The below Globals section is reporting some testparm failures that don't make sense to me. Perhaps someone could shine a light for me? This is a new installation - from 3.6.23 to 4.10.6-1. Necessitated by a Windows Server 2016 DC being installed. The testparm command, when run, reports the following error(s): # testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. idmap range not specified for domain '*' ERROR: Invalid idmap range for domain *! Server role: ROLE_DOMAIN_MEMBER The below is the Global section/service as reported by testparm: # Global parameters [global] deadtime = 15 interfaces = lo eth0 172.21.10.2/255.255.0.0 load printers = No local master = No log file = /var/log/samba/log.%m max log size = 50 realm = BOOST.COM security = DOMAIN server string = Samba Server Version %v workgroup = BOOST idmap config domain : unix_nss_info = no idmap config * : backend = tdb case sensitive = Yes cups options = raw hide dot files = No The following is the Global section.service of the config file as written: [global] workgroup = boost realm = boost.com server string = Samba Server Version %v interfaces = lo eth0 172.21.10.2/255.255.0.0 case sensitive = Yes hide dot files = No log file = /var/log/samba/log.%m max log size = 50 security = domain passdb backend = tdbsam encrypt passwords = yes deadtime = 15 local master = no load printers = no cups options = raw I haven't found what needs to be done to resolve the idmap error(s). At the time this was run, this server has not been added to the domain, and samba won't start on the server. The log file reports: # more log.smbd [2020/02/04 16:54:58.777558, 0] ../../source3/smbd/server.c:1788(main) smbd version 4.10.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2019 [2020/02/04 16:54:59.158430, 0] ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) create_local_token failed: NT_STATUS_NO_MEMORY [2020/02/04 16:54:59.166165, 0] ../../source3/smbd/server.c:2047(main) ERROR: failed to setup guest info. [2020/02/04 16:57:12.441603, 0] ../../source3/smbd/server.c:1788(main) smbd version 4.10.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2019 [2020/02/04 16:57:12.499189, 0] ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) create_local_token failed: NT_STATUS_NO_MEMORY [2020/02/04 16:57:12.499396, 0] ../../source3/smbd/server.c:2047(main) ERROR: failed to setup guest info. Any help or criticism would be gladly accepted and appreciated! Bob Wyatt
Ok, start here. https://wiki.samba.org/index.php/Main_Page You need/must adjust the config to the new settings. Your current config is simple said, incorrect/obsolete/incomplete. So pick the one your setting up from the above wiki page. - Setting up Samba as an Active Directory Domain Controller - Setting up Samba as a Domain Member Read it and adjust the config. Try again, not working, mail us again. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob > Wyatt via samba > Verzonden: woensdag 5 februari 2020 1:26 > Aan: samba at lists.samba.org > Onderwerp: [Samba] Samba 4.10.6-1 Configuration on AIX > > The below Globals section is reporting some testparm failures > that don't > make sense to me. > > Perhaps someone could shine a light for me? > > > > This is a new installation - from 3.6.23 to 4.10.6-1. > > Necessitated by a Windows Server 2016 DC being installed. > > > > The testparm command, when run, reports the following error(s): > > > > # testparm > > Load smb config files from /etc/samba/smb.conf > > Loaded services file OK. > > idmap range not specified for domain '*' > > ERROR: Invalid idmap range for domain *! > > > > Server role: ROLE_DOMAIN_MEMBER > > > > The below is the Global section/service as reported by testparm: > > > > # Global parameters > > [global] > > deadtime = 15 > > interfaces = lo eth0 172.21.10.2/255.255.0.0 > > load printers = No > > local master = No > > log file = /var/log/samba/log.%m > > max log size = 50 > > realm = BOOST.COM > > security = DOMAIN > > server string = Samba Server Version %v > > workgroup = BOOST > > idmap config domain : unix_nss_info = no > > idmap config * : backend = tdb > > case sensitive = Yes > > cups options = raw > > hide dot files = No > > > > The following is the Global section.service of the config > file as written: > > > > [global] > > > > workgroup = boost > > realm = boost.com > > server string = Samba Server Version %v > > interfaces = lo eth0 172.21.10.2/255.255.0.0 > > case sensitive = Yes > > hide dot files = No > > log file = /var/log/samba/log.%m > > max log size = 50 > > security = domain > > passdb backend = tdbsam > > encrypt passwords = yes > > deadtime = 15 > > local master = no > > load printers = no > > cups options = raw > > > > I haven't found what needs to be done to resolve the idmap error(s). > > > > At the time this was run, this server has not been added to > the domain, and > samba won't start on the server. > > > > The log file reports: > > > > # more log.smbd > > [2020/02/04 16:54:58.777558, 0] > ../../source3/smbd/server.c:1788(main) > > smbd version 4.10.6 started. > > Copyright Andrew Tridgell and the Samba Team 1992-2019 > > [2020/02/04 16:54:59.158430, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > > create_local_token failed: NT_STATUS_NO_MEMORY > > [2020/02/04 16:54:59.166165, 0] > ../../source3/smbd/server.c:2047(main) > > ERROR: failed to setup guest info. > > [2020/02/04 16:57:12.441603, 0] > ../../source3/smbd/server.c:1788(main) > > smbd version 4.10.6 started. > > Copyright Andrew Tridgell and the Samba Team 1992-2019 > > [2020/02/04 16:57:12.499189, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > > create_local_token failed: NT_STATUS_NO_MEMORY > > [2020/02/04 16:57:12.499396, 0] > ../../source3/smbd/server.c:2047(main) > > ERROR: failed to setup guest info. > > > > Any help or criticism would be gladly accepted and appreciated! > > > > Bob Wyatt > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On 05/02/2020 00:25, Bob Wyatt via samba wrote:> The below Globals section is reporting some testparm failures that don't > make sense to me. > > Perhaps someone could shine a light for me? > > > > This is a new installation - from 3.6.23 to 4.10.6-1. > > Necessitated by a Windows Server 2016 DC being installed. > > > The following is the Global section.service of the config file as written: > > [global] > workgroup = boost > realm = boost.com > server string = Samba Server Version %v > interfaces = lo eth0 172.21.10.2/255.255.0.0 > case sensitive = Yes > hide dot files = No > log file = /var/log/samba/log.%m > max log size = 50 > security = domainWrong security, it should be 'ADS' against an AD domain> passdb backend = tdbsam > encrypt passwords = yes > deadtime = 15 > local master = no > load printers = no > cups options = raw > > I haven't found what needs to be done to resolve the idmap error(s).Try reading our documentation: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member> > > > At the time this was run, this server has not been added to the domain, and > samba won't start on the server.You need to fix your smb.conf, join the machine to the domain and start, smbd and winbind, you can also optionally start nmbd.> The log file reports: > > # more log.smbd > > [2020/02/04 16:54:58.777558, 0] ../../source3/smbd/server.c:1788(main) > smbd version 4.10.6 started. > Copyright Andrew Tridgell and the Samba Team 1992-2019 > [2020/02/04 16:54:59.158430, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > create_local_token failed: NT_STATUS_NO_MEMORY > [2020/02/04 16:54:59.166165, 0] ../../source3/smbd/server.c:2047(main) > ERROR: failed to setup guest info.The above is because your smb.conf 'idmap config' lines are not set correctly.
Thanks to you and Louis for your guidance. I really apologize for my lack of knowledge of AD and Samba; and I appreciate your patience and willingness to help. And I apologize for not trimming the reply - don't know how much to retain... The referenced document seems to be leveraging domain services that we're not using. We are only using AD user authentication to access shares on AIX. No single sign-on, no user administration/manipulation anywhere, no printer sharing. Kerberos shouldn?t be required, which one might think also means the imap settings shouldn?t be required. Although they may eventually embrace NTP, is it not configured today; without Kerberos, it isn?t required. We're not wanting to save any user credentials necessary in AIX to acquire access to the shares in AIX. Testing DNS, everything is good until the "set type=SRV" _ldap_... test; it fails. Kerberos is not installed on AIX. The server name (hostname) was changed from the old FQDN to the new FQDN, and the /etc/hosts file was updated. The security was changed from domain to ADS. Testparm still reports the imap errors (see below). # testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. idmap range not specified for domain '*' ERROR: Invalid idmap range for domain *! Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] deadtime = 15 interfaces = lo eth0 172.21.10.2/255.255.0.0 load printers = No local master = No log file = /var/log/samba/log.%m max log size = 50 realm = BOOST.COM security = ADS server string = Samba Server Version %v workgroup = BOOST idmap config domain : unix_nss_info = no idmap config * : backend = tdb case sensitive = Yes cups options = raw hide dot files = No -----Original Message----- From: Rowland penny <rpenny at samba.org> Sent: Wednesday, February 5, 2020 4:36 AM To: samba at lists.samba.org Subject: Re: [Samba] Samba 4.10.6-1 Configuration on AIX On 05/02/2020 00:25, Bob Wyatt via samba wrote:> The below Globals section is reporting some testparm failures that don't > make sense to me. > > Perhaps someone could shine a light for me? > > > > This is a new installation - from 3.6.23 to 4.10.6-1. > > Necessitated by a Windows Server 2016 DC being installed. > > > The following is the Global section.service of the config file as written: > > [global] > workgroup = boost > realm = boost.com > server string = Samba Server Version %v > interfaces = lo eth0 172.21.10.2/255.255.0.0 > case sensitive = Yes > hide dot files = No > log file = /var/log/samba/log.%m > max log size = 50 > security = domainWrong security, it should be 'ADS' against an AD domain> passdb backend = tdbsam > encrypt passwords = yes > deadtime = 15 > local master = no > load printers = no > cups options = raw > > I haven't found what needs to be done to resolve the idmap error(s).Try reading our documentation: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member> > > > At the time this was run, this server has not been added to the domain, and > samba won't start on the server.You need to fix your smb.conf, join the machine to the domain and start, smbd and winbind, you can also optionally start nmbd.> The log file reports: > > # more log.smbd > > [2020/02/04 16:54:58.777558, 0] ../../source3/smbd/server.c:1788(main) > smbd version 4.10.6 started. > Copyright Andrew Tridgell and the Samba Team 1992-2019 > [2020/02/04 16:54:59.158430, 0] > ../../source3/auth/auth_util.c:1386(make_new_session_info_guest) > create_local_token failed: NT_STATUS_NO_MEMORY > [2020/02/04 16:54:59.166165, 0] ../../source3/smbd/server.c:2047(main) > ERROR: failed to setup guest info.The above is because your smb.conf 'idmap config' lines are not set correctly.