The below Globals section is reporting some testparm failures that don't
make sense to me.
Perhaps someone could shine a light for me?
This is a new installation - from 3.6.23 to 4.10.6-1.
Necessitated by a Windows Server 2016 DC being installed.
The testparm command, when run, reports the following error(s):
# testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
idmap range not specified for domain '*'
ERROR: Invalid idmap range for domain *!
Server role: ROLE_DOMAIN_MEMBER
The below is the Global section/service as reported by testparm:
# Global parameters
[global]
deadtime = 15
interfaces = lo eth0 172.21.10.2/255.255.0.0
load printers = No
local master = No
log file = /var/log/samba/log.%m
max log size = 50
realm = BOOST.COM
security = DOMAIN
server string = Samba Server Version %v
workgroup = BOOST
idmap config domain : unix_nss_info = no
idmap config * : backend = tdb
case sensitive = Yes
cups options = raw
hide dot files = No
The following is the Global section.service of the config file as written:
[global]
workgroup = boost
realm = boost.com
server string = Samba Server Version %v
interfaces = lo eth0 172.21.10.2/255.255.0.0
case sensitive = Yes
hide dot files = No
log file = /var/log/samba/log.%m
max log size = 50
security = domain
passdb backend = tdbsam
encrypt passwords = yes
deadtime = 15
local master = no
load printers = no
cups options = raw
I haven't found what needs to be done to resolve the idmap error(s).
At the time this was run, this server has not been added to the domain, and
samba won't start on the server.
The log file reports:
# more log.smbd
[2020/02/04 16:54:58.777558, 0] ../../source3/smbd/server.c:1788(main)
smbd version 4.10.6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2019
[2020/02/04 16:54:59.158430, 0]
../../source3/auth/auth_util.c:1386(make_new_session_info_guest)
create_local_token failed: NT_STATUS_NO_MEMORY
[2020/02/04 16:54:59.166165, 0] ../../source3/smbd/server.c:2047(main)
ERROR: failed to setup guest info.
[2020/02/04 16:57:12.441603, 0] ../../source3/smbd/server.c:1788(main)
smbd version 4.10.6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2019
[2020/02/04 16:57:12.499189, 0]
../../source3/auth/auth_util.c:1386(make_new_session_info_guest)
create_local_token failed: NT_STATUS_NO_MEMORY
[2020/02/04 16:57:12.499396, 0] ../../source3/smbd/server.c:2047(main)
ERROR: failed to setup guest info.
Any help or criticism would be gladly accepted and appreciated!
Bob Wyatt
Ok, start here. https://wiki.samba.org/index.php/Main_Page You need/must adjust the config to the new settings. Your current config is simple said, incorrect/obsolete/incomplete. So pick the one your setting up from the above wiki page. - Setting up Samba as an Active Directory Domain Controller - Setting up Samba as a Domain Member Read it and adjust the config. Try again, not working, mail us again. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob > Wyatt via samba > Verzonden: woensdag 5 februari 2020 1:26 > Aan: samba at lists.samba.org > Onderwerp: [Samba] Samba 4.10.6-1 Configuration on AIX > > The below Globals section is reporting some testparm failures > that don't > make sense to me. > > Perhaps someone could shine a light for me? > > > > This is a new installation - from 3.6.23 to 4.10.6-1. > > Necessitated by a Windows Server 2016 DC being installed. > > > > The testparm command, when run, reports the following error(s): > > > > # testparm > > Load smb config files from /etc/samba/smb.conf > > Loaded services file OK. > > idmap range not specified for domain '*' > > ERROR: Invalid idmap range for domain *! > > > > Server role: ROLE_DOMAIN_MEMBER > > > > The below is the Global section/service as reported by testparm: > > > > # Global parameters > > [global] > > deadtime = 15 > > interfaces = lo eth0 172.21.10.2/255.255.0.0 > > load printers = No > > local master = No > > log file = /var/log/samba/log.%m > > max log size = 50 > > realm = BOOST.COM > > security = DOMAIN > > server string = Samba Server Version %v > > workgroup = BOOST > > idmap config domain : unix_nss_info = no > > idmap config * : backend = tdb > > case sensitive = Yes > > cups options = raw > > hide dot files = No > > > > The following is the Global section.service of the config > file as written: > > > > [global] > > > > workgroup = boost > > realm = boost.com > > server string = Samba Server Version %v > > interfaces = lo eth0 172.21.10.2/255.255.0.0 > > case sensitive = Yes > > hide dot files = No > > log file = /var/log/samba/log.%m > > max log size = 50 > > security = domain > > passdb backend = tdbsam > > encrypt passwords = yes > > deadtime = 15 > > local master = no > > load printers = no > > cups options = raw > > > > I haven't found what needs to be done to resolve the idmap error(s). > > > > At the time this was run, this server has not been added to > the domain, and > samba won't start on the server. > > > > The log file reports: > > > > # more log.smbd > > [2020/02/04 16:54:58.777558, 0] > ../../source3/smbd/server.c:1788(main) > > smbd version 4.10.6 started. > > Copyright Andrew Tridgell and the Samba Team 1992-2019 > > [2020/02/04 16:54:59.158430, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > > create_local_token failed: NT_STATUS_NO_MEMORY > > [2020/02/04 16:54:59.166165, 0] > ../../source3/smbd/server.c:2047(main) > > ERROR: failed to setup guest info. > > [2020/02/04 16:57:12.441603, 0] > ../../source3/smbd/server.c:1788(main) > > smbd version 4.10.6 started. > > Copyright Andrew Tridgell and the Samba Team 1992-2019 > > [2020/02/04 16:57:12.499189, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > > create_local_token failed: NT_STATUS_NO_MEMORY > > [2020/02/04 16:57:12.499396, 0] > ../../source3/smbd/server.c:2047(main) > > ERROR: failed to setup guest info. > > > > Any help or criticism would be gladly accepted and appreciated! > > > > Bob Wyatt > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On 05/02/2020 00:25, Bob Wyatt via samba wrote:> The below Globals section is reporting some testparm failures that don't > make sense to me. > > Perhaps someone could shine a light for me? > > > > This is a new installation - from 3.6.23 to 4.10.6-1. > > Necessitated by a Windows Server 2016 DC being installed. > > > The following is the Global section.service of the config file as written: > > [global] > workgroup = boost > realm = boost.com > server string = Samba Server Version %v > interfaces = lo eth0 172.21.10.2/255.255.0.0 > case sensitive = Yes > hide dot files = No > log file = /var/log/samba/log.%m > max log size = 50 > security = domainWrong security, it should be 'ADS' against an AD domain> passdb backend = tdbsam > encrypt passwords = yes > deadtime = 15 > local master = no > load printers = no > cups options = raw > > I haven't found what needs to be done to resolve the idmap error(s).Try reading our documentation: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member> > > > At the time this was run, this server has not been added to the domain, and > samba won't start on the server.You need to fix your smb.conf, join the machine to the domain and start, smbd and winbind, you can also optionally start nmbd.> The log file reports: > > # more log.smbd > > [2020/02/04 16:54:58.777558, 0] ../../source3/smbd/server.c:1788(main) > smbd version 4.10.6 started. > Copyright Andrew Tridgell and the Samba Team 1992-2019 > [2020/02/04 16:54:59.158430, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > create_local_token failed: NT_STATUS_NO_MEMORY > [2020/02/04 16:54:59.166165, 0] ../../source3/smbd/server.c:2047(main) > ERROR: failed to setup guest info.The above is because your smb.conf 'idmap config' lines are not set correctly.
Thanks to you and Louis for your guidance.
I really apologize for my lack of knowledge of AD and Samba; and I appreciate
your patience and willingness to help.
And I apologize for not trimming the reply - don't know how much to
retain...
The referenced document seems to be leveraging domain services that we're
not using.
We are only using AD user authentication to access shares on AIX.
No single sign-on, no user administration/manipulation anywhere, no printer
sharing.
Kerberos shouldn?t be required, which one might think also means the imap
settings shouldn?t be required.
Although they may eventually embrace NTP, is it not configured today; without
Kerberos, it isn?t required.
We're not wanting to save any user credentials necessary in AIX to acquire
access to the shares in AIX.
Testing DNS, everything is good until the "set type=SRV" _ldap_...
test; it fails.
Kerberos is not installed on AIX.
The server name (hostname) was changed from the old FQDN to the new FQDN, and
the /etc/hosts file was updated.
The security was changed from domain to ADS.
Testparm still reports the imap errors (see below).
# testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
idmap range not specified for domain '*'
ERROR: Invalid idmap range for domain *!
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
deadtime = 15
interfaces = lo eth0 172.21.10.2/255.255.0.0
load printers = No
local master = No
log file = /var/log/samba/log.%m
max log size = 50
realm = BOOST.COM
security = ADS
server string = Samba Server Version %v
workgroup = BOOST
idmap config domain : unix_nss_info = no
idmap config * : backend = tdb
case sensitive = Yes
cups options = raw
hide dot files = No
-----Original Message-----
From: Rowland penny <rpenny at samba.org>
Sent: Wednesday, February 5, 2020 4:36 AM
To: samba at lists.samba.org
Subject: Re: [Samba] Samba 4.10.6-1 Configuration on AIX
On 05/02/2020 00:25, Bob Wyatt via samba wrote:> The below Globals section is reporting some testparm failures that
don't
> make sense to me.
>
> Perhaps someone could shine a light for me?
>
>
>
> This is a new installation - from 3.6.23 to 4.10.6-1.
>
> Necessitated by a Windows Server 2016 DC being installed.
>
>
> The following is the Global section.service of the config file as written:
>
> [global]
> workgroup = boost
> realm = boost.com
> server string = Samba Server Version %v
> interfaces = lo eth0 172.21.10.2/255.255.0.0
> case sensitive = Yes
> hide dot files = No
> log file = /var/log/samba/log.%m
> max log size = 50
> security = domain
Wrong security, it should be 'ADS' against an AD
domain> passdb backend = tdbsam
> encrypt passwords = yes
> deadtime = 15
> local master = no
> load printers = no
> cups options = raw
>
> I haven't found what needs to be done to resolve the idmap error(s).
Try reading our documentation:
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
>
>
> At the time this was run, this server has not been added to the domain, and
> samba won't start on the server.
You need to fix your smb.conf, join the machine to the domain and start,
smbd and winbind, you can also optionally start nmbd.> The log file reports:
>
> # more log.smbd
>
> [2020/02/04 16:54:58.777558, 0] ../../source3/smbd/server.c:1788(main)
> smbd version 4.10.6 started.
> Copyright Andrew Tridgell and the Samba Team 1992-2019
> [2020/02/04 16:54:59.158430, 0]
> ../../source3/auth/auth_util.c:1386(make_new_session_info_guest)
> create_local_token failed: NT_STATUS_NO_MEMORY
> [2020/02/04 16:54:59.166165, 0] ../../source3/smbd/server.c:2047(main)
> ERROR: failed to setup guest info.
The above is because your smb.conf 'idmap config' lines are not set
correctly.