Tom Sampson
2015-Mar-23 14:49 UTC
[Samba] Samba 4.2.0 fails to start if domain was provisioned by classicupgrade
Hello, I am trying to upgrade our domain controller to 4.2.0 from 4.1.16, however samba will not start after the upgrade. It appears to be related to the fact that this AD domain was created by running classicupgrade. My test environment, which was originally provisioned from 4.0 does not have this problem. This server was originally deployed back in 2004 using Samba3 and OpenLDAP. We upgraded to 4.0 shortly after it's release and have been regularly upgrading it through all of the 4.0 and 4.1 releases. After upgrading to 4.2, when I start Samba, I only see 2-3 process running. There is very little in the way of logged information, even with the level set to 3 or higher. The only thing I can find is a reference to winbindd failing. "Failed to fetch our own, local AD domain join password for winbindd's internal use" The problem appears to be the same as this bug. https://bugzilla.samba.org/show_bug.cgi?id=10991 In fact, If I set "server services = +winbind -winbindd", Samba does start and appears to function correctly. That said, I am very leery of deploying 4.2 at this time, knowing this bug exists. Our goal this past weekend was to upgrade our DC to 4.2 and deploy a secondary here at our main site. I am also tasked with deploying 3 more DCs at our remote sites in the very near future. I have major concerns about moving forward with this deployment at this time. It appears that there is something wrong with our AD data that is preventing a default install of 4.2.0 from starting and we do not have full-time IT staff available at these sites, so small problems could easily escalate. Unfortunately, I don't even know where to start. Apart from the few complaints from Winbindd the logs seem unhelpful.
Tom
2015-Mar-25 19:41 UTC
[Samba] Samba 4.2.0 fails to start if domain was provisioned by classicupgrade
Hello, Can anyone offer assistance with this issue? Can someone help me understand what winbindd is looking for here? Thank you. /usr/local/samba/sbin/winbindd: winbindd version 4.2.0 started. /usr/local/samba/sbin/winbindd: Copyright Andrew Tridgell and the Samba Team 1992-2014 /usr/local/samba/sbin/winbindd: Maximum core file size limits now 16777216(soft) -1(hard) /usr/local/samba/sbin/winbindd: Registered MSG_REQ_POOL_USAGE /usr/local/samba/sbin/winbindd: Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED /usr/local/samba/sbin/winbindd: lp_load_ex: refreshing parameters /usr/local/samba/sbin/winbindd: Initialising global parameters /usr/local/samba/sbin/winbindd: rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) /usr/local/samba/sbin/winbindd: Processing section "[global]" /usr/local/samba/sbin/winbindd: added interface enp0s3 ip=10.0.2.100 bcast=10.0.2.255 netmask=255.255.255.0 /usr/local/samba/sbin/winbindd: added interface enp0s3 ip=10.0.2.100 bcast=10.0.2.255 netmask=255.255.255.0 /usr/local/samba/sbin/winbindd: initialize_winbindd_cache: clearing cache and re-creating with version number 2 /usr/local/samba/sbin/winbindd: Added domain BUILTIN (null) S-1-5-32 /usr/local/samba/sbin/winbindd: Added domain TESTDOM internal.testdom.com SID_REMOVED /usr/local/samba/sbin/winbindd: Failed to fetch our own, local AD domain join password for winbindd's internal use /usr/local/samba/sbin/winbindd: unable to initialize domain list Child /usr/local/samba/sbin/winbindd exited with status 1 - Operation not permitted winbindd daemon died with exit status 1 task_server_terminate: [winbindd child process exited] samba_terminate: winbindd child process exited On Mon, Mar 23, 2015 at 10:49 AM, Tom Sampson <tsml412101 at gmail.com> wrote:> Hello, > > > I am trying to upgrade our domain controller to 4.2.0 from 4.1.16, however > samba will not start after the upgrade. It appears to be related to the > fact that this AD domain was created by running classicupgrade. My test > environment, which was originally provisioned from 4.0 does not have this > problem. This server was originally deployed back in 2004 using Samba3 and > OpenLDAP. We upgraded to 4.0 shortly after it's release and have been > regularly upgrading it through all of the 4.0 and 4.1 releases. After > upgrading to 4.2, when I start Samba, I only see 2-3 process running. There > is very little in the way of logged information, even with the level set to > 3 or higher. The only thing I can find is a reference to winbindd failing. "Failed > to fetch our own, local AD domain join password for winbindd's internal use" > The problem appears to be the same as this bug. > > https://bugzilla.samba.org/show_bug.cgi?id=10991 > > In fact, If I set "server services = +winbind -winbindd", Samba does start > and appears to function correctly. That said, I am very leery of deploying > 4.2 at this time, knowing this bug exists. Our goal this past weekend was > to upgrade our DC to 4.2 and deploy a secondary here at our main site. I am > also tasked with deploying 3 more DCs at our remote sites in the very near > future. I have major concerns about moving forward with this deployment at > this time. It appears that there is something wrong with our AD data that > is preventing a default install of 4.2.0 from starting and we do not have > full-time IT staff available at these sites, so small problems could easily > escalate. Unfortunately, I don't even know where to start. Apart from the > few complaints from Winbindd the logs seem unhelpful. > >
