list'
> No such file or directory: '/var/db/samba4/private/dns_update_list
>
> Also these files are present on the samba-4.3 server but not on the
> samba-4.4.
>
> dns_update_cache
> hklm.ldb
> randseed.tbd
> secrets.keytab
>
> I have no recollection or notes respecting having to manually copy or
> create these files. Nor can I find a reference to dns_update_list on
> the Samba wiki.
>
> Comments welcome.
>
>
You shouldn't have to create these files, the provision should create
> listening on 53. It is because the DNS service dies due to missing
> files in /var/db/samba4/private/. Specifically dns_update_list. There
> are a number of missing files in the samba error logs.
>
>
> No such file or directory: '/var/db/samba4/private/spn_update_list'
> No such file or directory: '/var/db/samba4/private/dns_update_list
>
> Also these files are present on the samba-4.3 server but not on the
> samba-4.4.
>
> dns_update_cache
> hklm.ldb
> randseed.tbd
> secrets.keytab
>
> I have no recollection or notes respecting having to manually copy or
> create these files. Nor can I find a reference to dns_update_list on
> the Samba wiki.
>
> Comments welcome.
>
>
them for you. How did you provision ?
Rowland
James B. Byrne via samba
Feb 9, 2017, 5:00:03 PM2/9/17
to
I touched the two missing files
/var/db/samba4/private/dns_update_list
/var/db/samba4/private/spn_update_list
And restarted the Samba44 service. This is what I see now:
[2017/02/09 15:48:47.507874, 0]
../source4/smbd/server.c:372(binary_smbd_main)
samba version 4.4.8 started.
Copyright Andrew Tridgell and the Samba Team 1992-2016
[2017/02/09 15:48:47.922389, 0]
../source4/smbd/server.c:481(binary_smbd_main)
samba: using 'standard' process model
[2017/02/09 15:48:47.952177, 0]
../lib/util/become_daemon.c:124(daemon_ready)
STATUS=daemon 'samba' finished starting up and ready to serve
connections
[2017/02/09 15:48:48.140769, 0]
../source4/smbd/service_task.c:35(task_server_terminate)
task_server_terminate: [Failed to obtain server credentials, perhaps
a standalone server?: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
]
[2017/02/09 15:48:48.148810, 0]
../source4/smbd/server.c:211(samba_terminate)
samba_terminate: Failed to obtain server credentials, perhaps a
standalone server?: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
[2017/02/09 15:48:49.385050, 0]
../source4/winbind/winbindd.c:47(winbindd_done)
winbindd daemon died with exit status 1
[2017/02/09 15:48:49.386525, 0]
../source4/smbd/service_task.c:35(task_server_terminate)
task_server_terminate: [winbindd child process exited]
SO, the DNS service is terminating in an error state. What I cannot
tell is why it is happening and whether or not this is expected
behaviour for a stand-alone server. I have not attempted to join this
server to the domain and do not intend doing so until I have
identified and resolved all of the currently evident problems.
Comments welcomed.
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:Byr...@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
/var/db/samba4/private/dns_update_list
/var/db/samba4/private/spn_update_list
And restarted the Samba44 service. This is what I see now:
[2017/02/09 15:48:47.507874, 0]
../source4/smbd/server.c:372(binary_smbd_main)
samba version 4.4.8 started.
Copyright Andrew Tridgell and the Samba Team 1992-2016
[2017/02/09 15:48:47.922389, 0]
../source4/smbd/server.c:481(binary_smbd_main)
samba: using 'standard' process model
[2017/02/09 15:48:47.952177, 0]
../lib/util/become_daemon.c:124(daemon_ready)
STATUS=daemon 'samba' finished starting up and ready to serve
connections
[2017/02/09 15:48:48.140769, 0]
../source4/smbd/service_task.c:35(task_server_terminate)
task_server_terminate: [Failed to obtain server credentials, perhaps
a standalone server?: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
]
[2017/02/09 15:48:48.148810, 0]
../source4/smbd/server.c:211(samba_terminate)
samba_terminate: Failed to obtain server credentials, perhaps a
standalone server?: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
[2017/02/09 15:48:49.385050, 0]
../source4/winbind/winbindd.c:47(winbindd_done)
winbindd daemon died with exit status 1
[2017/02/09 15:48:49.386525, 0]
../source4/smbd/service_task.c:35(task_server_terminate)
task_server_terminate: [winbindd child process exited]
SO, the DNS service is terminating in an error state. What I cannot
tell is why it is happening and whether or not this is expected
behaviour for a stand-alone server. I have not attempted to join this
server to the domain and do not intend doing so until I have
identified and resolved all of the currently evident problems.
Comments welcomed.
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:Byr...@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
Rowland Penny via samba
Feb 9, 2017, 5:10:02 PM2/9/17
to
On Thu, 9 Feb 2017 16:48:09 -0500
Can I suggest you run the provision again, but this time like this:
samba-tool domain provision --use-rfc2307 --interactive
Rowland
samba-tool domain provision --use-rfc2307 --interactive
Rowland
Rowland Penny via samba
Feb 10, 2017, 5:10:03 AM2/10/17
to
On Thu, 9 Feb 2017 20:17:11 -0500
"James B. Byrne" <byr...@harte-lyne.ca> wrote:
>
> Does this mean that I have missed a step in provisioning? Or does it
> mean there is a defect in the packaging for FreeBSD?
>
I am wondering if you have actually fully provisioned. I have tried to
provision samba44 and, for some reason, it will not run the
provision command unless I run it interactively and when I do, it
segfaults.
Rowland
"James B. Byrne" <byr...@harte-lyne.ca> wrote:
>
> Does this mean that I have missed a step in provisioning? Or does it
> mean there is a defect in the packaging for FreeBSD?
>
I am wondering if you have actually fully provisioned. I have tried to
provision samba44 and, for some reason, it will not run the
provision command unless I run it interactively and when I do, it
segfaults.
Rowland
Alnis Morics via samba
Feb 10, 2017, 10:50:03 AM2/10/17
to
On 02/10/2017 11:57, Rowland Penny via samba wrote:
> On Thu, 9 Feb 2017 20:17:11 -0500
> "James B. Byrne" <byr...@harte-lyne.ca> wrote:
>
>
>>
>> Does this mean that I have missed a step in provisioning? Or does it
>> mean there is a defect in the packaging for FreeBSD?
>>
>
> I am wondering if you have actually fully provisioned. I have tried to
> provision samba44 and, for some reason, it will not run the
> provision command unless I run it interactively and when I do, it
> segfaults.
>
> Rowland
>
>
FreeBSD 11.0-RELEASE-p7. With samba43 it worked successfully (it had
this problem previously, too). As for samba44, I could provision it on
an i386 architecture, but on amd64 it segfaulted as usually.
When built from source, 4.4.9 doesn't segfault at provisioning on either
architecture, so that's what I use for now.
Alnis
Rowland Penny via samba
Feb 10, 2017, 11:10:03 AM2/10/17
to
On Fri, 10 Feb 2017 17:46:23 +0200
Alnis Morics via samba <sa...@lists.samba.org> wrote:
> I also tried now to install and provision both samba43 and samba44 on
> FreeBSD 11.0-RELEASE-p7. With samba43 it worked successfully (it had
> this problem previously, too). As for samba44, I could provision it
> on an i386 architecture, but on amd64 it segfaulted as usually.
>
> When built from source, 4.4.9 doesn't segfault at provisioning on
> either architecture, so that's what I use for now.
That's interesting, I never thought to ask the OP what arch he was
Alnis Morics via samba <sa...@lists.samba.org> wrote:
> I also tried now to install and provision both samba43 and samba44 on
> FreeBSD 11.0-RELEASE-p7. With samba43 it worked successfully (it had
> this problem previously, too). As for samba44, I could provision it
> on an i386 architecture, but on amd64 it segfaulted as usually.
>
> When built from source, 4.4.9 doesn't segfault at provisioning on
> either architecture, so that's what I use for now.
using and if he mentioned it, I never noticed.
I have managed to provision a DC in an x86_64 VM using samba43, but
using samba44, it segfaults
Rowland
0 new messages