Hénoch Hervé
2017-Jun-29 07:22 UTC
[Samba] Must put "server role check:inhibit = yes" in smb.conf
Hello, We have followed the migration from samba4.2 to samba4.6 from "http://samba.2283325.n4.nabble.com/Debian-Jessie-samba-4-5-8-2-4-5-10-4-6-5-available-td4719912.html" (van-belle) But we must put in smb.conf this instruction : "server role check:inhibit = yes". if not, nmbd fails to start. Why ? Regard
Andrew Bartlett
2017-Jun-29 08:18 UTC
[Samba] Must put "server role check:inhibit = yes" in smb.conf
On Thu, 2017-06-29 at 09:22 +0200, Hénoch Hervé via samba wrote:> Hello, > > We have followed the migration from samba4.2 to samba4.6 from > "http://samba.2283325.n4.nabble.com/Debian-Jessie-samba-4-5-8-2-4-5-10-4-6-5-available-td4719912.html" > (van-belle) > > But we must put in smb.conf this instruction : "server role > check:inhibit = yes". > > if not, nmbd fails to start. > > Why ?Why are you trying to run nmbd on the AD DC? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Rowland Penny
2017-Jun-29 09:05 UTC
[Samba] Must put "server role check:inhibit = yes" in smb.conf
On Thu, 29 Jun 2017 09:22:10 +0200 Hénoch Hervé via samba <samba at lists.samba.org> wrote:> Hello, > > We have followed the migration from samba4.2 to samba4.6 from > "http://samba.2283325.n4.nabble.com/Debian-Jessie-samba-4-5-8-2-4-5-10-4-6-5-available-td4719912.html" > (van-belle) > > But we must put in smb.conf this instruction : "server role > check:inhibit = yes". > > if not, nmbd fails to start. > > Why ? > > Regard > >Sounds like you are running a DC, you cannot run 'nmbd' on a DC, but can you post your smb.conf, you may also have other things in it you shouldn't have. Rowland
Hénoch Hervé
2017-Jun-29 09:23 UTC
[Samba] Must put "server role check:inhibit = yes" in smb.conf
Hello Andrew I'm trying nothing ! But when I do /etc/init.d/samba restart i've the problem that you can see on the screenshot. nbmd is not necessary on a AD DC ? Regard Le 29/06/2017 à 10:18, Andrew Bartlett a écrit :> On Thu, 2017-06-29 at 09:22 +0200, Hénoch Hervé via samba wrote: >> Hello, >> >> We have followed the migration from samba4.2 to samba4.6 from >> "http://samba.2283325.n4.nabble.com/Debian-Jessie-samba-4-5-8-2-4-5-10-4-6-5-available-td4719912.html" >> (van-belle) >> >> But we must put in smb.conf this instruction : "server role >> check:inhibit = yes". >> >> if not, nmbd fails to start. >> >> Why ? > Why are you trying to run nmbd on the AD DC? > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba >
Rowland Penny
2017-Jun-29 11:31 UTC
[Samba] Must put "server role check:inhibit = yes" in smb.conf
On Thu, 29 Jun 2017 12:55:46 +0200 Hénoch Hervé <h.henoch at isc84.org> wrote:> Yes i'm on a AD DC. When I have installed AD DC two years ago and > "apt-get install" has installed on the system nmbd (jessie). >Ok, put your smb.conf back to this: [global] workgroup = SC1 realm = sc1.local netbios name = VSPDC1 server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate idmap_ldb:use rfc2307 = yes log level = 2 printcap name = /dev/null load printers = no [netlogon] path = /var/lib/samba/sysvol/sc.local/scripts read only = No [sysvol] path = /var/lib/samba/sysvol read only = No [partage] path = /opt/partage read only = no NOTE: if '.local' is your TLD, stop Avahi if it is running, alter the 'hosts' line in /etc/nsswitch.conf to this: hosts: files dns You should not let your OS start Samba using the 'samba' init script, use the 'samba-ad-dc' init script instead. If you haven't got it yet, you cannot run 'nmbd' on a Samba AD DC. Rowland
Hénoch Hervé
2017-Jun-29 11:37 UTC
[Samba] Must put "server role check:inhibit = yes" in smb.conf
Sorry what means TLD ? Le 29/06/2017 à 13:31, Rowland Penny via samba a écrit :> On Thu, 29 Jun 2017 12:55:46 +0200 > Hénoch Hervé <h.henoch at isc84.org> wrote: > >> Yes i'm on a AD DC. When I have installed AD DC two years ago and >> "apt-get install" has installed on the system nmbd (jessie). >> > Ok, put your smb.conf back to this: > > [global] > workgroup = SC1 > realm = sc1.local > netbios name = VSPDC1 > server role = active directory domain controller > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate > idmap_ldb:use rfc2307 = yes > log level = 2 > printcap name = /dev/null > load printers = no > > [netlogon] > path = /var/lib/samba/sysvol/sc.local/scripts > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > > [partage] > path = /opt/partage > read only = no > > NOTE: if '.local' is your TLD, stop Avahi if it is running, alter the > 'hosts' line in /etc/nsswitch.conf to this: > > hosts: files dns > > You should not let your OS start Samba using the 'samba' init script, > use the 'samba-ad-dc' init script instead. > If you haven't got it yet, you cannot run 'nmbd' on a Samba AD DC. > > Rowland >