On 12/02/15 02:43, soonerdave wrote:> As promised, I'm posting the smb.conf files for the two servers in
question.
>
> One minor correction I should offer is that the new SAMBA server will be
> version 4.1, not 4.0.
>
> Following is SMB.CONF for the current PDC, which is Samba 3.3.4 on
Slackware
> 13.
> I've omitted all share definitions to allow focus more on the
configuration
> side. Actual
> server/domain names have been omitted.
> -----------------------------------------------------
> #======================= Global Settings
> ====================================> [global]
> browsable = yes
>
> # workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
> workgroup = *OMITTED*
>
> # netbios name = Name of Samba machine as set on eth1
> netbios name = *OMITTED*
>
> # server string is the equivalent of the NT Description field
> server string = PDC
> host msdfs = no
>
> preferred master = yes
> # This option is important for security. It allows you to restrict
>
> # connections to machines which are on your local network. The
> # following example restricts access to two C class networks and
> # the "loopback" interface. For more examples of the syntax see
> # the smb.conf man page
>
> interfaces = eth0 127.0.0.1
> hosts allow = 10.10.10.0/24 127.0.0.1
> bind interfaces only = yes
>
> # If you want to automatically load your printer list rather
> # than setting them up individually then you'll need this
> load printers = no
>
> # you may wish to override the location of the printcap file
> #; printcap name = /dev/null
>
> # on SystemV system setting printcap name to lpstat should allow
> # you to automatically obtain a printer list from the SystemV spool
> # system
> #; printcap name = lpstat
>
> # It should not be necessary to specify the print system type unless
> # it is non-standard. Currently supported print systems include:
> # bsd, sysv, plp, lprng, aix, hpux, qnx
> ; printing = bsd
>
> # Uncomment this if you want a guest account, you must add this to
> /etc/passwd
> # otherwise the user "nobody" is used
> ; guest account = pcguest
>
> # this tells Samba to use a separate log file for each machine
> # that connects
> log file = /var/log/samba.%m
>
> # Put a capping on the size of the log files (in Kb).
> max log size = 100
> #winbind configuration
> idmap uid = 10000-20000
> idmap gid = 10000-20000
>
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = yes
> # Set loggingn level
> log level = 0
>
> # Security mode. Most people will want user level security. See
> # security_level.txt for details. NOTE: To get the behaviour of
> # Samba-1.9.18, you'll need to use "security = share".
> security = user
> # Use password server option only with security = server
> ; password server = <NT-Server-Name>
>
> # You may wish to use password encryption. Please read
> # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
> # Do not enable this option unless you have read those documents
> encrypt passwords = yes
> smb passwd file = /etc/samba/private/smbpasswd
> server signing = auto
> client signing = auto
>
> # Using the following line enables you to customise your configuration
> # on a per machine basis. The %m gets replaced with the netbios name
> # of the machine that is connecting
> ; include = /usr/local/samba/lib/smb.conf.%m
>
> # Most people will find that this option gives better performance.
> # See speed.txt and the manual pages for details
> socket options = TCP_NODELAY
>
> # Configure Samba to use multiple interfaces
> # If you have multiple network interfaces then you must list them
> # here. See the man page for details.
>
> # Browser Control Options:
> # set local master to no if you don't want Samba to become a master
> # browser on your network. Otherwise the normal election rules apply
> local master = yes
>
> # OS Level determines the precedence of this server in master browser
> # elections. The default value should be reasonable
> os level = 99
>
> # Domain Master specifies Samba to be the Domain Master Browser. This
> # allows Samba to collate browse lists between subnets. Don't use this
> # if you already have a Windows NT domain controller doing this job
> domain master = yes
>
> # Preferred Master causes Samba to force a local browser election on
startup
> # and gives it a slightly higher chance of winning the election
> preferred master = yes
>
> # Use only if you have an NT server on your network that has been
> # configured at install time to be a primary domain controller.
> ; domain controller = <NT-Domain-Controller-SMBName>
>
> # Enable this if you want Samba to be a domain logon server for
> # Windows95 workstations.
