On 10/10/2015 09:05 AM, Rowland Penny wrote:> On 10/10/15 13:44, Steve Ankeny wrote:
>> I have an existing Samba-AD-DC built from Inverse packages,
>> v.4.1.18+dfsg-3~inverse1
>>
>> I have OpenChangeServer installed on that machine, v.2.4-zentyal6
>>
>> When I start OpenChange, it "shuts down" my Samba-AD-DC so
that no
>> one can login.
>>
>> To troubleshoot my problem, I've built a "new"
Samba-AD-DC from the
>> same Inverse packages, but I see a slight difference in the installed
>> packages, and my question is whether they might be causing my problem.
>>
>> *Specifically, could the presence of 'winbind' be causing my
problem?*
>>
>> on the original server (with the OpenChange problem) --
>>
>> adam at sogo:~$ sudo dpkg --get-selections | egrep
'samba|smb|nmb|winbind'
>> libnss-winbind:amd64 install
>> libpam-winbind:amd64 install
>> libsmbclient:amd64 install
>> python-samba install
>> samba install
>> samba-common install
>> samba-common-bin install
>> samba-dev install
>> samba-dsdb-modules install
>> samba-libs:amd64 install
>> samba-vfs-modules install
>> smbclient install
>> winbind install
>> adam at sogo:~$
>>
>> on the "new" server (without OpenChange at the moment) --
>>
>> adam at eagle:~$ sudo dpkg --get-selections | egrep
'samba|smb|nmb|winbind'
>> python-samba install
>> samba install
>> samba-common install
>> samba-common-bin install
>> samba-dev install
>> samba-dsdb-modules install
>> samba-libs:amd64 install
>> samba-vfs-modules install
>> adam at eagle:~$
>>
>> The difference is in the 'winbind' and 'smbclient'
packages.
>>
>> I realize that Samba-AD-DC runs its own version of 'winbind'
and I'm
>> not currently using it otherwise.
>>
>> on the original server --
>>
>> adam at sogo:~$ ./samba
>> nmbd start/running
>> winbind stop/waiting
>> smbd stop/waiting
>> reload-smbd stop/waiting
>> samba-ad-dc start/running, process 927
>> adam at sogo:~$
>>
>> on the "new" server --
>>
>> adam at eagle:~$ ./samba
>> nmbd start/running
>> smbd stop/waiting
>> reload-smbd stop/waiting
>> samba-ad-dc start/running, process 889
>> adam at eagle:~$
>>
>>
>
> Having a package installed is a lot different from the binaries it
> contains being run, what does 'ps ax | grep [w]inbind' return?
>
> What is your 'server services' line in smb.conf and what are the
> openchange lines in smb.conf
>
> Rowland
>
>
>
on the original server --
adam at sogo:~$ sudo ps ax | grep [w]inbind
adam at sogo:~$ sudo ps ax | grep winbind
6241 pts/0 S+ 0:00 grep --color=auto winbind
adam at sogo:~$
adam at sogo:~$ cat /etc/samba/smb.conf
# Global parameters
[global]
workgroup = SMBDOMAIN
realm = smbdomain.com
netbios name = SOGO
server role = active directory domain controller
dns forwarder = 192.168.121.1
idmap_ldb:use rfc2307 = yes
passdb backend = samba
allow dns updates = nonsecure
### Configuration required by OpenChange server ###
dsb:schema update allowed = true
#dcerpc endpoint servers = +mapiproxy
#dcerpc endpoint servers = +epmapper, +mapiproxy
#dcerpc_mapiproxy:server = true
#dcerpc_mapiproxy:interfaces = exchange_emsmdb, exchange_nsp,
exchange_ds_rfr
### Configuration required by OpenChange server ###
mapistore:namedproperties = mysql
namedproperties:mysql_user = openchange-user
namedproperties:mysql_pass = $Passwd
namedproperties:mysql_host = localhost
namedproperties:mysql_db = openchange
mapistore:indexing_backend =
mysql://openchange-user:$Passwd at localhost/openchange
mapiproxy:openchangedb =
mysql://openchange-user:$Passwd at localhost/openchange
[netlogon]
path = /var/lib/samba/sysvol/smbdomain.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
adam at sogo:~$
It's when I "uncomment" the DCERPC lines that OpenChange
"shuts down"
Samba-AD-DC
So, the answer to the question is the 'winbind' binary is NOT running
(thx for that)
On the SOGo mailing list, someone suggested "de-provisioning" a
non-working OpenChange server and starting again. I just wanted to know
if the 'winbind' packages might hinder what I'm trying to do.
Otherwise, I'm continuing to build the "side-by-side" server (at
Ludovic's suggestion)
thx, Rowland I've learned I can always count on your insight.