Peter Ulrich
2015-Apr-20 11:02 UTC
[Samba] Samba 4.2.0 fails to start if domain was provisioned by classicupgrade
Tom wrote:> Hello, > > Can anyone offer assistance with this issue? Can someone help me > understand what winbindd is looking for here? Thank you. > > /usr/local/samba/sbin/winbindd: winbindd version 4.2.0 started. > /usr/local/samba/sbin/winbindd: Copyright Andrew Tridgell and the Samba > Team 1992-2014 > /usr/local/samba/sbin/winbindd: Maximum core file size limits now > 16777216(soft) -1(hard) > /usr/local/samba/sbin/winbindd: Registered MSG_REQ_POOL_USAGE > /usr/local/samba/sbin/winbindd: Registered MSG_REQ_DMALLOC_MARK and > LOG_CHANGED > /usr/local/samba/sbin/winbindd: lp_load_ex: refreshing parameters > /usr/local/samba/sbin/winbindd: Initialising global parameters > /usr/local/samba/sbin/winbindd: rlimit_max: increasing rlimit_max (1024) > to minimum Windows limit (16384) > /usr/local/samba/sbin/winbindd: Processing section "[global]" > /usr/local/samba/sbin/winbindd: added interface enp0s3 ip=10.0.2.100 > bcast=10.0.2.255 netmask=255.255.255.0 > /usr/local/samba/sbin/winbindd: added interface enp0s3 ip=10.0.2.100 > bcast=10.0.2.255 netmask=255.255.255.0 > /usr/local/samba/sbin/winbindd: initialize_winbindd_cache: clearing cache > and re-creating with version number 2 > /usr/local/samba/sbin/winbindd: Added domain BUILTIN (null) S-1-5-32 > /usr/local/samba/sbin/winbindd: Added domain TESTDOM internal.testdom.com > SID_REMOVED > /usr/local/samba/sbin/winbindd: Failed to fetch our own, local AD domain > join password for winbindd's internal use > /usr/local/samba/sbin/winbindd: unable to initialize domain list > Child /usr/local/samba/sbin/winbindd exited with status 1 - Operation not > permitted > winbindd daemon died with exit status 1 > task_server_terminate: [winbindd child process exited] > samba_terminate: winbindd child process exited > > On Mon, Mar 23, 2015 at 10:49 AM, Tom Sampson <tsml412101 at gmail.com> > wrote: > >> Hello, >> >> >> I am trying to upgrade our domain controller to 4.2.0 from 4.1.16, >> however samba will not start after the upgrade. It appears to be related >> to the fact that this AD domain was created by running classicupgrade. My >> test environment, which was originally provisioned from 4.0 does not have >> this problem. This server was originally deployed back in 2004 using >> Samba3 and OpenLDAP. We upgraded to 4.0 shortly after it's release and >> have been regularly upgrading it through all of the 4.0 and 4.1 releases. >> After upgrading to 4.2, when I start Samba, I only see 2-3 process >> running. There is very little in the way of logged information, even with >> the level set to 3 or higher. The only thing I can find is a reference to >> winbindd failing. "Failed to fetch our own, local AD domain join password >> for winbindd's internal use" The problem appears to be the same as this >> bug. >> >> https://bugzilla.samba.org/show_bug.cgi?id=10991 >> >> In fact, If I set "server services = +winbind -winbindd", Samba does >> start and appears to function correctly. That said, I am very leery of >> deploying 4.2 at this time, knowing this bug exists. Our goal this past >> weekend was to upgrade our DC to 4.2 and deploy a secondary here at our >> main site. I am also tasked with deploying 3 more DCs at our remote sites >> in the very near future. I have major concerns about moving forward with >> this deployment at this time. It appears that there is something wrong >> with our AD data that is preventing a default install of 4.2.0 from >> starting and we do not have full-time IT staff available at these sites, >> so small problems could easily escalate. Unfortunately, I don't even know >> where to start. Apart from the few complaints from Winbindd the logs seem >> unhelpful. >> >>Hello Tom, i have the same issue with the Update to V 4.2.0 - i also provisioned by classicupgrade. This weekend i installed V 4.2.1 and tested again, but without any change so i searche bugzilla and found https://bugzilla.samba.org/show_bug.cgi?id=10991 After running './source4/scripting/devel/chgtdcpass' inside the source-tree the Samba-Server starts up and winbindd is running, but now i have another Problem with getent user/group. There are no Domain-Users listet and so i must also start samba again with '+winbind -winbindd'. The file permissions in the shares shows the correct Domain-Owner and Domain-Group with 'ls' but when i try to change owner or group, i get an error. Best regards Peter
Possibly Parallel Threads
- winbindd: Failed to fetch our own, local AD domain join password for winbindd's internal use
- Samba 4.2.0 fails to start if domain was provisioned by classicupgrade
- samba_dnsupdate failed with RuntimeError: kinit for SMB4ECONOMIA$@ECONOMIA failed (Cannot contact any KDC for requested realm)
- winbindd: Failed to fetch our own, local AD domain join password for winbindd's internal use
- Fwd: samba_dnsupdate failed with RuntimeError: kinit for SMB4ECONOMIA$@ECONOMIA failed (Cannot contact any KDC for requested realm)