samba - Jul 2017 - using samba with bind dlz

I am trying to setup samba as a dc using bind dlz

I'm not sure how much I need to setup on bind before I can use it. I did
the following check.

[root at dc1 ~]# named -V | sed 's/ /\n/g'| grep '\-\-' |grep -e
gssapi -e
dlopen
'--with-dlopen=yes'
'--with-gssapi=yes'

I am using the default config for samba that came with Fedora Rawhide.
I wanted to try out the newly built samba-4.7rc1 that was recently built
with ad support for it.

I'm willing to try out a few things. I'll do the internal dns if I
can't
get bind working but I wanted to try bind with dlz ike I have working in
ubuntu.

Here is what happens

[root at dc1 ~]# named -V | sed 's/ /\n/g'| grep '\-\-' |grep -e
gssapi -e
dlopen
'--with-dlopen=yes'
'--with-gssapi=yes'
[root at dc1 ~]# samba-tool domain provision --use-rfc2307 --interactive
Realm: fedora.methanemaker.mooo.com
 Domain [fedora]:
 Server Role (dc, member, standalone) [dc]:
 DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
[SAMBA_INTERNAL]: BIND9_DLZ
Administrator password:
...
everything looks good till
...
Failed to setup database for BIND, AD based DNS cannot be used
ERROR(<type 'exceptions.OSError'>): uncaught exception - [Errno 2]
No such
file or directory
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line
176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line
474, in run
    nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
  File
"/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
line 2175, in provision
    skip_sysvolacl=skip_sysvolacl)
  File
"/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
line 1836, in provision_fill
    targetdir=targetdir, fill_level=samdb_fill)
  File
"/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
line 1162, in setup_ad_dns
    hostip6=hostip6, targetdir=targetdir)
  File
"/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
line 1222, in setup_bind9_dns
    create_samdb_copy(samdb, logger, paths, names, names.domainsid,
domainguid)
  File
"/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
line 851, in create_samdb_copy
    os.path.join(dns_dir, "sam.ldb"))
  File "/usr/lib64/python2.7/site-packages/samba/tdb_util.py", line
36, in
tdb_copy
    status = subprocess.call(tdbbackup_cmd, close_fds=True, shell=False)
  File "/usr/lib64/python2.7/subprocess.py", line 168, in call
    return Popen(*popenargs, **kwargs).wait()
  File "/usr/lib64/python2.7/subprocess.py", line 390, in __init__
    errread, errwrite)
  File "/usr/lib64/python2.7/subprocess.py", line 1024, in
_execute_child
    raise child_exception

On Sun, 9 Jul 2017 18:17:01 -0600
Jeff Sadowski via samba <samba at lists.samba.org> wrote:
> I am trying to setup samba as a dc using bind dlz
> 
> I'm not sure how much I need to setup on bind before I can use it. I
> did the following check.
> 
> [root at dc1 ~]# named -V | sed 's/ /\n/g'| grep '\-\-'
|grep -e gssapi
> -e dlopen
> '--with-dlopen=yes'
> '--with-gssapi=yes'
> 
> I am using the default config for samba that came with Fedora Rawhide.
> I wanted to try out the newly built samba-4.7rc1 that was recently
> built with ad support for it.
> 
> I'm willing to try out a few things. I'll do the internal dns if I
> can't get bind working but I wanted to try bind with dlz ike I have
> working in ubuntu.
> 
> Here is what happens
> 
> [root at dc1 ~]# named -V | sed 's/ /\n/g'| grep '\-\-'
|grep -e gssapi
> -e dlopen
> '--with-dlopen=yes'
> '--with-gssapi=yes'
> [root at dc1 ~]# samba-tool domain provision --use-rfc2307 --interactive
> Realm: fedora.methanemaker.mooo.com
>  Domain [fedora]:
>  Server Role (dc, member, standalone) [dc]:
>  DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> [SAMBA_INTERNAL]: BIND9_DLZ
> Administrator password:
> ...
> everything looks good till
> ...
> Failed to setup database for BIND, AD based DNS cannot be used
> ERROR(<type 'exceptions.OSError'>): uncaught exception -
[Errno 2] No
> such file or directory
>   File
"/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
> line 176, in _run
>     return self.run(*args, **kwargs)
>   File
"/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
> line 474, in run
>     nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
>   File
> "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 2175, in provision skip_sysvolacl=skip_sysvolacl)
>   File
> "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 1836, in provision_fill targetdir=targetdir,
> fill_level=samdb_fill) File
> "/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
> line 1162, in setup_ad_dns hostip6=hostip6, targetdir=targetdir)
>   File
> "/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
> line 1222, in setup_bind9_dns create_samdb_copy(samdb, logger, paths,
> names, names.domainsid, domainguid)
>   File
> "/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
> line 851, in create_samdb_copy os.path.join(dns_dir, "sam.ldb"))
>   File "/usr/lib64/python2.7/site-packages/samba/tdb_util.py",
line
> 36, in tdb_copy
>     status = subprocess.call(tdbbackup_cmd, close_fds=True,
> shell=False) File "/usr/lib64/python2.7/subprocess.py", line 168,
in
> call return Popen(*popenargs, **kwargs).wait()
>   File "/usr/lib64/python2.7/subprocess.py", line 390, in
__init__
>     errread, errwrite)
>   File "/usr/lib64/python2.7/subprocess.py", line 1024, in
> _execute_child raise child_exception
I normally just install Bind 9, then configure it, but do not start it
before provisioning Samba.

