On 2023-03-29 15:50, Rowland Penny via samba wrote:>
>
> On 29/03/2023 20:06, Gary Dale via samba wrote:
>>>
>> Following the advice of
>>
https://wiki.samba.org/index.php/Distribution-specific_Package_Installation,
>> below the installation report after I did a more thorough purging of
>> Samba-related stuff. I took the further advice and changed the realm
>> to HOME.RAHIM-DALE-ORG. The DC remains TheLibrarian.
>>
>> # apt install acl attr samba samba-dsdb-modules samba-vfs-modules
>> winbind libpam-winbind libnss-win bind krb5-config krb5-user dnsutils
>
> I have updated that list.
>
>>
>> Creating config file /etc/samba/smb.conf with new version
>
> This is why you need to remove the smb.conf, the package install
> creates one for a standalone server.
>
>>
>>
>> The reported errors seem to be due to further configuration being
>> needed for a DC.
>>
>> Next I continued with the wiki at
>>
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
>
> I have updated that wikipage slightly.
>
>>
>> First I verified that /etc/resolv.conf was correct then I updated
>> /etc/hosts to reflect the new realm name.
>>
>> Next I ran: samba-tool domain provision --use-rfc2307 --interactive
>>
>> This failed with an error:
>>
>> ERROR(<class 'samba.provision.ProvisioningError'>):
Provision failed
>> - ProvisioningError: guess_names: 'realm =' was not specified
in
>> supplied /etc/samba/smb.conf.? Please remove the smb.conf file and
>> let provision generate it
>
> I moved the deletion on the wikipage, from where it was, it sounded
> like you only had to remove the smb.conf if the provision had run
> successfully.
>
>>
>> So I removed the smb.conf and ran it again. This time I got:
>>
>> INFO 2023-03-29 15:01:07,831 pid:17352
>> /usr/lib/python3/dist-packages/samba/provision/__init__.py #2122:
>> Looking up IPv4 addresses
>> INFO 2023-03-29 15:01:07,832 pid:17352
>> /usr/lib/python3/dist-packages/samba/provision/__init__.py #2139:
>> Looking up IPv6 addresses
>> WARNING 2023-03-29 15:01:07,833 pid:17352
>> /usr/lib/python3/dist-packages/samba/provision/__init__.py #2146: No
>> IPv6 address will be assigned
>> Error: Unable to parse dn
>> 'CN=Schema,CN=Configuration,DC=home,DC=rahim-dale,DC=org,'
>
> I know you updated /etc/hosts, but did the computer pick this up, does
> it think it is in the home.rahim-dale.org dns domain ?
The computer should query /etc/hosts each time. The actual problem was a
typo in the file - I put a comma in when it only allows spaces to
separate the names.
>
>> I'm not sure what is causing this error. The only samba log is
named
>> log.%m and it has nothing from the time of running samba-tool either
>> time.
>
> There wouldn't be anything in the logs at this point, Samba hasn't
> started, though thinking about it, did you stop any running Samba
> processes before the provision.
>
> I can assure this does work, to test it, I setup Debian 11 in a VM and
> created a new domain, the only real difference is that I used Samba
> from backports.
>
> I really suggest you use backports, even the Debian Samba maintainer
> (Michael Tokarev) is telling you to use backports.
Baokports are for people who need something that the stable version
doesn't provide. That's not me. I run Debian/Stable on my servers for a
reason. I run Testing on my workstation because I want to help test
things. And I run it my new laptop because it requires drivers that
aren't available in Stable.
Debian does update stable when a serious issue is found that can't be
patched. However that is a vector for breakage - it wasn't that long ago
that an update to ghostscript broke a lot programs in Stable that used
it to produce PDFs. We had to choose between a security flaw or a lack
of functionality.
I'll wait until Bookworm becomes Stable to get the Samba upgrade.
>
> If it helps I can send you my notes.
>
> Rowland
>