Hi,
Not sure sernet can help. It really looks like a samba issue to me..?
Just found this in logs when starting the RODC :
[2018/06/13 10:59:11.546077, 3, pid=12673, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:291(samba_runcmd_io_handler)
samba_runcmd_io_handler: Child /usr/sbin/winbindd exited 1
[2018/06/13 10:59:11.546131, 0, pid=12673, effective(0, 0), real(0, 0)]
../source4/winbind/winbindd.c:47(winbindd_done)
winbindd daemon died with exit status 1
[2018/06/13 10:59:11.546268, 0, pid=12673, effective(0, 0), real(0, 0)]
../source4/smbd/service_task.c:36(task_server_terminate)
task_server_terminate: task_server_terminate: [winbindd child process exited]
But no details about the crash :-/
----- Mail original -----
De: "L.P.H. van Belle via samba" <samba at lists.samba.org>
À: samba at lists.samba.org
Envoyé: Mercredi 13 Juin 2018 10:49:10
Objet : Re: [Samba] Samba 4.8 RODC not working
 If its really urgent then u would really suggest, invest in samba a bit and
pay them to get this working.
Thats what sernet can do for you. Get commercial support.
Im pretty much out of options, execpt upgrade to 4.8 and try it again.
Greetz,
Louis
Van: Gaetan SLONGO [mailto:gslongo at it-optics.com]
Verzonden: woensdag 13 juni 2018 10:40
Aan: Rowland Penny; L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Samba 4.8 RODC not working
Hi Louis, Hi Rowland,
I will respond to both in this mail.
Yes winbind is installed :
[root at dmzrodc ~]# which winbindd
/usr/sbin/winbindd
[root at dmzrodc ~]# rpm -qa |grep winbind
sernet-samba-winbind-4.8.2-10.el7.x86_64
I know about *mbd processes. so strange.. This is why I'm posting here :-)
I joined the RODC following the procedure available on the wiki page
https://wiki.samba.org/index.php/Join_a_domain_as_a_RODC :
samba-tool domain join ads.MYDOMAIN.be RODC -U MYDOMAIN\\Administrator
--dns-backend=SAMBA_INTERNAL
This is a Samba AD domain. But other DC are 4.7.7. Cannot upgrade to 4.8 but I
don't think this is the issue. I had exactly same issue with 4.6 and 4.7
versions where a dev told me to wait for next release to get better RODC
support. This did not solved the issue and it becomes "urgent" to have
this RODC :-(
Thanks !
De: "Rowland Penny via samba" <samba at lists.samba.org>
À: samba at lists.samba.org
Envoyé: Mercredi 13 Juin 2018 10:27:21
Objet : Re: [Samba] Samba 4.8 RODC not working
On Wed, 13 Jun 2018 10:05:23 +0200 (CEST)
Gaetan SLONGO <gslongo at it-optics.com> wrote:
> Hi Rowland,
>
>
> Same, as said; winbind isn't started :-)
>
>
>
> [root at dmzrodc ~]# ps ax | egrep "ntp|bind|named|samba|?mbd"
> 650 ? Ss 0:00 /usr/sbin/ntpd -u ntp:ntp -g
> 1205 ? Ss 0:00 /usr/sbin/samba -D
> 1225 ? S 0:00 /usr/sbin/samba -D
> 1226 ? S 0:00 /usr/sbin/samba -D
> 1227 ? S 0:00 /usr/sbin/samba -D
> 1228 ? S 0:00 /usr/sbin/samba -D
> 1229 ? S 0:00 /usr/sbin/samba -D
> 1230 ? S 0:00 /usr/sbin/samba -D
> 1231 ? S 0:00 /usr/sbin/samba -D
> 1232 ? S 0:00 /usr/sbin/samba -D
> 1233 ? S 0:00 /usr/sbin/samba -D
> 1235 ? S 0:00 /usr/sbin/samba -D
> 1236 ? S 0:00 /usr/sbin/samba -D
> 1237 ? S 0:00 /usr/sbin/samba -D
> 1238 ? S 0:00 /usr/sbin/samba -D
> 12187 pts/0 S+ 0:00 grep -E --color=auto ntp|bind|named|samba|?mbd
>
The output when I run the command is this:
ps ax | egrep "ntp|bind|named|samba|?mbd"
1544 ? Ssl 18:58 /usr/sbin/named -u bind
7142 ? S 0:00 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
7184 ? S 0:00 samba: conn[rpc] c[ipv4:192.168.0.53:36870]
s[ipv4:192.168.0.6:49153] server_id[7184]
11917 ? Ss 0:00 /sbin/rpcbind -w
16828 pts/0 R+ 0:00 grep -E ntp|bind|named|samba|?mbd
23980 ? Ss 0:00 samba: root process
23998 ? S 0:00 samba: task[s3fs_parent]
23999 ? S 2:45 samba: task[dcesrv]
24000 ? S 0:00 samba: tfork waiter process
24001 ? S 0:03 samba: task[nbtd]
24002 ? Ss 0:01 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
24003 ? S 0:00 samba: task[wrepl]
24004 ? S 0:01 samba: task[ldapsrv]
24005 ? S 0:02 samba: task[cldapd]
24006 ? S 0:08 samba: conn[kdc_tcp] c[ipv4:192.168.0.88:40340]
s[ipv4:192.168.0.6:88] server_id[24006.42]
24007 ? S 5:47 samba: task[dreplsrv]
24008 ? S 0:00 samba: task[winbindd_parent]
24009 ? S 0:00 samba: tfork waiter process
24010 ? S 0:00 samba: task[ntp_signd]
24011 ? S 0:06 samba: task[kccsrv]
24012 ? Ss 0:49 /usr/sbin/winbindd -D --option=server role check:inhibit=yes
--foreground
24013 ? S 0:16 samba: task[dnsupdate]
24020 ? S 0:00 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
24021 ? S 0:00 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
24022 ? S 0:01 winbindd: domain child [SAMDOM]
24023 ? S 0:00 winbindd: idmap child
24039 ? S 0:00 winbindd: domain child [BUILTIN]
The out put of 'pstree', produces this (cropped):
init─┬─chronyd
├─named───4*[{named}]
├─samba─┬─samba───samba───smbd─┬─cleanupd
│ │ ├─smbd
│ │ └─smbd-notifyd
│ ├─2*[samba───samba]
│ ├─8*[samba]
│ └─samba───samba───winbindd───3*[winbindd]
Not only is 'winbind' not running on your DC, it looks like
'smbd'
isn't either.
How did you join the RODC to the domain ?
What is the domain (Samba or Windows) ?
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
www.it-optics.com
Gaëtan SLONGO | Head of Infrastructure Department
Boulevard Initialis, 28 - 7000 Mons, BELGIUM
Company : +32 (0)65 84 23 85
Direct : +32 (0)65 32 85 88
Fax : +32 (0)65 84 66 76
Skype ID : gslongo.pro
GPG Key : gslongo-gpg_key.asc
- Please consider your environmental responsibility before printing this e-mail
-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
www.it-optics.com
Gaëtan SLONGO | Head of Infrastructure Department
Boulevard Initialis, 28 - 7000 Mons, BELGIUM
Company : +32 (0)65 84 23 85
Direct : +32 (0)65 32 85 88
Fax : +32 (0)65 84 66 76
Skype ID : gslongo.pro
GPG Key : gslongo-gpg_key.asc
- Please consider your environmental responsibility before printing this e-mail
-