> domain logons = yes
>
> # if you enable domain logons then you may want a per-machine or
> # per user logon script
> # run a specific logon batch file per workstation (machine)
> #; logon script = %m.bat
> # run a specific logon batch file per username
>
> ; logon script = scripts\logon.bat %U
>
> # no anonymous browsing of shares
> guest ok = no
>
> # Where to store roving profiles (only for Win95 and WinNT)
> # %L substitutes for this servers netbios name, %U is username
> # You must uncomment the [Profiles] share below
> ; logon path = \\%L\Profiles\%U
> logon path > # Windows Internet Name Serving Support Section:
> # WINS Support - Tells the NMBD component of Samba to enable it's WINS
> Server
> wins support = yes
> # WINS Server - Tells the NMBD components of Samba to be a WINS Client
> # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
> ; wins server = w.x.y.z
>
> # WINS Proxy - Tells Samba to answer name resolution queries on
> # behalf of a non WINS capable client, for this to work there must be
> # at least one WINS Server on the network. The default is NO.
> wins proxy = yes
>
> # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
> # via DNS nslookups. The built-in default for versions 1.9.17 is yes,
> # this has been changed in version 1.9.18 to no.
> dns proxy = no
> ;
>
> time server = no
>
> logon drive = m:
>
> #============================ Share Definitions
> =============================> [homes]
> comment = Home Directories
> path = /nas/home/%S
> browseable = no
> writable = yes
> read only = no
> create mode = 2775
> directory mode = 2775
>
> # Un-comment the following and create the netlogon directory for Domain
> Logons
> [netlogon]
> comment = Network Logon Service
> path = /usr/local/samba/lib/netlogon
> writeable = yes
> public = no
> browsable = no
> guest ok = no
>
>
> ------------------------------------
>
> Following is the smb.conf of the NEW Samba 4.1 I am attempting to set up as
> a BDC,
> with the intent of dcpromo to PDC and retiring the old server. Again,
server
> names/shares
> are omitted.
> -------------------------------------
> #======================= Global Settings
> ====================================> [global]
>
> # workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
> workgroup = **OMITTED**
>
> # server string is the equivalent of the NT Description field
> server string = BDC
> client schannel = no
>
> netbios name = **OMITTED**
>
> client use spnego = yes
> # Server role. Defines in which mode Samba will operate. Possible
> # values are "standalone server", "member server",
"classic primary
> # domain controller", "classic backup domain controller",
"active
> # directory domain controller".
> #
> # Most people will want "standalone sever" or "member
server".
> # Running as "active directory domain controller" will require
first
> # running "samba-tool domain provision" to wipe databases and
create a
> # new domain.
> server role = classic backup domain controller
>
> # This option is important for security. It allows you to restrict
> # connections to machines which are on your local network. The
> # following example restricts access to two C class networks and
> # the "loopback" interface. For more examples of the syntax see
> # the smb.conf man page
> interfaces = 10.10.10.0/24 127.0.0.1/255.0.0.0
> hosts allow = 10.10.10.0/24 127.0.0.1
> bind interfaces only = yes
>
> # Uncomment this if you want a guest account, you must add this to
> /etc/passwd
> # otherwise the user "nobody" is used
> ; guest account = pcguest
>
> # this tells Samba to use a separate log file for each machine
> # that connects
> log file = /var/log/samba.%m
>
> # Put a capping on the size of the log files (in Kb).
> max log size = 500
>
> domain master = no
> # Specifies the Kerberos or Active Directory realm the host is part of
> ; realm = MY_REALM
>
> # winbind config
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = yes
>
> # Set logging level
> log level = 10
>
> # Backend to store user information in. New installations should
> # use either tdbsam or ldapsam. smbpasswd is available for backwards
> # compatibility. tdbsam requires no further configuration.
> passdb backend = smbpasswd
>
> # Using the following line enables you to customise your configuration
> # on a per machine basis. The %m gets replaced with the netbios name
> # of the machine that is connecting.
> # Note: Consider carefully the location in the configuration file of
> # this line. The included file is read at that point.
> ; include = /usr/local/samba/lib/smb.conf.%m
>
> # Configure Samba to use multiple interfaces
> # If you have multiple network interfaces then you must list them
> # here. See the man page for details.
> ; interfaces = 192.168.12.2/24 192.168.13.2/24
>
> # Where to store roving profiles (only for Win95 and WinNT)
> # %L substitutes for this servers netbios name, %U is username
> # You must uncomment the [Profiles] share below
> ; logon path = \\%L\Profiles\%U
>
> # Windows Internet Name Serving Support Section:
> # WINS Support - Tells the NMBD component of Samba to enable it's WINS
> Server
> wins support = no
>
> # WINS Server - Tells the NMBD components of Samba to be a WINS Client
> # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
> ; wins server = w.x.y.z
>
> # WINS Proxy - Tells Samba to answer name resolution queries on
> # behalf of a non WINS capable client, for this to work there must be
> # at least one WINS Server on the network. The default is NO.
> wins proxy = yes
>
> # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
> # via DNS nslookups. The default is NO.
> dns proxy = no
>
> # Security
> security = user
>
> encrypt passwords = yes
> smb passwd file = /etc/samba/private/smbpasswd
> server signing = auto
> client signing = auto
>
> # These scripts are used on a domain controller or stand-alone
> # machine to add or delete corresponding unix accounts
> ; add user script = /usr/sbin/useradd %u
> ; add group script = /usr/sbin/groupadd %g
> ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d
> /dev/null -s /bin/false %u
> ; delete user script = /usr/sbin/userdel %u
> ; delete user from group script = /usr/sbin/deluser %u %g
> ; delete group script = /usr/sbin/groupdel %g
>
>
> #============================ Share Definitions
> =============================> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
> path = /usr/local
>
> # Un-comment the following and create the netlogon directory for Domain
> Logons
> [netlogon]
> comment = Network Logon Service
> path = /usr/local/samba/lib/netlogon
> guest ok = no
> writable = no
> share modes = no
>
>
> ------
> Here is the result of my effort to run net rpc vampire:
>
> root at xxxxxxxx:/etc/samba# net rpc vampire -S omitted_host -W
omitted_domain
> Enter root password:
> DC is not running Active Directory
> Fetching (to passdb) DOMAIN database
> Segmentation fault
>
> -----
> Here's the tail of the samba.hostname log from the PDC for that vampire
> attempt:
>
> [2015/02/11 20:39:37, 0]
> libsmb/smb_signing.c:srv_check_incoming_message(754)
> srv_check_incoming_message: BAD SIG: seq 2 wanted SMB signature of
> [2015/02/11 20:39:37, 0]
> libsmb/smb_signing.c:srv_check_incoming_message(758)
> srv_check_incoming_message: BAD SIG: seq 2 got SMB signature of
> [2015/02/11 20:39:52, 0]
> libsmb/smb_signing.c:srv_check_incoming_message(754)
> srv_check_incoming_message: BAD SIG: seq 2 wanted SMB signature of
> [2015/02/11 20:39:52, 0]
> libsmb/smb_signing.c:srv_check_incoming_message(758)
> srv_check_incoming_message: BAD SIG: seq 2 got SMB signature of
>
> --
> Here is the attempt to perform a basic wbinfo -p from the PDC:
> Ping to winbindd failed
> could not ping winbindd!
>
> Here is the strace output of the same wbinfo -p command
> -----
> execve("/usr/bin/wbinfo", ["wbinfo", "-p"],
[/* 33 vars */]) = 0
> brk(0) = 0xb7fb7000
> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file
or
> directory)
> open("/etc/ld.so.cache", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=146816, ...}) = 0
> mmap2(NULL, 146816, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7eb8000
> close(3) = 0
> open("/lib/libcrypt.so.1", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0
> \7\0\0004\0\0\0,"..., 512) = 512
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7eb7000
> fstat64(3, {st_mode=S_IFREG|0755, st_size=42595, ...}) = 0
> mmap2(NULL, 201052, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e85000
> mmap2(0xb7e8e000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8) = 0xb7e8e000
> mmap2(0xb7e90000, 155996, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7e90000
> close(3) = 0
> open("/lib/libcap.so.2", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\16\0\0004\0\0\0\374"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=14820, ...}) = 0
> mmap2(NULL, 17552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e80000
> mmap2(0xb7e84000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb7e84000
> close(3) = 0
> open("/lib/libresolv.so.2", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@&\0\0004\0\0\0\330"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=86867, ...}) = 0
> mmap2(NULL, 88132, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e6a000
> mmap2(0xb7e7c000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11) = 0xb7e7c000
> mmap2(0xb7e7e000, 6212, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7e7e000
> close(3) = 0
> open("/lib/libnsl.so.1", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p1\0\0004\0\0\0\254"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=105131, ...}) = 0
> mmap2(NULL, 100328, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e51000
> mmap2(0xb7e66000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14) = 0xb7e66000
> mmap2(0xb7e68000, 6120, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7e68000
> close(3) = 0
> open("/lib/libdl.so.2", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0
> \n\0\0004\0\0\0\\"..., 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=13419, ...}) = 0
> mmap2(NULL, 12408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e4d000
> mmap2(0xb7e4f000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7e4f000
> close(3) = 0
> open("/usr/lib/libldap-2.3.so.0", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0\216\0\0004\0\0\0\250"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=223120, ...}) = 0
> mmap2(NULL, 220968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e17000
> mmap2(0xb7e4c000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x35) = 0xb7e4c000
> close(3) = 0
> open("/usr/lib/liblber-2.3.so.0", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0#\0\0004\0\0\0@"...,
512)
> = 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=46080, ...}) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7e16000
> mmap2(NULL, 48824, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e0a000
> mmap2(0xb7e15000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa) = 0xb7e15000
> close(3) = 0
> open("/usr/lib/libpopt.so.0", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\20\0\0004\0\0\0D"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=25604, ...}) = 0
> mmap2(NULL, 28432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7e03000
> mmap2(0xb7e09000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5) = 0xb7e09000
> close(3) = 0
> open("/usr/lib/libtalloc.so.1", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\22\0\0004\0\0\0\324"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=30100, ...}) = 0
> mmap2(NULL, 29152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7dfb000
> mmap2(0xb7e01000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7e01000
> close(3) = 0
> open("/usr/lib/libtdb.so.1", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\26\0\0004\0\0\0\250"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=46736, ...}) = 0
> mmap2(NULL, 49704, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7dee000
> mmap2(0xb7df9000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa) = 0xb7df9000
> close(3) = 0
> open("/usr/lib/libwbclient.so.0", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\25\0\0004\0\0\0\214"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=26188, ...}) = 0
> mmap2(NULL, 29248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7de6000
> mmap2(0xb7dec000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5) = 0xb7dec000
> close(3) = 0
