Edouard Guigné
2020-Apr-28 14:35 UTC
[Samba] Service Winbind stopped, what could be the reason ?
Hello dear Samba users, I recently faced an issue with samba (4.10.4) and winbind. The winbind service was stopped, so no user can acces to my samba share. I restart the winbind service, and all users can access to the share as usually... But I would like to understand why this issue occured. My samba server is a centos 7 linux, configured as domain member to a microsoft AD (windows server 2012 R2). All services (samba, winbind) are in automatic, started with linux start, and should always remained started. In winbindd.log, there are many entries like : [2020/04/27 08:20:14.167335, 1] ../source3/lib/util.c:1700(name_to_fqdn) getaddrinfo: ?chec temporaire dans la r?solution du nom On my Centos 7 samba server, the DNS resolution works only for fulled qualified name : ping workstation1 ping: workstation1 : ?chec temporaire dans la r?solution du nom but ping workstation1.mydomain.fr 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=1 ttl=127 time=1.58 ms 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=2 ttl=127 time=1.33 ms 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=3 ttl=127 time=1.04 ms Can it be the explanation why winbind has stopped ? Do I have to add "domain=mydomain.fr" in /etc/sysconfig/network-scripts/ifcfg-eth0 of my centos 7 server network adapter ? May it help Winbind for DNS resolving ? Best Regards, Ed
Rowland penny
2020-Apr-28 15:08 UTC
[Samba] Service Winbind stopped, what could be the reason ?
On 28/04/2020 15:35, Edouard Guign? via samba wrote:> Hello dear Samba users, > > I recently faced an issue with samba (4.10.4) and winbind. > The winbind service was stopped, so no user can acces to my samba share. > I restart the winbind service, and all users can access to the share as usually... > But I would like to understand why this issue occured. > > My samba server is a centos 7 linux, configured as domain member to a microsoft AD (windows server 2012 R2). > All services (samba, winbind) are in automatic, started with linux start, and should always remained started. > > In winbindd.log, there are many entries like : > [2020/04/27 08:20:14.167335, 1] ../source3/lib/util.c:1700(name_to_fqdn) > getaddrinfo: ?chec temporaire dans la r?solution du nom > > On my Centos 7 samba server, the DNS resolution works only for fulled qualified name : > ping workstation1 > ping: workstation1 : ?chec temporaire dans la r?solution du nom > but > ping workstation1.mydomain.fr > 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=1 ttl=127 time=1.58 ms > 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=2 ttl=127 time=1.33 ms > 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=3 ttl=127 time=1.04 ms > > Can it be the explanation why winbind has stopped ? > > Do I have to add "domain=mydomain.fr" in /etc/sysconfig/network-scripts/ifcfg-eth0 of my centos 7 server network adapter ? > May it help Winbind for DNS resolving ? > > Best Regards, > EdPlease post your smb.conf and /etc/resolv.conf You must be able to ping any domain machine by short hostname, FQDN or IP. Rowland
Edouard Guigné
2020-Apr-28 15:25 UTC
[Samba] Service Winbind stopped, what could be the reason ?
Dear Rowland, Please find a dump of smb.conf and resolv.conf of my centos 7 server : # testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] client min protocol = SMB2 client signing = required disable spoolss = Yes domain master = No kerberos method = secrets and keytab load printers = No local master = No log file = /var/log/samba/%m.log preferred master = No printcap name = /dev/null realm = MYAD.MYDOMAIN.FR security = ADS server min protocol = SMB2_02 server signing = required winbind nss info = rfc2307 winbind use default domain = Yes workgroup = IPGAD idmap config ipgad : unix_primary_group = yes idmap config ipgad : unix_nss_info = yes idmap config ipgad : range = 10000 - 14999 idmap config ipgad : schema_mode = rfc2307 idmap config ipgad : backend = ad idmap config * : range = 15000-99999 idmap config * : backend = tdb cups options = raw hosts allow = 127. 10.9.8. 10.9.7. 10.9.2. 10.9.4. 10.9.5. hosts deny = 10.9.9. 10.9.10. map acl inherit = Yes use sendfile = Yes vfs objects = acl_xattr [groups] comment = jaguar2 path = /var/datashared read only = No valid users = "@MYAD\utilisateurs du domaine" vfs objects = acl_xattr streams_xattr shadow_copy2 shadow:format = daily_%Y.%m.%d-%H.%M.%S shadow:localtime = yes shadow:sort = desc shadow:basedir = /var/datashared shadow:snapdir = /data/datashared/snapshots [homes] browseable = No comment = Home Directories create mask = 0700 directory mask = 0700 hide files = /~*.tmp/profile/desktop.ini/~$*/ path = /home read only = No valid users = %S [printers] browseable = No comment = All Printers create mask = 0600 path = /var/tmp printable = Yes [print$] comment = Printer Drivers create mask = 0664 directory mask = 0775 path = /var/lib/samba/drivers write list = root # cat /etc/resolv.conf # Generated by NetworkManager nameserver 10.9.x.xx1 nameserver 10.9.x.xx2 10.9.x.xx1 is the ip of first domain controler, 10.9.x.xx2 is the ip of the second domain controler. I notice that "domain" is not mentioned in resolv.conf ; so domain machine by short hostname is not possible for this reason ? Best Regards, Ed ----- Mail original ----- De: "sambalist" <samba at lists.samba.org> ?: "sambalist" <samba at lists.samba.org> Envoy?: Mardi 28 Avril 2020 12:08:44 Objet: Re: [Samba] Service Winbind stopped, what could be the reason ? On 28/04/2020 15:35, Edouard Guign? via samba wrote:> Hello dear Samba users, > > I recently faced an issue with samba (4.10.4) and winbind. > The winbind service was stopped, so no user can acces to my samba share. > I restart the winbind service, and all users can access to the share as usually... > But I would like to understand why this issue occured. > > My samba server is a centos 7 linux, configured as domain member to a microsoft AD (windows server 2012 R2). > All services (samba, winbind) are in automatic, started with linux start, and should always remained started. > > In winbindd.log, there are many entries like : > [2020/04/27 08:20:14.167335, 1] ../source3/lib/util.c:1700(name_to_fqdn) > getaddrinfo: ?chec temporaire dans la r?solution du nom > > On my Centos 7 samba server, the DNS resolution works only for fulled qualified name : > ping workstation1 > ping: workstation1 : ?chec temporaire dans la r?solution du nom > but > ping workstation1.mydomain.fr > 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=1 ttl=127 time=1.58 ms > 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=2 ttl=127 time=1.33 ms > 64 bytes from workstation1!.mydomain.fr (10.9.x.x): icmp_seq=3 ttl=127 time=1.04 ms > > Can it be the explanation why winbind has stopped ? > > Do I have to add "domain=mydomain.fr" in /etc/sysconfig/network-scripts/ifcfg-eth0 of my centos 7 server network adapter ? > May it help Winbind for DNS resolving ? > > Best Regards, > EdPlease post your smb.conf and /etc/resolv.conf You must be able to ping any domain machine by short hostname, FQDN or IP. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Possibly Parallel Threads
- Service Winbind stopped, what could be the reason ?
- Service Winbind stopped, what could be the reason ?
- Fwd: Re: Ressources needed (cpus, ram, etc.) for a Samba server
- Ressources needed (cpus, ram, etc.) for a Samba server
- Extended acls with AD - problem with default/herited permissions