Thaddeus Waldner
2021-Aug-26 21:13 UTC
[Samba] Winbind errors, VFS object stacking, sanity check
Hi I?m working on setting up a samba-ad-dc and file server for my school. In addition to Windows and Mac login and folder sharing, I need to create shares for time machine backups and for windows backups. Thanks to some folks on this list, I now have a Samba-ad-dc and a Samba file server joined to it. Users can log in from Macs and from Windows machines. User and shared folders are working. Could someone please look my setup over and see if there are any glaring issues? Some remaining issues: The winbind service throws errors. 0] ../../source3/winbindd/winbindd_cm.c:1893(wb_open_internal_pipe) open_internal_pipe: Could not connect to dssetup pipe: NT_STATUS_RPC_INTERFACE_NOT_FOUND ./../librpc/rpc/dcesrv_core.c:3007(dcesrv_call_dispatch_local) dcesrv_call_dispatch_local: DCE/RPC fault in call lsarpc:2E - DCERPC_NCA_S_OP_RNG_ERROR The folder icon in Mac shows a windows BSOD screen, despite having set fruit:model = MacSamba .Time machine shares are not advertised until I mount the share. I?m not sure that I?m stacking vfs modules correctly, or even that I?m using the correct ones. On the file server: testparm -s Load smb config files from /etc/samba/smb.conf Loaded services file OK. Weak crypto is allowed Server role: ROLE_DOMAIN_MEMBER # Global parameters [global] dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab logon drive = Z: logon home = \\schoolfs\users\%U realm = NDS.SCHOOL.COM<http://NDS.SCHOOL.COM> security = ADS template homedir = /home/%U template shell = /bin/bash username map = /etc/samba/user.map winbind enum groups = Yes winbind enum users = Yes winbind refresh tickets = Yes winbind use default domain = Yes workgroup = NDS fruit:model = MacSamba fruit:advertise_fullsync = true fruit:metadata = stream fruit:veto_appledouble = no fruit:wipe_intentionally_left_blank_rfork = yes fruit:delete_empty_adfiles = yes fruit:zero_file_id = yes fruit:posix_rename = yes idmap config nds : range = 10000-99999 idmap config nds : backend = rid idmap config * : range = 3000-7999 idmap config * : backend = tdb map acl inherit = Yes vfs objects = fruit streams_xattr acl_xattr [users] path = /array/users read only = No acl_xattr:ignore system acl = yes [staff] path = /array/staff read only = No acl_xattr:ignore system acl = yes [students] path = /array/students read only = No acl_xattr:ignore system acl = yes [Time Machine] path = /array/timemachine read only = No vfs objects = catia fruit streams_xattr acl_xattr fruit:time machine = yes acl_xattr:ignore system acl = yes [Backup] path = /array/backup read only = No acl_xattr:ignore system acl = yes Thanks, Thaddeus Waldner