I run 2 DCs at a site, Debian 12.5, so far samba-4.19.6 from backports. Today I upgraded one of them, this brought samba-4.20.1 Now on this one DC stuff like "wbinfo -g" fails: # wbinfo -g could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE could not obtain winbind domain name! failed to call wbcListGroups: WBC_ERR_WINBIND_NOT_AVAILABLE Error looking up domain groups # wbinfo -t could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE could not obtain winbind domain name! checking the trust secret for domain (null) via RPC calls failed failed to call wbcCheckTrustCredentials: WBC_ERR_WINBIND_NOT_AVAILABLE Could not check secret On the other DC things work fine and so far no user has alerted me ... winbind is installed, but somehow not started by "samba-ad-dc". What can I do here? thanks btw: drs replication also seems to fail in some parts
Sorry, here the conf: # testparm -s Load smb config files from /etc/samba/smb.conf Loaded services file OK. Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback) Server role: ROLE_ACTIVE_DIRECTORY_DC # Global parameters [global] dns forwarder = 8.8.8.8 ldap server require strong auth = No load printers = No passdb backend = samba_dsdb printcap name = /dev/null realm = MYTLD.AT server role = active directory domain controller template shell = /bin/bash usershare path workgroup = BUERO rpc_server:tcpip = no rpc_daemon:spoolssd = embedded rpc_server:spoolss = embedded rpc_server:winreg = embedded rpc_server:ntsvcs = embedded rpc_server:eventlog = embedded rpc_server:srvsvc = embedded rpc_server:svcctl = embedded rpc_server:default = external winbindd:use external pipes = true sdb:schema update allowed = no idmap config * : backend = tdb map archive = No vfs objects = dfs_samba4 acl_xattr [netlogon] path = /var/lib/samba/sysvol/mytld.at/scripts read only = No acl_xattr:ignore system acls = Yes [sysvol] path = /var/lib/samba/sysvol read only = No acl_xattr:ignore system acls = Yes [rsnapshots] path = /mnt/rsnapshots/rsnapshots valid users = @rsnapshots
07.06.2024 09:39, Stefan G. Weichinger via samba wrote:> I run 2 DCs at a site, Debian 12.5, so far samba-4.19.6 from backports. > > Today I upgraded one of them, this brought samba-4.20.1 > > Now on this one DC stuff like "wbinfo -g" fails: > > # wbinfo -g > could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE > could not obtain winbind domain name! > failed to call wbcListGroups: WBC_ERR_WINBIND_NOT_AVAILABLE > Error looking up domain groups > > # wbinfo -t > could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE > could not obtain winbind domain name! > checking the trust secret for domain (null) via RPC calls failed > failed to call wbcCheckTrustCredentials: WBC_ERR_WINBIND_NOT_AVAILABLE > Could not check secret > > On the other DC things work fine and so far no user has alerted me ... > > winbind is installed, but somehow not started by "samba-ad-dc".Please check version of samba-ad-dc package, - is it the same as other samba package versions? Did samba-ad-dc start at all? /mjt -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt