Dear all; I?m running smbd 4.9.5-Debian and I?m struggling to get Time Machine support to work. The server is running Debian Buster, and the client is macOS High Sierra. I can mount the share just fine on its own, but as soon as I tell Time Machine to ?Back Up Now?, it says ?Preparing Backup,? ?Looking for Backup Disk,? and then nothing. The little red exclamation mark tells me that "The network backup disk could not be accessed because there was a problem with the network username or password.? I?ve been tailing the logs but nothing sticks out to my untrained eyes, except that nowhere does there seem to be any indication of the identity of the authenticating user?thus my suspicion that AD is somehow involved. What I do get is this: [2019/09/04 16:16:27.522157, 5] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2019/09/04 16:16:27.522173, 5] ../source3/auth/token_util.c:866(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2019/09/04 16:16:27.522201, 5] ../source3/smbd/uid.c:509(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2019/09/04 16:16:27.522365, 3] ../source3/smbd/server_exit.c:237(exit_server_common) Server exit (NT_STATUS_END_OF_FILE) And this is the full smb.conf: [global] client signing = mandatory server signing = mandatory kerberos method = secrets and keytab load printers = no realm = AD.EXAMPLE.COM security = ADS workgroup = AD idmap config *:backend = tdb2 idmap config *:range = 1000-9999 idmap config AD:backend = ad idmap config AD:range = 10000-9999999999 log file = /var/log/samba/log.%m max log size = 1000 log level = 5 netbios name = MYHOST server string = Samba %v (%h) vfs objects = catia fruit streams_xattr fruit:time machine = yes fruit:time machine max size = 1024G [TimeMachineBackup] writeable = yes browsable = yes path = /var/timemachine Cluebat, anyone? // Best wishes; Johan
On 05/09/2019 00:25, Johan Hattne via samba wrote:> Dear all; > > I?m running smbd 4.9.5-Debian and I?m struggling to get Time Machine support to work. The server is running Debian Buster, and the client is macOS High Sierra. I can mount the share just fine on its own, but as soon as I tell Time Machine to ?Back Up Now?, it says ?Preparing Backup,? ?Looking for Backup Disk,? and then nothing. The little red exclamation mark tells me that "The network backup disk could not be accessed because there was a problem with the network username or password.? > > I?ve been tailing the logs but nothing sticks out to my untrained eyes, except that nowhere does there seem to be any indication of the identity of the authenticating user?thus my suspicion that AD is somehow involved. What I do get is this: > > [2019/09/04 16:16:27.522157, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) > [2019/09/04 16:16:27.522173, 5] ../source3/auth/token_util.c:866(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups > [2019/09/04 16:16:27.522201, 5] ../source3/smbd/uid.c:509(smbd_change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) > [2019/09/04 16:16:27.522365, 3] ../source3/smbd/server_exit.c:237(exit_server_common) > Server exit (NT_STATUS_END_OF_FILE) > > And this is the full smb.conf: > > [global] > client signing = mandatory > server signing = mandatory > kerberos method = secrets and keytab > load printers = no > realm = AD.EXAMPLE.COM > security = ADS > workgroup = AD > idmap config *:backend = tdb2 > idmap config *:range = 1000-9999 > idmap config AD:backend = ad > idmap config AD:range = 10000-9999999999 > log file = /var/log/samba/log.%m > max log size = 1000 > log level = 5 > netbios name = MYHOST > server string = Samba %v (%h) > vfs objects = catia fruit streams_xattr > fruit:time machine = yes > fruit:time machine max size = 1024G > [TimeMachineBackup] > writeable = yes > browsable = yes > path = /var/timemachine > > Cluebat, anyone? > > // Best wishes; Johan > >Why are you using 'tdb2' for the default domain instead of 'tdb', is this machine part of a ctdb cluster ? You are using the winbind 'ad'? backend , so have you given your users a uidNumber attribute containing a unique number inside the '10000-9999999999' range and given Domain Users a gidNumber containing a number inside the same range ? Rowland
TimeMachine is NOT enabled in the official debian packages. If you want time machine, report it at debian as bug/request if you want this enabled, and untill then, You can use my packages, where timemachine is enabled. Or rebuild the the debian packages your self and enable it, that part only is very easy. + what Rowland told you. ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: donderdag 5 september 2019 9:33 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Samba, Time Machine, and ADS > > On 05/09/2019 00:25, Johan Hattne via samba wrote: > > Dear all; > > > > I?m running smbd 4.9.5-Debian and I?m struggling to get > Time Machine support to work. The server is running Debian > Buster, and the client is macOS High Sierra. I can mount the > share just fine on its own, but as soon as I tell Time > Machine to ?Back Up Now?, it says ?Preparing Backup,? > ?Looking for Backup Disk,? and then nothing. The little red > exclamation mark tells me that "The network backup disk could > not be accessed because there was a problem with the network > username or password.? > > > > I?ve been tailing the logs but nothing sticks out to my > untrained eyes, except that nowhere does there seem to be any > indication of the identity of the authenticating user?thus my > suspicion that AD is somehow involved. What I do get is this: > > > > [2019/09/04 16:16:27.522157, 5] > ../libcli/security/security_token.c:53(security_token_debug) > > Security token: (NULL) > > [2019/09/04 16:16:27.522173, 5] > ../source3/auth/token_util.c:866(debug_unix_user_token) > > UNIX token of user 0 > > Primary group is 0 and contains 0 supplementary groups > > [2019/09/04 16:16:27.522201, 5] > ../source3/smbd/uid.c:509(smbd_change_to_root_user) > > change_to_root_user: now uid=(0,0) gid=(0,0) > > [2019/09/04 16:16:27.522365, 3] > ../source3/smbd/server_exit.c:237(exit_server_common) > > Server exit (NT_STATUS_END_OF_FILE) > > > > And this is the full smb.conf: > > > > [global] > > client signing = mandatory > > server signing = mandatory > > kerberos method = secrets and keytab > > load printers = no > > realm = AD.EXAMPLE.COM > > security = ADS > > workgroup = AD > > idmap config *:backend = tdb2 > > idmap config *:range = 1000-9999 > > idmap config AD:backend = ad > > idmap config AD:range = 10000-9999999999 > > log file = /var/log/samba/log.%m > > max log size = 1000 > > log level = 5 > > netbios name = MYHOST > > server string = Samba %v (%h) > > vfs objects = catia fruit streams_xattr > > fruit:time machine = yes > > fruit:time machine max size = 1024G > > [TimeMachineBackup] > > writeable = yes > > browsable = yes > > path = /var/timemachine > > > > Cluebat, anyone? > > > > // Best wishes; Johan > > > > > Why are you using 'tdb2' for the default domain instead of 'tdb', is > this machine part of a ctdb cluster ? > > You are using the winbind 'ad'? backend , so have you given > your users a > uidNumber attribute containing a unique number inside the > '10000-9999999999' range and given Domain Users a gidNumber > containing a > number inside the same range ? > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Thanks a lot, Rowland and Louis! After installing packages from Louis?s repository, Time Machine is now backing up. It is however not clear to me how Time Machine is enabled at compile time. Diffing the smdb -b output between the stock smbd in Debian Buster and Louis?s, I see that Louis?s has e.g. WITH_ADS and WITH_SPOTLIGHT, but is that really it? If I?m to leave a feature request with the Debian samba maintainers, I?m not sure what to ask for. The idmapping backend setting was an oversight, originating from a CTDB setup?thanks