On Mon, 29 Aug 2016 09:53:33 -0300 Maiquel Consalter <maiquelconsalter at gmail.com> wrote:> >You say you have compiled Samba yourself, so I take it that Samba is > i>nstalled at /usr/local/samba, if so, is the new samba in your PATH > i>and > >are there any OS Samba packages installed ? > I compile myself. I removed all packets for samba before start the > instalation. > My options: ./configure --sysconfdir=/etc/samba/ > --mandir=/usr/share/man/ --enable-debug --enable-selftest && make && > make instasllSo you have smb.conf at /etc/samba, the manpages at /usr/share/man and everything else at /usr/local/samba. If you open a terminal and type 'echo $PATH' , do you have '/usr/local/samba/bin:/usr/local/samba/sbin:' at the start ?> > >Is there a firewall running, if so, try turning it off // Is Selinux > running, if so, try disabling it. > setenforce 0 > service firewalld stop > service iptables stop > service ip6tables stop > systemctl disable firewalld > systemctl disable iptables > systemctl disable ip6tablesDoes this change anything ?> > >What packages did you install before compiling Samba ? > > yum install libacl-devel e2fsprogs-devel gnutls-devel readline-devel > python-devel gdb pkgconfig gcc libblkid-devel zlib-devel > setroubleshoot-server setroubleshoot-plugins policycoreutils-python > libsemanage-python setools-libs-python setools-libs popt-devel > libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel > libsepol-devel libattr-devel keyutils-libs-devel cyrus-sasl-devel > krb5-workstation perl openldap-devel bind bind-sdbIf you look here: https://wiki.samba.org/index.php/Operating_system_requirements/Dependencies_-_Libraries_and_programs#Red_Hat_Enterprise_Linux_.2F_CentOS_.2F_Scientific_Linux and compare it with your list, there are these extra packages: attr libaio-devel perl-ExtUtils-MakeMaker perl-Parse-Yapp perl-Test-Base cups-devel bind-utils libxslt docbook-style-xsl autoconf python-crypto pam-devel These may be packages that are already installed, but I suggest you try to install them and if any get installed, you will have to recompile Samba. Rowland
> >You say you have compiled Samba yourself, so I take it that Samba is > i>nstalled at /usr/local/samba, if so, is the new samba in your PATH > i>and > >are there any OS Samba packages installed ? > I compile myself. I removed all packets for samba before start the > instalation. > My options: ./configure --sysconfdir=/etc/samba/ > --mandir=/usr/share/man/ --enable-debug --enable-selftest && make && > make instasll> So you have smb.conf at /etc/samba, the manpages at /usr/share/man and > everything else at /usr/local/samba. > If you open a terminal and type 'echo $PATH' , do you have > '/usr/local/samba/bin:/usr/local/samba/sbin:' at the start ?Follow my echo $PATH => usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/samba/bin:/usr/local/samba/sbin:/root/bin> > >Is there a firewall running, if so, try turning it off // Is Selinux > running, if so, try disabling it. > setenforce 0 > service firewalld stop > service iptables stop > service ip6tables stop > systemctl disable firewalld > systemctl disable iptables > systemctl disable ip6tables> Does this change anything ?No, i just stop the problem it´s the same.> > >What packages did you install before compiling Samba ? > > yum install libacl-devel e2fsprogs-devel gnutls-devel readline-devel > python-devel gdb pkgconfig gcc libblkid-devel zlib-devel > setroubleshoot-server setroubleshoot-plugins policycoreutils-python > libsemanage-python setools-libs-python setools-libs popt-devel > libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel > libsepol-devel libattr-devel keyutils-libs-devel cyrus-sasl-devel > krb5-workstation perl openldap-devel bind bind-sdb> If you look here:> and compare it with your list, there are these extra packages:> attr libaio-devel perl-ExtUtils-MakeMaker perl-Parse-Yapp perl-Test-Base > cups-devel bind-utils libxslt docbook-style-xsl autoconf python-crypto > pam-devel> These may be packages that are already installed, but I suggest you try > to install them and if any get installed, you will have to recompileOk, I will install and recompile the samba. Soon i will give feedback for you. Tks. 2016-08-29 10:24 GMT-03:00 Rowland Penny via samba <samba at lists.samba.org>:> On Mon, 29 Aug 2016 09:53:33 -0300 > Maiquel Consalter <maiquelconsalter at gmail.com> wrote: > > > >You say you have compiled Samba yourself, so I take it that Samba is > > i>nstalled at /usr/local/samba, if so, is the new samba in your PATH > > i>and > > >are there any OS Samba packages installed ? > > I compile myself. I removed all packets for samba before start the > > instalation. > > My options: ./configure --sysconfdir=/etc/samba/ > > --mandir=/usr/share/man/ --enable-debug --enable-selftest && make && > > make instasll > > So you have smb.conf at /etc/samba, the manpages at /usr/share/man and > everything else at /usr/local/samba. > If you open a terminal and type 'echo $PATH' , do you have > '/usr/local/samba/bin:/usr/local/samba/sbin:' at the start ? > > > > > >Is there a firewall running, if so, try turning it off // Is Selinux > > running, if so, try disabling it. > > setenforce 0 > > service firewalld stop > > service iptables stop > > service ip6tables stop > > systemctl disable firewalld > > systemctl disable iptables > > systemctl disable ip6tables > > Does this change anything ? > > > > > >What packages did you install before compiling Samba ? > > > > yum install libacl-devel e2fsprogs-devel gnutls-devel readline-devel > > python-devel gdb pkgconfig gcc libblkid-devel zlib-devel > > setroubleshoot-server setroubleshoot-plugins policycoreutils-python > > libsemanage-python setools-libs-python setools-libs popt-devel > > libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel > > libsepol-devel libattr-devel keyutils-libs-devel cyrus-sasl-devel > > krb5-workstation perl openldap-devel bind bind-sdb > > If you look here: > > https://wiki.samba.org/index.php/Operating_system_ > requirements/Dependencies_-_Libraries_and_programs#Red_ > Hat_Enterprise_Linux_.2F_CentOS_.2F_Scientific_Linux > > and compare it with your list, there are these extra packages: > > attr libaio-devel perl-ExtUtils-MakeMaker perl-Parse-Yapp perl-Test-Base > cups-devel bind-utils libxslt docbook-style-xsl autoconf python-crypto > pam-devel > > These may be packages that are already installed, but I suggest you try > to install them and if any get installed, you will have to recompile > Samba. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Att, Maiquel
On Mon, 29 Aug 2016 10:48:15 -0300 Maiquel Consalter <maiquelconsalter at gmail.com> wrote:> usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/samba/bin:/usr/local/samba/sbin:/root/binYour PATH should start with '/usr/local/samba/bin:/usr/local/samba/sbin' That way you are certain to use the Samba components you have compiled. Rowland
On Mon, 29 Aug 2016 13:20:48 -0300 Maiquel Consalter <maiquelconsalter at gmail.com> wrote: OK, you now have samba compiled correctly (if it wasn't before), you have turned off the firewall and selinux and you use bind9 as the dns server. It should work ok, but it obviously doesn't. Can we recap some settings etc and get them all in the same place. I know you will have posted most of them already, but they are scattered in several posts. How did you provision samba, what were the exact commands used ? please post the following: /etc/resolv.conf /etc/hosts /etc/hostname /etc/named.conf or /etc/named/named.conf /etc/krb5.conf If you need to, change the names and IPs, but please use the same ones. Finally (for the time being) can you check if there is another kerberos server running on the DC (just to rulle it out). Rowland
Let-me explain my environment. I have 3 DCI 105 (Principal) 106 and 101 (where i use for test). All DC its CPU for grow up for 100%. I just make the change in one DC, not all ok ?> How did you provision samba, what were the exact commands used ?samba-tool domain provision --realm=DOMAIN.BR --domain=DOMAIN --server-role=dc --adminpass=pwd> /etc/resolv.confsearch domain.br nameserver 10.10.10.105 nameserver 10.10.10.106> /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.101 dc-server4.domain.br dc-server4 !> /etc/hostnamedc-server4.domain.br ! /etc/named.conf or /etc/named/named.conf I dont have named configured in this DC, i put the dns forwarder 10.10.10.11.> /etc/krb5.conflibdefaults] dns_lookup_realm = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true rdns = false default_ccache_name = KEYRING:persistent:%{uid} dns_lookup_kdc = true default_realm = DOMAIN.BR !> smb.conf# Global parameters [global] bind interfaces only = Yes interfaces = lo ens32 netbios name = DC-SERVER4 realm = DOMAIN.BR dns forwarder = 10.10.10.11 workgroup = DOMAIN.BR server role = active directory domain controller ldap server require strong auth = no comment log level = 3 log file = /var/log/samba.log [netlogon] path = /usr/local/samba/var/locks/sysvol/DOMAIN.BR/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No !>Finally (for the time being) can you check if there is another kerberos >server running on the DC (just to rulle it out).Ticket cache: KEYRING:persistent:0:0 Default principal: administrator at DOMAIN.BR Valid starting Expires Service principal 29-08-2016 11:26:41 29-08-2016 21:26:41 krbtgt/DOMAIN.BR at DOMAIN.BR renew until 05-09-2016 11:26:34 Some errors: 2016/08/29 14:19:11.836901, 3] ../source4/auth/ntlm/auth.c:675(auth_register) AUTH backend 'winbind_wbclient' registered [2016/08/29 14:19:11.836940, 3] ../source4/auth/ntlm/auth.c:675(auth_register) AUTH backend 'name_to_ntstatus' registered [2016/08/29 14:19:11.836969, 3] ../source4/auth/ntlm/auth.c:675(auth_register) AUTH backend 'unix' registered [2016/08/29 14:19:11.844165, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection) Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED' [2016/08/29 14:19:11.844364, 3] ../source4/smbd/process_single.c:114(single_terminate) single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED] [2016/08/29 14:19:11.847261, 3] ../libcli/auth/schannel_state_tdb.c:121(schannel_store_session_key_tdb) schannel_store_session_key_tdb: stored schannel info with key SECRETS/SCHANNEL/292929 [2016/08/29 14:19:11.849417, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2016/08/29 14:19:11.855367, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2016/08/29 14:19:11.856999, 3] ../libcli/auth/schannel_state_tdb.c:190(schannel_fetch_session_key_tdb) schannel_fetch_session_key_tdb: restored schannel info key SECRETS/SCHANNEL/292929 [2016/08/29 14:19:11.861331, 3] ../source3/smbd/negprot.c:711(reply_negprot) Selected protocol SMB 2.??? [2016/08/29 14:22:57.715099, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_OBJECT_PATH_NOT_FOUND] || at ../source3/smbd/smb2_create.c:293 [2016/08/29 14:22:57.828768, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_OBJECT_NAME_NOT_FOUND] || at ../source3/smbd/smb2_create.c:293 [2016/08/29 14:23:11.282681, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_OBJECT_PATH_NOT_FOUND] || at ../source3/smbd/smb2_create.c:293 [2016/08/29 14:23:19.261429, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[5] status[STATUS_NO_MORE_FILES] || at ../source3/smbd/smb2_query_directory.c:154 [2016/08/29 14:23:19.687733, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[9] status[NT_STATUS_INFO_LENGTH_MISMATCH] || at ../source3/smbd/smb2_query_directory.c:154 [2016/08/29 14:23:19.974391, 3] ../source3/smbd/smb2_server.c:3098(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[5] status[STATUS_NO_MORE_FILES] || at ../source3/smbd/smb2_query_directory.c:154 2016-08-29 13:40 GMT-03:00 Rowland Penny via samba <samba at lists.samba.org>:> On Mon, 29 Aug 2016 13:20:48 -0300 > Maiquel Consalter <maiquelconsalter at gmail.com> wrote: > > OK, you now have samba compiled correctly (if it wasn't before), you > have turned off the firewall and selinux and you use bind9 as the dns > server. It should work ok, but it obviously doesn't. > > Can we recap some settings etc and get them all in the same place. I > know you will have posted most of them already, but they are scattered > in several posts. > > How did you provision samba, what were the exact commands used ? > > please post the following: > > /etc/resolv.conf > /etc/hosts > /etc/hostname > /etc/named.conf or /etc/named/named.conf > /etc/krb5.conf > > If you need to, change the names and IPs, but please use the same ones. > > Finally (for the time being) can you check if there is another kerberos > server running on the DC (just to rulle it out). > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Att, Maiquel