Thanks Louis; /etc/krb5.conf [libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = true /etc/resolv.conf search example.com nameserver 192.168.50.40 /etc/hosts 127.0.0.1 localhost samba4.example.com 192.168.50.40 samba4.example.com samba4 ldap.example.com Output off: samba-tool dbcheck --cross-ncs NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com Not fixing old string component NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com Not fixing old string component Checked 3626 objects (0 errors) Something interesting: if I run samba -i outside systemd workf fine... weird, I see that systemd run: ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS Thanks in advance! El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (< samba at lists.samba.org>) escribió:> Hai, > > Can you post > /etc/krb5.conf > /etc/resolv.conf > /etc/hosts > > Output off: > samba-tool dbcheck --cross-ncs > > And last question, are there any DC removed from the domain. > > > 50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> > 192.168.50.40] > My guess here the UUID is a removed DC. > > You samba config looks fine to me. > > Greetz, > > Louis > > > > > -----Oorspronkelijk bericht----- > > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > > Sergio Belkin via samba > > Verzonden: woensdag 12 december 2018 13:25 > > Aan: samba at lists.samba.org > > Onderwerp: [Samba] Problem after upgrading to 4.9 > > > > Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to > > samba 4.9 but > > now it fails, these are the errors: > > > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > > 09:14:49.372290, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: > > /usr/sbin/samba_dnsupdate: Failed to bind to uuid > > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for > > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4 > -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] > > NT_STATUS_LOGON_FAILURE > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > > 09:14:49.372338, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: > > /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server > > 192.168.50.40 failed with (3221225581, 'The attempted logon > > is invalid. > > This is either due to a bad username or authentication information.') > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > > 09:14:49.381318, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: > > /usr/sbin/samba_dnsupdate: Failed to bind to uuid > > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for > > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4 > -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] > > NT_STATUS_LOGON_FAILURE > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > > 09:14:49.381385, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > > > I've no modified the smb.conf which is: > > > > [global] > > dns forwarder = 8.8.8.8 > > netbios name = SAMBA4 > > realm = EXAMPLE.COM > > interfaces = lo eth0 > > server role = active directory domain controller > > workgroup = EXAMPLE > > idmap_ldb:use rfc2307 = yes > > # Audit settings > > full_audit:prefix = %u|%I|%m|%S > > full_audit:failure = connect > > full_audit:success = mkdir rmdir read pread write pwrite > > rename unlink > > full_audit:facility = local5 > > full_audit:priority = notice > > # TLS settings > > tls enabled = yes > > tls certfile = tls/ldap.example-aid.com/fullchain.pem > > tls keyfile = tls/ldap.example-aid.com/privkey.pem > > tls cafile > > #log auth > > log level = 1 auth_audit:3 auth_json_audit:3 > > [netlogon] > > path = /var/lib/samba/sysvol/example-aid.com/scripts > > read only = No > > [sysvol] > > path = /var/lib/samba/sysvol > > read only = No > > [lab] > > path = /srv/samba/lab > > read only = no > > vfs objects = full_audit > > > > I cannot even 'to kinit', I get: > > kinit: krb5_get_init_creds: unable to reach any KDC in realm > > EXAMPLE.COM > > > > Please could you help me? > > > > Thanks in advance... > > > > > > > > > > > > > > > > Thanks in advance > > -- > > -- > > Sergio Belkin > > LPIC-2 Certified - http://www.lpi.org > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba-- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
Well, really weird for me. I've interruped the inteactive samba, run again with systemd, and now it works.... hehehe, don't now why.... happy, but I don't know why now it works again.... El mié., 12 dic. 2018 a las 10:07, Sergio Belkin (<sebelk at gmail.com>) escribió:> Thanks Louis; > > > /etc/krb5.conf > > [libdefaults] > default_realm = EXAMPLE.COM > dns_lookup_realm = false > dns_lookup_kdc = true > > > /etc/resolv.conf > > search example.com > nameserver 192.168.50.40 > > /etc/hosts > > > 127.0.0.1 localhost samba4.example.com > 192.168.50.40 samba4.example.com samba4 ldap.example.com > > > Output off: > samba-tool dbcheck --cross-ncs > > NOTE: old (due to rename or delete) DN string component for > lastKnownParent in object > DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted > Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - > DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com > Not fixing old string component > NOTE: old (due to rename or delete) DN string component for > lastKnownParent in object > DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted > Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - > DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com > > Not fixing old string component > Checked 3626 objects (0 errors) > > Something interesting: if I run samba -i outside systemd workf fine... > weird, I see that systemd run: > ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS > > > Thanks in advance! > > El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (< > samba at lists.samba.org>) escribió: > >> Hai, >> >> Can you post >> /etc/krb5.conf >> /etc/resolv.conf >> /etc/hosts >> >> Output off: >> samba-tool dbcheck --cross-ncs >> >> And last question, are there any DC removed from the domain. >> >> >> 50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> >> 192.168.50.40] >> My guess here the UUID is a removed DC. >> >> You samba config looks fine to me. >> >> Greetz, >> >> Louis >> >> >> >> > -----Oorspronkelijk bericht----- >> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> > Sergio Belkin via samba >> > Verzonden: woensdag 12 december 2018 13:25 >> > Aan: samba at lists.samba.org >> > Onderwerp: [Samba] Problem after upgrading to 4.9 >> > >> > Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to >> > samba 4.9 but >> > now it fails, these are the errors: >> > >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >> > 09:14:49.372290, 0] >> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: >> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid >> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for >> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4 >> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] >> > NT_STATUS_LOGON_FAILURE >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >> > 09:14:49.372338, 0] >> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: >> > /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server >> > 192.168.50.40 failed with (3221225581, 'The attempted logon >> > is invalid. >> > This is either due to a bad username or authentication information.') >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >> > 09:14:49.381318, 0] >> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: >> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid >> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for >> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4 >> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] >> > NT_STATUS_LOGON_FAILURE >> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >> > 09:14:49.381385, 0] >> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >> > >> > I've no modified the smb.conf which is: >> > >> > [global] >> > dns forwarder = 8.8.8.8 >> > netbios name = SAMBA4 >> > realm = EXAMPLE.COM >> > interfaces = lo eth0 >> > server role = active directory domain controller >> > workgroup = EXAMPLE >> > idmap_ldb:use rfc2307 = yes >> > # Audit settings >> > full_audit:prefix = %u|%I|%m|%S >> > full_audit:failure = connect >> > full_audit:success = mkdir rmdir read pread write pwrite >> > rename unlink >> > full_audit:facility = local5 >> > full_audit:priority = notice >> > # TLS settings >> > tls enabled = yes >> > tls certfile = tls/ldap.example-aid.com/fullchain.pem >> > tls keyfile = tls/ldap.example-aid.com/privkey.pem >> > tls cafile >> > #log auth >> > log level = 1 auth_audit:3 auth_json_audit:3 >> > [netlogon] >> > path = /var/lib/samba/sysvol/example-aid.com/scripts >> > read only = No >> > [sysvol] >> > path = /var/lib/samba/sysvol >> > read only = No >> > [lab] >> > path = /srv/samba/lab >> > read only = no >> > vfs objects = full_audit >> > >> > I cannot even 'to kinit', I get: >> > kinit: krb5_get_init_creds: unable to reach any KDC in realm >> > EXAMPLE.COM >> > >> > Please could you help me? >> > >> > Thanks in advance... >> > >> > >> > >> > >> > >> > >> > >> > Thanks in advance >> > -- >> > -- >> > Sergio Belkin >> > LPIC-2 Certified - http://www.lpi.org >> > -- >> > To unsubscribe from this list go to the following URL and read the >> > instructions: https://lists.samba.org/mailman/options/samba >> > >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba > > > > -- > -- > Sergio Belkin > LPIC-2 Certified - http://www.lpi.org >-- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
On Wed, 12 Dec 2018 10:07:57 -0300 Sergio Belkin via samba <samba at lists.samba.org> wrote:> > /etc/hosts > > > 127.0.0.1 localhost samba4.example.com > 192.168.50.40 samba4.example.com samba4 ldap.example.comThe above is just wrong, 127.0.0.1 shouldn't point to your DC and you shouldn't have 'ldap.example.com' on the end of your DC's IP line, use a CNAME record instead. Rowland
about that systemd part. systemctl daemon-reload systemctl samba-ad-dc stop clear the logs in /va/log/samba systemctl samba-ad-dc start and and extra check on the dns part. sudo /usr/sbin/samba_dnsupdate --verbose and check your logs again to make sure your all ok. Greetz, Louis Van: Sergio Belkin [mailto:sebelk at gmail.com] Verzonden: woensdag 12 december 2018 14:16 Aan: L.P.H. van Belle CC: samba at lists.samba.org Onderwerp: Re: [Samba] Problem after upgrading to 4.9 Well, really weird for me. I've interruped the inteactive samba, run again with systemd, and now it works.... hehehe, don't now why.... happy, but I don't know why now it works again.... El mié., 12 dic. 2018 a las 10:07, Sergio Belkin (<sebelk at gmail.com>) escribió: Thanks Louis; /etc/krb5.conf [libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = true /etc/resolv.conf search example.com nameserver 192.168.50.40 /etc/hosts 127.0.0.1 localhost samba4.example.com 192.168.50.40 samba4.example.com samba4 ldap.example.com Output off: samba-tool dbcheck --cross-ncs NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com Not fixing old string component NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com Not fixing old string component Checked 3626 objects (0 errors) Something interesting: if I run samba -i outside systemd workf fine... weird, I see that systemd run: ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS Thanks in advance! El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (<samba at lists.samba.org>) escribió: Hai, Can you post /etc/krb5.conf /etc/resolv.conf /etc/hosts Output off: samba-tool dbcheck --cross-ncs And last question, are there any DC removed from the domain. 50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] My guess here the UUID is a removed DC. You samba config looks fine to me. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Sergio Belkin via samba > Verzonden: woensdag 12 december 2018 13:25 > Aan: samba at lists.samba.org > Onderwerp: [Samba] Problem after upgrading to 4.9 > > Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to > samba 4.9 but > now it fails, these are the errors: > > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > 09:14:49.372290, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: > /usr/sbin/samba_dnsupdate: Failed to bind to uuid > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]> NT_STATUS_LOGON_FAILURE > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > 09:14:49.372338, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: > /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server > 192.168.50.40 failed with (3221225581, 'The attempted logon > is invalid. > This is either due to a bad username or authentication information.') > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > 09:14:49.381318, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: > /usr/sbin/samba_dnsupdate: Failed to bind to uuid > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40]> NT_STATUS_LOGON_FAILURE > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 > 09:14:49.381385, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > I've no modified the smb.conf which is: > > [global] > dns forwarder = 8.8.8.8 > netbios name = SAMBA4 > realm = EXAMPLE.COM > interfaces = lo eth0 > server role = active directory domain controller > workgroup = EXAMPLE > idmap_ldb:use rfc2307 = yes > # Audit settings > full_audit:prefix = %u|%I|%m|%S > full_audit:failure = connect > full_audit:success = mkdir rmdir read pread write pwrite > rename unlink > full_audit:facility = local5 > full_audit:priority = notice > # TLS settings > tls enabled = yes > tls certfile = tls/ldap.example-aid.com/fullchain.pem > tls keyfile = tls/ldap.example-aid.com/privkey.pem > tls cafile > #log auth > log level = 1 auth_audit:3 auth_json_audit:3 > [netlogon] > path = /var/lib/samba/sysvol/example-aid.com/scripts > read only = No > [sysvol] > path = /var/lib/samba/sysvol > read only = No > [lab] > path = /srv/samba/lab > read only = no > vfs objects = full_audit > > I cannot even 'to kinit', I get: > kinit: krb5_get_init_creds: unable to reach any KDC in realm > EXAMPLE.COM > > Please could you help me? > > Thanks in advance... > > > > > > > > Thanks in advance > -- > -- > Sergio Belkin > LPIC-2 Certified - http://www.lpi.org > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
Yes, Yes, I did guess that, I made as a stupid workaround :P El mié., 12 dic. 2018 a las 10:24, Rowland Penny via samba (< samba at lists.samba.org>) escribió:> On Wed, 12 Dec 2018 10:07:57 -0300 > Sergio Belkin via samba <samba at lists.samba.org> wrote: > > > > > > /etc/hosts > > > > > > 127.0.0.1 localhost samba4.example.com > > 192.168.50.40 samba4.example.com samba4 ldap.example.com > > The above is just wrong, 127.0.0.1 shouldn't point to your DC and you > shouldn't have 'ldap.example.com' on the end of your DC's IP line, use > a CNAME record instead. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba-- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
I've run all of that as you suggest, and I get at the end: No DNS updates needed And exit status 0 I've fixed the error given by dbcheck, now everything works fine ¯\_(ツ)_/¯ El mié., 12 dic. 2018 a las 10:28, L.P.H. van Belle (<belle at bazuin.nl>) escribió:> about that systemd part. > > systemctl daemon-reload > systemctl samba-ad-dc stop > > clear the logs in /va/log/samba > > systemctl samba-ad-dc start > > and and extra check on the dns part. > sudo /usr/sbin/samba_dnsupdate --verbose > and check your logs again to make sure your all ok. > > Greetz, > > Louis > > > ------------------------------ > *Van:* Sergio Belkin [mailto:sebelk at gmail.com] > *Verzonden:* woensdag 12 december 2018 14:16 > *Aan:* L.P.H. van Belle > *CC:* samba at lists.samba.org > *Onderwerp:* Re: [Samba] Problem after upgrading to 4.9 > > Well, really weird for me. I've interruped the inteactive samba, run again > with systemd, and now it works.... hehehe, don't now why.... happy, but I > don't know why now it works again.... > > El mié., 12 dic. 2018 a las 10:07, Sergio Belkin (<sebelk at gmail.com>) > escribió: > >> Thanks Louis; >> >> >> /etc/krb5.conf >> >> [libdefaults] >> default_realm = EXAMPLE.COM >> dns_lookup_realm = false >> dns_lookup_kdc = true >> >> >> /etc/resolv.conf >> >> search example.com >> nameserver 192.168.50.40 >> >> /etc/hosts >> >> >> 127.0.0.1 localhost samba4.example.com >> 192.168.50.40 samba4.example.com samba4 ldap.example.com >> >> >> Output off: >> samba-tool dbcheck --cross-ncs >> >> NOTE: old (due to rename or delete) DN string component for >> lastKnownParent in object >> DC=@\0ADEL:d86ef51e-83a5-4a8d-b224-e7a559c47094,CN=Deleted >> Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - >> DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com >> Not fixing old string component >> NOTE: old (due to rename or delete) DN string component for >> lastKnownParent in object >> DC=www.pepino.cuac\0ADEL:d3bc33d0-6d4d-4345-a7fe-96a19550b293,CN=Deleted >> Objects,DC=DomainDnsZones,DC=EXAMPLE,DC=com - >> DC=pepino.cuac,CN=MicrosoftDNS,DC=DomainDnsZones,DC=EXAMPLE,DC=com >> >> Not fixing old string component >> Checked 3626 objects (0 errors) >> >> Something interesting: if I run samba -i outside systemd workf fine... >> weird, I see that systemd run: >> ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS >> >> >> Thanks in advance! >> >> El mié., 12 dic. 2018 a las 9:46, L.P.H. van Belle via samba (< >> samba at lists.samba.org>) escribió: >> >>> Hai, >>> >>> Can you post >>> /etc/krb5.conf >>> /etc/resolv.conf >>> /etc/hosts >>> >>> Output off: >>> samba-tool dbcheck --cross-ncs >>> >>> And last question, are there any DC removed from the domain. >>> >>> >>> 50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> >>> 192.168.50.40] >>> My guess here the UUID is a removed DC. >>> >>> You samba config looks fine to me. >>> >>> Greetz, >>> >>> Louis >>> >>> >>> >>> > -----Oorspronkelijk bericht----- >>> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens >>> > Sergio Belkin via samba >>> > Verzonden: woensdag 12 december 2018 13:25 >>> > Aan: samba at lists.samba.org >>> > Onderwerp: [Samba] Problem after upgrading to 4.9 >>> > >>> > Hi, I use the Van Bell repo, I've upgraded from samba 4.7 to >>> > samba 4.9 but >>> > now it fails, these are the errors: >>> > >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >>> > 09:14:49.372290, 0] >>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: >>> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid >>> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for >>> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4 >>> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] >>> > NT_STATUS_LOGON_FAILURE >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >>> > 09:14:49.372338, 0] >>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: >>> > /usr/sbin/samba_dnsupdate: ERROR: Connecting to DNS RPC server >>> > 192.168.50.40 failed with (3221225581, 'The attempted logon >>> > is invalid. >>> > This is either due to a bad username or authentication information.') >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >>> > 09:14:49.381318, 0] >>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: >>> > /usr/sbin/samba_dnsupdate: Failed to bind to uuid >>> > 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for >>> > ncacn_ip_tcp:192.168.50.40[49152,sign,abstract_syntax=50abc2a4 >>> -574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=> 192.168.50.40] >>> > NT_STATUS_LOGON_FAILURE >>> > dic 12 09:14:49 samba4 samba[4881]: task[dnsupdate][4881]: [2018/12/12 >>> > 09:14:49.381385, 0] >>> > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> > >>> > I've no modified the smb.conf which is: >>> > >>> > [global] >>> > dns forwarder = 8.8.8.8 >>> > netbios name = SAMBA4 >>> > realm = EXAMPLE.COM >>> > interfaces = lo eth0 >>> > server role = active directory domain controller >>> > workgroup = EXAMPLE >>> > idmap_ldb:use rfc2307 = yes >>> > # Audit settings >>> > full_audit:prefix = %u|%I|%m|%S >>> > full_audit:failure = connect >>> > full_audit:success = mkdir rmdir read pread write pwrite >>> > rename unlink >>> > full_audit:facility = local5 >>> > full_audit:priority = notice >>> > # TLS settings >>> > tls enabled = yes >>> > tls certfile = tls/ldap.example-aid.com/fullchain.pem >>> > tls keyfile = tls/ldap.example-aid.com/privkey.pem >>> > tls cafile >>> > #log auth >>> > log level = 1 auth_audit:3 auth_json_audit:3 >>> > [netlogon] >>> > path = /var/lib/samba/sysvol/example-aid.com/scripts >>> > read only = No >>> > [sysvol] >>> > path = /var/lib/samba/sysvol >>> > read only = No >>> > [lab] >>> > path = /srv/samba/lab >>> > read only = no >>> > vfs objects = full_audit >>> > >>> > I cannot even 'to kinit', I get: >>> > kinit: krb5_get_init_creds: unable to reach any KDC in realm >>> > EXAMPLE.COM >>> > >>> > Please could you help me? >>> > >>> > Thanks in advance... >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > Thanks in advance >>> > -- >>> > -- >>> > Sergio Belkin >>> > LPIC-2 Certified - http://www.lpi.org >>> > -- >>> > To unsubscribe from this list go to the following URL and read the >>> > instructions: https://lists.samba.org/mailman/options/samba >>> > >>> >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >> >> >> >> -- >> -- >> Sergio Belkin >> LPIC-2 Certified - http://www.lpi.org >> > > > -- > -- > Sergio Belkin > LPIC-2 Certified - http://www.lpi.org > >-- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org