What version of Bind is installed ?

Rowland

Bind-9.11 is installed. How do you configure it? Does it need anything
special in the config for samba to build the ...samba.../named.conf file
that I should be able to include in my /etc/named.conf afterwards?

 My guess is that some directory is missing. But if I start fresh and
configure samba with the internal dns it gets all the way through it's
configuration with no errors.

I've tried without named running and with it running and get the same
error. Mayke something missing in the python scripts building the dns file.

On Jul 10, 2017 12:48 AM, "Rowland Penny via samba" <samba at
lists.samba.org>
wrote:
> On Sun, 9 Jul 2017 18:17:01 -0600
> Jeff Sadowski via samba <samba at lists.samba.org> wrote:
>
> > I am trying to setup samba as a dc using bind dlz
> >
> > I'm not sure how much I need to setup on bind before I can use it.
I
> > did the following check.
> >
> > [root at dc1 ~]# named -V | sed 's/ /\n/g'| grep
'\-\-' |grep -e gssapi
> > -e dlopen
> > '--with-dlopen=yes'
> > '--with-gssapi=yes'
> >
> > I am using the default config for samba that came with Fedora Rawhide.
> > I wanted to try out the newly built samba-4.7rc1 that was recently
> > built with ad support for it.
> >
> > I'm willing to try out a few things. I'll do the internal dns
if I
> > can't get bind working but I wanted to try bind with dlz ike I
have
> > working in ubuntu.
> >
> > Here is what happens
> >
> > [root at dc1 ~]# named -V | sed 's/ /\n/g'| grep
'\-\-' |grep -e gssapi
> > -e dlopen
> > '--with-dlopen=yes'
> > '--with-gssapi=yes'
> > [root at dc1 ~]# samba-tool domain provision --use-rfc2307
--interactive
> > Realm: fedora.methanemaker.mooo.com
> >  Domain [fedora]:
> >  Server Role (dc, member, standalone) [dc]:
> >  DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> > [SAMBA_INTERNAL]: BIND9_DLZ
> > Administrator password:
> > ...
> > everything looks good till
> > ...
> > Failed to setup database for BIND, AD based DNS cannot be used
> > ERROR(<type 'exceptions.OSError'>): uncaught exception -
[Errno 2] No
> > such file or directory
> >   File
"/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
> > line 176, in _run
> >     return self.run(*args, **kwargs)
> >   File
"/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
> > line 474, in run
> >     nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
> >   File
> >
"/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> > line 2175, in provision skip_sysvolacl=skip_sysvolacl)
> >   File
> >
"/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> > line 1836, in provision_fill targetdir=targetdir,
> > fill_level=samdb_fill) File
> >
"/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
> > line 1162, in setup_ad_dns hostip6=hostip6, targetdir=targetdir)
> >   File
> >
"/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
> > line 1222, in setup_bind9_dns create_samdb_copy(samdb, logger, paths,
> > names, names.domainsid, domainguid)
> >   File
> >
"/usr/lib64/python2.7/site-packages/samba/provision/sambadns.py",
> > line 851, in create_samdb_copy os.path.join(dns_dir,
"sam.ldb"))
> >   File
"/usr/lib64/python2.7/site-packages/samba/tdb_util.py", line
> > 36, in tdb_copy
> >     status = subprocess.call(tdbbackup_cmd, close_fds=True,
> > shell=False) File "/usr/lib64/python2.7/subprocess.py", line
168, in
> > call return Popen(*popenargs, **kwargs).wait()
> >   File "/usr/lib64/python2.7/subprocess.py", line 390, in
__init__
> >     errread, errwrite)
> >   File "/usr/lib64/python2.7/subprocess.py", line 1024, in
> > _execute_child raise child_exception
>
> I normally just install Bind 9, then configure it, but do not start it
> before provisioning Samba.
>
> What version of Bind is installed ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba