No, you need to use the correct path. Sadly Samba just created an
empty sam.ldb where you pointed, rather than saying 'no such file or
directory'.
Andrew Bartlett
On Fri, 2020-12-11 at 03:11 -0700, Dan Egli wrote:> So, since it looks from the bug that the problem is the ldb is
> empty,
> how can I generate one that would work?
>
>
> On 12/11/2020 3:07 AM, Andrew Bartlett wrote:
> > On Fri, 2020-12-11 at 03:00 -0700, Dan Egli via samba wrote:
> > > So you're saying it really doen't matter which I use?
Okay, I'll
> > > just
> > > use the one in private vs. the one in bind-dns. Now if I can only
> > > figure
> > > out why it's complaining about the sam.ldb file:
> > After running samba_upgradedns then use the one in bind-dns. It
> > should
> > have the most recent password.
> >
> > > Dec 11 09:07:10 pluto named[733]: samba_dlz: Unable to get basedn
> > > for
> > > /var/lib/samba/private/dns/sam.ldb - NULL Base DN invalid for a
> > > base
> > > search
> > We moved to /var/lib/samba/bind-dns/sam.ldb (but forget to update
> > the
> > keytab code, hence the rest of this).
> >
> > The error below is because I've not yet backported:
> > https://bugzilla.samba.org/show_bug.cgi?id=14579
> >
> > > That's causing named to terminate with an error:
> > >
> > > Dec 11 09:07:10 pluto named[733]: samba_dlz: FAILED dlz_create
> > > call
> > > result=25 #refs=0
> > > Dec 11 09:07:10 pluto named[733]: dlz_dlopen of 'AD DNS
Zone'
> > > failed
> > > Dec 11 09:07:10 pluto named[733]: SDLZ driver failed to load.
> > > Dec 11 09:07:10 pluto named[733]: DLZ driver failed to load.
> > > Dec 11 09:07:10 pluto named[733]: loading configuration: failure
> > > Dec 11 09:07:10 pluto named[733]: exiting (due to fatal error)
> > > Dec 11 09:07:11 pluto systemd[1]: named.service: Main process
> > > exited,
> > > code=exited, status=1/FAILURE
> > > Dec 11 09:07:11 pluto systemd[1]: named.service: Failed with
> > > result
> > > 'exit-code'.
> > >
> > > Any tips?
> > >
> > > On 12/11/2020 2:37 AM, Rowland penny via samba wrote:
> > > > On 11/12/2020 09:26, Dan Egli wrote:
> > > > > I ran the samba_dnsupgrade and it created TWO
dns.keytab
> > > > > files.
> > > > > You
> > > > > said it won't create one in /var/lib/samba/bind-dns
> > > > > directory,
> > > > > but it
> > > > > did. At least, SOMETHING put a file there. Still, if
you say
> > > > > it
> > > > > shouldn't be there, then perhaps I should rm it and
point my
> > > > > bind
> > > > > config to the other.
> > > > >
> > > > No, I didn't say that, I said that you do not get the
keytab in
> > > > the
> > > > bind-dns dir when you join a DC, but you do when you
provision
> > > > a
> > > > new
> > > > DC or run samba_dnsupdate. What the code actually does is to
> > > > create
> > > > the keytab in the private dir and then copy it to the
bind-dns
> > > > dir,
> > > > so
> > > > yes, you do end up with two keytabs.
> > > >
> > > > There is a bug report about this:
> > > > https://bugzilla.samba.org/show_bug.cgi?id=14535
> > > >
> > > > And here is my fix:
> > > > https://gitlab.com/samba-team/samba/-/merge_requests/1642
> > > >
> > > > Which unfortunately was rejected even though it works.
> > > >
> > > > Rowland
> > > >
> > > >
> > > >
> > > --
> > > Dan Egli
> > > From my Test Server
> > >
> > >
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba