Viktor Trojanovic
2018-Dec-22 22:01 UTC
[Samba] After upgrade to 4.9.4, internal DNS no longer working
Then I don't know what caused it. I had no problems prior to the upgrade, and the upgrade was done without errors.. Unfortunately, no, I don't have backups. 'sam.ldb' is still there, though, and so are the databases unter 'sam.ldb.d'. Yes, I tried restarting Samba, even rebooted the server but to no avail. Here are the results from running samba in the shell: lpcfg_load: refreshing parameters from /etc/samba/smb.conf samba version 4.9.4 started. Copyright Andrew Tridgell and the Samba Team 1992-2018 GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'spnego' registered GENSEC backend 'schannel' registered GENSEC backend 'naclrpc_as_system' registered GENSEC backend 'sasl-EXTERNAL' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'ntlmssp_resume_ccache' registered GENSEC backend 'http_basic' registered GENSEC backend 'http_ntlm' registered GENSEC backend 'http_negotiate' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered register_process_model: PROCESS_MODEL 'single' registered register_process_model: PROCESS_MODEL 'prefork' registered register_process_model: PROCESS_MODEL 'standard' registered AUTH backend 'sam' registered AUTH backend 'sam_ignoredomain' registered AUTH backend 'anonymous' registered AUTH backend 'winbind' registered AUTH backend 'name_to_ntstatus' registered AUTH backend 'unix' registered ldb_wrap open of privilege.ldb binary_smbd_main: samba: using 'standard' process model ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Searching for dsServiceName in rootDSE failed: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 Failed to find our own NTDS Settings DN in the ldb! Failed to find our own NTDS Settings objectGUID in the ldb! kdc_task_init: Cannot determine if we are an RODC: operations error at ../source4/dsdb/common/util.c:3534 task_server_terminate: task_server_terminate: [kdc: krb5_init_context samdb RODC connect failed] ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Searching for dsServiceName in rootDSE failed: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 Failed to find our own NTDS Settings DN in the ldb! Failed to find our own NTDS Settings objectGUID in the ldb! ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Searching for dsServiceName in rootDSE failed: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 Failed to find our own NTDS Settings DN in the ldb! Failed to find our own NTDS Settings objectGUID in the ldb! task_server_terminate: task_server_terminate: [dreplsrv: Failed to connect to local samdb: WERR_DS_UNAVAILABLE ] task_server_terminate: task_server_terminate: [kccsrv: Failed to connect to local samdb: WERR_DS_UNAVAILABLE ] ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs ../source4/dsdb/dns/dns_update.c:127: Unable to find DCs list - No such Base DN: CN=Configuration,DC=samdom,DC=example,DC=chCalling DNS name update script ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Calling SPN name update script DCERPC endpoint server 'rpcecho' registered DCERPC endpoint server 'epmapper' registered DCERPC endpoint server 'remote' registered ldb_wrap open of secrets.ldb task_server_terminate: task_server_terminate: [dns: failed to load DNS zones] ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Failed to find object DC=samdom,DC=example,DC=ch for attribute fsmoRoleOwner - Cannot find DN DC=samdom,DC=example,DC=ch to get attribute fsmoRoleOwner for reference dn: No such Base DN: DC=samdom,DC=example,DC=ch Failed to find if we are the PDC for this ldb: Searching for fSMORoleOwner in DC=samdom,DC=example,DC=ch failed: Cannot find DN DC=samdom,DC=example,DC=ch to get attribute fsmoRoleOwner for reference dn: No such Base DN: DC=samdom,DC=example,DC=ch DCERPC endpoint server 'wkssvc' registered DCERPC endpoint server 'unixinfo' registered DCERPC endpoint server 'samr' registered DCERPC endpoint server 'netlogon' registered DCERPC endpoint server 'dssetup' registered DCERPC endpoint server 'lsarpc' registered DCERPC endpoint server 'backupkey' registered DCERPC endpoint server 'drsuapi' registered DCERPC endpoint server 'browser' registered DCERPC endpoint server 'eventlog6' registered DCERPC endpoint server 'dnsserver' registered /usr/bin/winbindd: winbindd version 4.9.4 started. /usr/bin/winbindd: Copyright Andrew Tridgell and the Samba Team 1992-2018 /usr/bin/smbd: smbd version 4.9.4 started. /usr/bin/smbd: Copyright Andrew Tridgell and the Samba Team 1992-2018 /usr/bin/winbindd: initialize_winbindd_cache: clearing cache and re-creating with version number 2 /usr/bin/smbd: pdb backend samba_dsdb did not correctly init (error was NT_STATUS_UNSUCCESSFUL) /usr/bin/smbd: pdb backend samba_dsdb did not correctly init (error was NT_STATUS_UNSUCCESSFUL) /usr/bin/winbindd: daemon_ready: STATUS=daemon 'winbindd' finished starting up and ready to serve connections ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Searching for dsServiceName in rootDSE failed: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 Failed to find our own NTDS Settings DN in the ldb! Failed to find our own NTDS Settings options in the ldb! ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Searching for dsServiceName in rootDSE failed: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 Failed to find our own NTDS Settings DN in the ldb! Failed to find our own NTDS Settings options in the ldb! ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Searching for dsServiceName in rootDSE failed: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 Failed to find our own NTDS Settings DN in the ldb! Failed to find our own NTDS Settings options in the ldb! /usr/bin/winbindd: pdb backend samba_dsdb did not correctly init (error was NT_STATUS_UNSUCCESSFUL) ../source4/dsdb/dns/dns_update.c:127: Unable to find DCs list - No such Base DN: CN=Configuration,DC=samdom,DC=example,DC=chsamba_runcmd_io_handler: Child /usr/bin/samba_spnupdate exited 0 Completed SPN update check OK ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Failed to open domain S-1-5-21-4280320235-2980747731-3738778716: No such Base DN: DC=samdom,DC=example,DC=ch stream_terminate_connection: Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED] ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Failed to open domain S-1-5-21-4280320235-2980747731-3738778716: No such Base DN: DC=samdom,DC=example,DC=ch stream_terminate_connection: Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED] ldb: Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs Failed to open domain S-1-5-21-4280320235-2980747731-3738778716: No such Base DN: DC=samdom,DC=example,DC=ch stream_terminate_connection: Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED] /usr/bin/smbd: daemon_ready: STATUS=daemon 'smbd' finished starting up and ready to serve connections /usr/bin/smbd: pdb backend samba_dsdb did not correctly init (error was NT_STATUS_UNSUCCESSFUL) Registered dc1<00> with 192.168.1.1 on interface 192.168.1.255 Registered dc1<00> with 127.0.0.1 on interface 127.255.255.255 Registered dc1<03> with 192.168.1.1 on interface 192.168.1.255 Registered dc1<03> with 127.0.0.1 on interface 127.255.255.255 Registered dc1<20> with 192.168.1.1 on interface 192.168.1.255 Registered dc1<20> with 127.0.0.1 on interface 127.255.255.255 Registered samdom<1c> with 192.168.1.1 on interface 192.168.1.255 Registered samdom<1c> with 127.0.0.1 on interface 127.255.255.255 Registered samdom<00> with 192.168.1.1 on interface 192.168.1.255 Registered samdom<00> with 127.0.0.1 on interface 127.255.255.255 ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error code 110 On Sat, 22 Dec 2018 at 22:54, Rowland Penny via samba <samba at lists.samba.org> wrote:> On Sat, 22 Dec 2018 22:25:30 +0100 > Viktor Trojanovic <viktor at troja.ch> wrote: > > > Oh, that doesn't sound good... > > > > Arch Linux. I did a regular system upgrade using pacman -Syu which > > automatically upgrades all packages to their latest version. > > > > I have another, practically identical system and I didn't have this > > issue there. Though I might have had a smaller jump between versions. > > The version jump shouldn't have caused this, I take it you have tried > restarting Samba again. If you still have the problem, try running the > 'samba' daemon directly in a terminal: > > /path/to/samba -i -d3 > > See if this works or shows anything new. > > Did you have backups from before the upgrade ? > Have you checked if 'sam.ldb' is still there and if the databases are > in 'sam.ldb.d' ? > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Viktor Trojanovic
2018-Dec-22 23:16 UTC
[Samba] After upgrade to 4.9.4, internal DNS no longer working
Hi Rowland, I just realized that I actually do have backups of everything in /var/lib/samba (which is the main folder for Samba on Arch). I'd still be interested how to recover from this situation without a backup but priority is to get the AD back up and running again. How would you suggest I proceed? On Sat, 22 Dec 2018 at 23:01, Viktor Trojanovic <viktor at troja.ch> wrote:> Then I don't know what caused it. I had no problems prior to the upgrade, > and the upgrade was done without errors.. > > Unfortunately, no, I don't have backups. 'sam.ldb' is still there, though, > and so are the databases unter 'sam.ldb.d'. > > Yes, I tried restarting Samba, even rebooted the server but to no avail. > Here are the results from running samba in the shell: > > lpcfg_load: refreshing parameters from /etc/samba/smb.conf > samba version 4.9.4 started. > Copyright Andrew Tridgell and the Samba Team 1992-2018 > GENSEC backend 'gssapi_spnego' registered > GENSEC backend 'gssapi_krb5' registered > GENSEC backend 'gssapi_krb5_sasl' registered > GENSEC backend 'spnego' registered > GENSEC backend 'schannel' registered > GENSEC backend 'naclrpc_as_system' registered > GENSEC backend 'sasl-EXTERNAL' registered > GENSEC backend 'ntlmssp' registered > GENSEC backend 'ntlmssp_resume_ccache' registered > GENSEC backend 'http_basic' registered > GENSEC backend 'http_ntlm' registered > GENSEC backend 'http_negotiate' registered > GENSEC backend 'krb5' registered > GENSEC backend 'fake_gssapi_krb5' registered > register_process_model: PROCESS_MODEL 'single' registered > register_process_model: PROCESS_MODEL 'prefork' registered > register_process_model: PROCESS_MODEL 'standard' registered > AUTH backend 'sam' registered > AUTH backend 'sam_ignoredomain' registered > AUTH backend 'anonymous' registered > AUTH backend 'winbind' registered > AUTH backend 'name_to_ntstatus' registered > AUTH backend 'unix' registered > ldb_wrap open of privilege.ldb > binary_smbd_main: samba: using 'standard' process model > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Searching for dsServiceName in rootDSE failed: operations error at > ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 > Failed to find our own NTDS Settings DN in the ldb! > Failed to find our own NTDS Settings objectGUID in the ldb! > kdc_task_init: Cannot determine if we are an RODC: operations error at > ../source4/dsdb/common/util.c:3534 > task_server_terminate: task_server_terminate: [kdc: krb5_init_context > samdb RODC connect failed] > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Searching for dsServiceName in rootDSE failed: operations error at > ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 > Failed to find our own NTDS Settings DN in the ldb! > Failed to find our own NTDS Settings objectGUID in the ldb! > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Searching for dsServiceName in rootDSE failed: operations error at > ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 > Failed to find our own NTDS Settings DN in the ldb! > Failed to find our own NTDS Settings objectGUID in the ldb! > task_server_terminate: task_server_terminate: [dreplsrv: Failed to connect > to local samdb: WERR_DS_UNAVAILABLE > ] > task_server_terminate: task_server_terminate: [kccsrv: Failed to connect > to local samdb: WERR_DS_UNAVAILABLE > ] > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > ../source4/dsdb/dns/dns_update.c:127: Unable to find DCs list - No such > Base DN: CN=Configuration,DC=samdom,DC=example,DC=chCalling DNS name update > script > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Calling SPN name update script > DCERPC endpoint server 'rpcecho' registered > DCERPC endpoint server 'epmapper' registered > DCERPC endpoint server 'remote' registered > ldb_wrap open of secrets.ldb > task_server_terminate: task_server_terminate: [dns: failed to load DNS > zones] > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Failed to find object DC=samdom,DC=example,DC=ch for attribute > fsmoRoleOwner - Cannot find DN DC=samdom,DC=example,DC=ch to get attribute > fsmoRoleOwner for reference dn: No such Base DN: DC=samdom,DC=example,DC=ch > Failed to find if we are the PDC for this ldb: Searching for fSMORoleOwner > in DC=samdom,DC=example,DC=ch failed: Cannot find DN > DC=samdom,DC=example,DC=ch to get attribute fsmoRoleOwner for reference dn: > No such Base DN: DC=samdom,DC=example,DC=ch > DCERPC endpoint server 'wkssvc' registered > DCERPC endpoint server 'unixinfo' registered > DCERPC endpoint server 'samr' registered > DCERPC endpoint server 'netlogon' registered > DCERPC endpoint server 'dssetup' registered > DCERPC endpoint server 'lsarpc' registered > DCERPC endpoint server 'backupkey' registered > DCERPC endpoint server 'drsuapi' registered > DCERPC endpoint server 'browser' registered > DCERPC endpoint server 'eventlog6' registered > DCERPC endpoint server 'dnsserver' registered > /usr/bin/winbindd: winbindd version 4.9.4 started. > /usr/bin/winbindd: Copyright Andrew Tridgell and the Samba Team 1992-2018 > /usr/bin/smbd: smbd version 4.9.4 started. > /usr/bin/smbd: Copyright Andrew Tridgell and the Samba Team 1992-2018 > /usr/bin/winbindd: initialize_winbindd_cache: clearing cache and > re-creating with version number 2 > /usr/bin/smbd: pdb backend samba_dsdb did not correctly init (error was > NT_STATUS_UNSUCCESSFUL) > /usr/bin/smbd: pdb backend samba_dsdb did not correctly init (error was > NT_STATUS_UNSUCCESSFUL) > /usr/bin/winbindd: daemon_ready: STATUS=daemon 'winbindd' finished > starting up and ready to serve connections > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Searching for dsServiceName in rootDSE failed: operations error at > ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 > Failed to find our own NTDS Settings DN in the ldb! > Failed to find our own NTDS Settings options in the ldb! > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Searching for dsServiceName in rootDSE failed: operations error at > ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 > Failed to find our own NTDS Settings DN in the ldb! > Failed to find our own NTDS Settings options in the ldb! > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Searching for dsServiceName in rootDSE failed: operations error at > ../source4/dsdb/samdb/ldb_modules/rootdse.c:518 > Failed to find our own NTDS Settings DN in the ldb! > Failed to find our own NTDS Settings options in the ldb! > /usr/bin/winbindd: pdb backend samba_dsdb did not correctly init (error > was NT_STATUS_UNSUCCESSFUL) > ../source4/dsdb/dns/dns_update.c:127: Unable to find DCs list - No such > Base DN: > CN=Configuration,DC=samdom,DC=example,DC=chsamba_runcmd_io_handler: Child > /usr/bin/samba_spnupdate exited 0 > Completed SPN update check OK > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Failed to open domain S-1-5-21-4280320235-2980747731-3738778716: No such > Base DN: DC=samdom,DC=example,DC=ch > stream_terminate_connection: Terminating connection - 'dcesrv: > NT_STATUS_CONNECTION_DISCONNECTED' > single_terminate: single_terminate: reason[dcesrv: > NT_STATUS_CONNECTION_DISCONNECTED] > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Failed to open domain S-1-5-21-4280320235-2980747731-3738778716: No such > Base DN: DC=samdom,DC=example,DC=ch > stream_terminate_connection: Terminating connection - 'dcesrv: > NT_STATUS_CONNECTION_DISCONNECTED' > single_terminate: single_terminate: reason[dcesrv: > NT_STATUS_CONNECTION_DISCONNECTED] > ldb: Unable to determine the DomainSID, can not enforce uniqueness > constraint on local domainSIDs > > Failed to open domain S-1-5-21-4280320235-2980747731-3738778716: No such > Base DN: DC=samdom,DC=example,DC=ch > stream_terminate_connection: Terminating connection - 'dcesrv: > NT_STATUS_CONNECTION_DISCONNECTED' > single_terminate: single_terminate: reason[dcesrv: > NT_STATUS_CONNECTION_DISCONNECTED] > /usr/bin/smbd: daemon_ready: STATUS=daemon 'smbd' finished starting up and > ready to serve connections > /usr/bin/smbd: pdb backend samba_dsdb did not correctly init (error was > NT_STATUS_UNSUCCESSFUL) > Registered dc1<00> with 192.168.1.1 on interface 192.168.1.255 > Registered dc1<00> with 127.0.0.1 on interface 127.255.255.255 > Registered dc1<03> with 192.168.1.1 on interface 192.168.1.255 > Registered dc1<03> with 127.0.0.1 on interface 127.255.255.255 > Registered dc1<20> with 192.168.1.1 on interface 192.168.1.255 > Registered dc1<20> with 127.0.0.1 on interface 127.255.255.255 > Registered samdom<1c> with 192.168.1.1 on interface 192.168.1.255 > Registered samdom<1c> with 127.0.0.1 on interface 127.255.255.255 > Registered samdom<00> with 192.168.1.1 on interface 192.168.1.255 > Registered samdom<00> with 127.0.0.1 on interface 127.255.255.255 > ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error code > 110 > > > > On Sat, 22 Dec 2018 at 22:54, Rowland Penny via samba < > samba at lists.samba.org> wrote: > >> On Sat, 22 Dec 2018 22:25:30 +0100 >> Viktor Trojanovic <viktor at troja.ch> wrote: >> >> > Oh, that doesn't sound good... >> > >> > Arch Linux. I did a regular system upgrade using pacman -Syu which >> > automatically upgrades all packages to their latest version. >> > >> > I have another, practically identical system and I didn't have this >> > issue there. Though I might have had a smaller jump between versions. >> >> The version jump shouldn't have caused this, I take it you have tried >> restarting Samba again. If you still have the problem, try running the >> 'samba' daemon directly in a terminal: >> >> /path/to/samba -i -d3 >> >> See if this works or shows anything new. >> >> Did you have backups from before the upgrade ? >> Have you checked if 'sam.ldb' is still there and if the databases are >> in 'sam.ldb.d' ? >> >> Rowland >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba > >
Rowland Penny
2018-Dec-23 09:12 UTC
[Samba] After upgrade to 4.9.4, internal DNS no longer working
On Sun, 23 Dec 2018 00:16:28 +0100 Viktor Trojanovic <viktor at troja.ch> wrote:> Hi Rowland, > > I just realized that I actually do have backups of everything in > /var/lib/samba (which is the main folder for Samba on Arch). > > I'd still be interested how to recover from this situation without a > backup but priority is to get the AD back up and running again. How > would you suggest I proceed? >If '/var/lib/samba' is the main Arch folder, where is yours now ? Did the upgrade create a new folder ? What I am trying to get at is, did it work when 'samba' was using '/var/lib/samba/private.sam.ldb', but doesn't now it is using 'another/path/to/private/sam.ldb' ? Rowland