> open("/lib/libc.so.6", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0h\1\0004\0\0\0\214"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=1658350, ...}) = 0
> mmap2(NULL, 1439312, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7c86000
> mmap2(0xb7de0000, 12288, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15a) = 0xb7de0000
> mmap2(0xb7de3000, 9808, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7de3000
> close(3) = 0
> open("/lib/libattr.so.1", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\r\0\0004\0\0\0,"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=14396, ...}) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7c85000
> mmap2(NULL, 17076, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7c80000
> mmap2(0xb7c84000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb7c84000
> close(3) = 0
> open("/usr/local/lib/libsasl2.so.2", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\00001\0\0004\0\0\0T"...,
512)
> = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=303680, ...}) = 0
> mmap2(NULL, 92200, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7c69000
> mmap2(0xb7c7f000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0xb7c7f000
> close(3) = 0
> open("/usr/lib/libssl.so.0", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\273\0\0004\0\0\0D"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0555, st_size=283948, ...}) = 0
> mmap2(NULL, 286136, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7c23000
> mmap2(0xb7c65000, 16384, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x41) = 0xb7c65000
> close(3) = 0
> open("/usr/lib/libcrypto.so.0", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300p\3\0004\0\0\0\4"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0555, st_size=1350420, ...}) = 0
> mmap2(NULL, 1356632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7ad7000
> mmap2(0xb7c0a000, 90112, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x132) = 0xb7c0a000
> mmap2(0xb7c20000, 9048, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7c20000
> mprotect(0xbfaaf000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC|PROT_GROWSDOWN)
> 0
> close(3) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7ad6000
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7ad5000
> set_thread_area({entry_number:-1 -> 6, base_addr:0xb7ad56c0,
limit:1048575,
> seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1,
> seg_not_present:0, useable:1}) = 0
> mprotect(0xb7de0000, 8192, PROT_READ) = 0
> mprotect(0xb7dec000, 4096, PROT_READ) = 0
> mprotect(0xb7df9000, 4096, PROT_READ) = 0
> mprotect(0xb7e01000, 4096, PROT_READ) = 0
> mprotect(0xb7e4f000, 4096, PROT_READ) = 0
> mprotect(0xb7e66000, 4096, PROT_READ) = 0
> mprotect(0xb7e7c000, 4096, PROT_READ) = 0
> mprotect(0xb7e8e000, 4096, PROT_READ) = 0
> mprotect(0xb7faf000, 8192, PROT_READ) = 0
> mprotect(0xb7efa000, 4096, PROT_READ) = 0
> munmap(0xb7eb8000, 146816) = 0
> brk(0) = 0xb7fb7000
> brk(0xb7fd8000) = 0xb7fd8000
> open("/usr/local/samba/lib/upcase.dat", O_RDONLY|O_LARGEFILE) = 3
> mmap2(NULL, 131072, PROT_READ, MAP_SHARED, 3, 0) = 0xb7ebc000
> close(3) = 0
> open("/usr/local/samba/lib/lowcase.dat", O_RDONLY|O_LARGEFILE) =
3
> mmap2(NULL, 131072, PROT_READ, MAP_SHARED, 3, 0) = 0xb7ab5000
> close(3) = 0
> uname({sys="Linux", node="liberty", ...}) = 0
> stat64("/usr/local/samba/lib/smb.conf", {st_mode=S_IFREG|0644,
> st_size=11660, ...}) = 0
> open("/usr/local/samba/lib/smb.conf", O_RDONLY|O_LARGEFILE) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=11660, ...}) = 0
> read(3, "# This is the main Samba configur"..., 11660) = 11660
> close(3) = 0
> open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = -1
ENOENT (No
> such file or directory)
> open("/usr/share/locale/locale.alias", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7ebb000
> read(3, "# Locale name alias data base.\n# "..., 4096) = 2570
> read(3, ""..., 4096) = 0
> close(3) = 0
> munmap(0xb7ebb000, 4096) = 0
> open("/usr/lib/locale/en_US/LC_IDENTIFICATION", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=378, ...}) = 0
> mmap2(NULL, 378, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ebb000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_MEASUREMENT", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=28, ...}) = 0
> mmap2(NULL, 28, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7eba000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_TELEPHONE", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=64, ...}) = 0
> mmap2(NULL, 64, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7eb9000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_ADDRESS", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=160, ...}) = 0
> mmap2(NULL, 160, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7eb8000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_NAME", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=82, ...}) = 0
> mmap2(NULL, 82, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ab4000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_PAPER", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=39, ...}) = 0
> mmap2(NULL, 39, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ab3000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_MESSAGES", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_MESSAGES/SYS_LC_MESSAGES",
O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=57, ...}) = 0
> mmap2(NULL, 57, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ab2000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_MONETARY", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=291, ...}) = 0
> mmap2(NULL, 291, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ab1000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_TIME", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=2459, ...}) = 0
> mmap2(NULL, 2459, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ab0000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_NUMERIC", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=59, ...}) = 0
> mmap2(NULL, 59, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7aaf000
> close(3) = 0
> open("/usr/lib/locale/en_US/LC_CTYPE", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=221732, ...}) = 0
> mmap2(NULL, 221732, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7a78000
> close(3) = 0
> open("/usr/lib/gconv/gconv-modules.cache", O_RDONLY) = -1 ENOENT
(No such
> file or directory)
> open("/usr/lib/gconv/gconv-modules", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=56028, ...}) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7a77000
> read(3, "# GNU libc iconv configuration.\n#"..., 4096) = 4096
> read(3, "B1.002//\nalias\tJS//\t\t\tJUS_I.B1.00"..., 4096) = 4096
> read(3, "59-3\t1\nmodule\tINTERNAL\t\tISO-8859-"..., 4096) = 4096
> read(3, "859-14//\nalias\tISO-IR-199//\t\tISO-"..., 4096) = 4096
> read(3, "CDIC-DK-NO-A//\tEBCDIC-DK-NO-A\t1\n\n"..., 4096) = 4096
> read(3, "\t\tIBM281//\t\tIBM281\t\t1\n\n#\tfrom\t\t\tt"..., 4096)
= 4096
> read(3, "\tIBM863\t\t1\n\n#\tfrom\t\t\tto\t\t\tmodule\t"...,
4096) = 4096
> read(3, "//\t\tIBM937//\nalias\tCSIBM937//\t\tIB"..., 4096) =
4096
> read(3, "JAPANESE//\tEUC-JP//\nalias\tOSF0003"..., 4096) = 4096
> read(3, "MACINTOSH//\t\tMACINTOSH\t1\n\n#\tfrom\t"..., 4096) =
4096
> read(3, "367-BOX//\nalias\tISO_10367BOX//\t\tI"..., 4096) = 4096
> read(3, "EUC-JISX0213//\t\tINTERNAL\t\tEUC-JIS"..., 4096) = 4096
> read(3, "/\t\tIBM1130//\nalias\tCSIBM1130//\t\tI"..., 4096) =
4096
> read(3, "\t1\n\n#\tfrom\t\t\tto\t\t\tmodule\t\tcost\nal"...,
4096) = 2780
> read(3, ""..., 4096) = 0
> close(3) = 0
> munmap(0xb7a77000, 4096) = 0
> open("/usr/lib/gconv/IBM850.so", O_RDONLY) = 3
> read(3,
>
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\3\0\0004\0\0\0D"...,
512)
> = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=11131, ...}) = 0
> mmap2(NULL, 12316, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7a74000
> mmap2(0xb7a76000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7a76000
> close(3) = 0
> mprotect(0xb7a76000, 4096, PROT_READ) = 0
> open("/usr/lib/gconv/UTF-16.so", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0
> \4\0\0004\0\0\0P"..., 512) = 512
> fstat64(3, {st_mode=S_IFREG|0755, st_size=11174, ...}) = 0
> mmap2(NULL, 12328, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> 0xb7a70000
> mmap2(0xb7a72000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7a72000
> close(3) = 0
> mprotect(0xb7a72000, 4096, PROT_READ) = 0
> brk(0xb7ffc000) = 0xb7ffc000
> brk(0xb8024000) = 0xb8024000
> brk(0xb8045000) = 0xb8045000
> open("/usr/local/samba/lib/valid.dat", O_RDONLY|O_LARGEFILE) = 3
> mmap2(NULL, 65536, PROT_READ, MAP_SHARED, 3, 0) = 0xb7a60000
> close(3) = 0
> socket(PF_NETLINK, SOCK_RAW, 0) = 3
> bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
> getsockname(3, {sa_family=AF_NETLINK, pid=7687, groups=00000000}, [12]) = 0
> time(NULL) = 1423709100
> sendto(3, "\24\0\0\0\22\0\1\3\254\23\334T\0\0\0\0\0\0\0\0"...,
20, 0,
> {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"\354\0\0\0\20\0\2\0\254\23\334T\7\36\0\0\0\0\4\3\1\0\0\0I\0\1\0\0\0\0\0\7"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 480
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"\24\0\0\0\3\0\2\0\254\23\334T\7\36\0\0\0\0\0\0\1\0\0\0I\0\1\0\0\0\0\0\7"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
> sendto(3, "\24\0\0\0\26\0\1\3\255\23\334T\0\0\0\0\0\0\0\0"...,
20, 0,
> {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"0\0\0\0\24\0\2\0\255\23\334T\7\36\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1\10"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 108
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"@\0\0\0\24\0\2\0\255\23\334T\7\36\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0\0"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 128
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"\24\0\0\0\3\0\2\0\255\23\334T\7\36\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0\0"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
> close(3) = 0
> socket(PF_NETLINK, SOCK_RAW, 0) = 3
> bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
> getsockname(3, {sa_family=AF_NETLINK, pid=7687, groups=00000000}, [12]) = 0
> time(NULL) = 1423709100
> sendto(3, "\24\0\0\0\26\0\1\3\254\23\334T\0\0\0\0\0\0\0\0"...,
20, 0,
> {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"0\0\0\0\24\0\2\0\254\23\334T\7\36\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1\10"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 108
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"@\0\0\0\24\0\2\0\254\23\334T\7\36\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0\0"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 128
> recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
>
msg_iov(1)=[{"\24\0\0\0\3\0\2\0\254\23\334T\7\36\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0\0"...,
> 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
> close(3) = 0
> getpid() = 7687
> lstat64("/tmp/.winbindd", {st_mode=S_IFDIR|0755, st_size=4096,
...}) = 0
> lstat64("/tmp/.winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0,
...}) = 0
> socket(PF_FILE, SOCK_STREAM, 0) = 3
> fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
> fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
> fcntl64(3, F_GETFD) = 0
> fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
> connect(3, {sa_family=AF_FILE, path="/tmp/.winbindd/pipe"...},
110) = 0
> select(4, [3], NULL, NULL, {0, 0}) = 0 (Timeout)
> write(3,
>
"0\10\0\0\0\0\0\0\0\0\0\0\7\36\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 2096) = 2096
> select(4, [3], NULL, NULL, {5, 0}) = 1 (in [3], left {4, 999997})
> read(3,
>
"\250\r\0\0\2\0\0\0\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 3496) = 3496
> close(3) = 0
> stat64("/usr/local/samba/lib/en_US.msg", {st_mode=S_IFREG|0644,
> st_size=10533, ...}) = 0
> stat64("/usr/local/samba/var/locks", {st_mode=S_IFDIR|0755,
st_size=4096,
> ...}) = 0
> open("/usr/local/samba/var/locks/lang_en_US.tdb",
> O_RDWR|O_CREAT|O_LARGEFILE, 0644) = 3
> fcntl64(3, F_GETFD) = 0
> fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
> fcntl64(3, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1},
> 0xbfaac374) = 0
> read(3, "TDB
file\n\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0m"..., 168)
> = 168
> fstat64(3, {st_mode=S_IFREG|0644, st_size=12288, ...}) = 0
> mmap2(NULL, 12288, PROT_READ|PROT_WRITE, MAP_SHARED, 3, 0) = 0xb7a5d000
> fcntl64(3, F_SETLKW64, {type=F_UNLCK, whence=SEEK_SET, start=0, len=1},
> 0xbfaac374) = 0
> fcntl64(3, F_SETLKW64, {type=F_RDLCK, whence=SEEK_SET, start=240, len=1},
> 0xbfaac314) = 0
> fcntl64(3, F_SETLKW64, {type=F_UNLCK, whence=SEEK_SET, start=240, len=1},
> 0xbfaac384) = 0
> fcntl64(3, F_SETLKW64, {type=F_RDLCK, whence=SEEK_SET, start=460, len=1},
> 0xbfaac424) = 0
> fcntl64(3, F_SETLKW64, {type=F_UNLCK, whence=SEEK_SET, start=460, len=1},
> 0xbfaac464) = 0
> fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> 0xb7a5c000
> write(1, "Ping to winbindd failed\n"..., 24) = 24
> fcntl64(3, F_SETLKW64, {type=F_RDLCK, whence=SEEK_SET, start=284, len=1},
> 0xbfaac424) = 0
> fcntl64(3, F_SETLKW64, {type=F_UNLCK, whence=SEEK_SET, start=284, len=1},
> 0xbfaac464) = 0
> write(2, "could not ping winbindd!\n"..., 25) = 25
> exit_group(1) = ?
> ---
>
> Many thanks in advance for any assistance that might be offered as I
unravel
> things.
>
> Again, the PDC has been working for some time, and I just didn't expect
any
> issues in doing this migration...yet here we are. And what concerns me is
> that failed wbinfo leads me to believe something has been wrong for a
> time,but for whatever reason I've not encountered it. And that's
not very
> encouraging :(
>
>
>
>
>
>
> --
> View this message in context:
http://samba.2283325.n4.nabble.com/Problems-in-SAMBA-3-3-to-4-0-migration-tp4680653p4680684.html
> Sent from the Samba - General mailing list archive at Nabble.com.
Nothing really jumps out from your smb.conf files.
I take it for granted that winbind is running on the new BDC, you could
try turning these lines off:
server role = classic backup domain controller
interfaces = 10.10.10.0/24 127.0.0.1/255.0.0.0
hosts allow = 10.10.10.0/24 127.0.0.1
bind interfaces only = yes
Rowland