for catching that, Rowland. uid and gid ranges were fine all along. // Best wishes; Johan> On Sep 5, 2019, at 00:51, L.P.H. van Belle via samba <samba at lists.samba.org> wrote: > > TimeMachine is NOT enabled in the official debian packages. > > If you want time machine, report it at debian as bug/request if you want this enabled, and untill then, > You can use my packages, where timemachine is enabled. > > Or rebuild the the debian packages your self and enable it, that part only is very easy. > > + what Rowland told you. ;-) > > Greetz, > > Louis > > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Rowland penny via samba >> Verzonden: donderdag 5 september 2019 9:33 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] Samba, Time Machine, and ADS >> >> On 05/09/2019 00:25, Johan Hattne via samba wrote: >>> Dear all; >>> >>> I?m running smbd 4.9.5-Debian and I?m struggling to get >> Time Machine support to work. The server is running Debian >> Buster, and the client is macOS High Sierra. I can mount the >> share just fine on its own, but as soon as I tell Time >> Machine to ?Back Up Now?, it says ?Preparing Backup,? >> ?Looking for Backup Disk,? and then nothing. The little red >> exclamation mark tells me that "The network backup disk could >> not be accessed because there was a problem with the network >> username or password.? >>> >>> I?ve been tailing the logs but nothing sticks out to my >> untrained eyes, except that nowhere does there seem to be any >> indication of the identity of the authenticating user?thus my >> suspicion that AD is somehow involved. What I do get is this: >>> >>> [2019/09/04 16:16:27.522157, 5] >> ../libcli/security/security_token.c:53(security_token_debug) >>> Security token: (NULL) >>> [2019/09/04 16:16:27.522173, 5] >> ../source3/auth/token_util.c:866(debug_unix_user_token) >>> UNIX token of user 0 >>> Primary group is 0 and contains 0 supplementary groups >>> [2019/09/04 16:16:27.522201, 5] >> ../source3/smbd/uid.c:509(smbd_change_to_root_user) >>> change_to_root_user: now uid=(0,0) gid=(0,0) >>> [2019/09/04 16:16:27.522365, 3] >> ../source3/smbd/server_exit.c:237(exit_server_common) >>> Server exit (NT_STATUS_END_OF_FILE) >>> >>> And this is the full smb.conf: >>> >>> [global] >>> client signing = mandatory >>> server signing = mandatory >>> kerberos method = secrets and keytab >>> load printers = no >>> realm = AD.EXAMPLE.COM >>> security = ADS >>> workgroup = AD >>> idmap config *:backend = tdb2 >>> idmap config *:range = 1000-9999 >>> idmap config AD:backend = ad >>> idmap config AD:range = 10000-9999999999 >>> log file = /var/log/samba/log.%m >>> max log size = 1000 >>> log level = 5 >>> netbios name = MYHOST >>> server string = Samba %v (%h) >>> vfs objects = catia fruit streams_xattr >>> fruit:time machine = yes >>> fruit:time machine max size = 1024G >>> [TimeMachineBackup] >>> writeable = yes >>> browsable = yes >>> path = /var/timemachine >>> >>> Cluebat, anyone? >>> >>> // Best wishes; Johan >>> >>> >> Why are you using 'tdb2' for the default domain instead of 'tdb', is >> this machine part of a ctdb cluster ? >> >> You are using the winbind 'ad' backend , so have you given >> your users a >> uidNumber attribute containing a unique number inside the >> '10000-9999999999' range and given Domain Users a gidNumber >> containing a >> number inside the same range ? >> >> Rowland >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >> > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Hai, Enabling spotlight is not that hard. The differences. If you run : apt-get source samba, enter the samba-xxx/debian folder. There you have the files : rules and control. In rules you see : conf_args = \ That are the build parameters. At the end of these, i added --enable-spotlight ( dont forget to add a \ in the line above. Now spotlight also needs some files the allow the build. In control you see ( at the beginning ) : Build-Depends: bison, debhelper-compat (= 12), .... And more. You need to add these to for debian buster ( and 1.0 for stretch ) libtracker-miner-2.0-dev, libtracker-sparql-2.0-dev, I'll also pm the maintainer, because if that is also enabled, next release if official should be the same as my builds. Finaly.., that simply saves me build time. :-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Johan Hattne via samba > Verzonden: donderdag 5 september 2019 19:58 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Samba, Time Machine, and ADS > > Thanks a lot, Rowland and Louis! After installing packages > from Louis?s repository, Time Machine is now backing up. > > It is however not clear to me how Time Machine is enabled at > compile time. Diffing the smdb -b output between the stock > smbd in Debian Buster and Louis?s, I see that Louis?s has > e.g. WITH_ADS and WITH_SPOTLIGHT, but is that really it? If > I?m to leave a feature request with the Debian samba > maintainers, I?m not sure what to ask for. > > The idmapping backend setting was an oversight, originating > from a CTDB setup?thanks for catching that, Rowland. uid and > gid ranges were fine all along. > > // Best wishes; Johan > > > On Sep 5, 2019, at 00:51, L.P.H. van Belle via samba > <samba at lists.samba.org> wrote: > > > > TimeMachine is NOT enabled in the official debian packages. > > > > If you want time machine, report it at debian as > bug/request if you want this enabled, and untill then, > > You can use my packages, where timemachine is enabled. > > > > Or rebuild the the debian packages your self and enable it, > that part only is very easy. > > > > + what Rowland told you. ;-) > > > > Greetz, > > > > Louis > > > > > >> -----Oorspronkelijk bericht----- > >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >> Rowland penny via samba > >> Verzonden: donderdag 5 september 2019 9:33 > >> Aan: samba at lists.samba.org > >> Onderwerp: Re: [Samba] Samba, Time Machine, and ADS > >> > >> On 05/09/2019 00:25, Johan Hattne via samba wrote: > >>> Dear all; > >>> > >>> I?m running smbd 4.9.5-Debian and I?m struggling to get > >> Time Machine support to work. The server is running Debian > >> Buster, and the client is macOS High Sierra. I can mount the > >> share just fine on its own, but as soon as I tell Time > >> Machine to ?Back Up Now?, it says ?Preparing Backup,? > >> ?Looking for Backup Disk,? and then nothing. The little red > >> exclamation mark tells me that "The network backup disk could > >> not be accessed because there was a problem with the network > >> username or password.? > >>> > >>> I?ve been tailing the logs but nothing sticks out to my > >> untrained eyes, except that nowhere does there seem to be any > >> indication of the identity of the authenticating user?thus my > >> suspicion that AD is somehow involved. What I do get is this: > >>> > >>> [2019/09/04 16:16:27.522157, 5] > >> ../libcli/security/security_token.c:53(security_token_debug) > >>> Security token: (NULL) > >>> [2019/09/04 16:16:27.522173, 5] > >> ../source3/auth/token_util.c:866(debug_unix_user_token) > >>> UNIX token of user 0 > >>> Primary group is 0 and contains 0 supplementary groups > >>> [2019/09/04 16:16:27.522201, 5] > >> ../source3/smbd/uid.c:509(smbd_change_to_root_user) > >>> change_to_root_user: now uid=(0,0) gid=(0,0) > >>> [2019/09/04 16:16:27.522365, 3] > >> ../source3/smbd/server_exit.c:237(exit_server_common) > >>> Server exit (NT_STATUS_END_OF_FILE) > >>> > >>> And this is the full smb.conf: > >>> > >>> [global] > >>> client signing = mandatory > >>> server signing = mandatory > >>> kerberos method = secrets and keytab > >>> load printers = no > >>> realm = AD.EXAMPLE.COM > >>> security = ADS > >>> workgroup = AD > >>> idmap config *:backend = tdb2 > >>> idmap config *:range = 1000-9999 > >>> idmap config AD:backend = ad > >>> idmap config AD:range = 10000-9999999999 > >>> log file = /var/log/samba/log.%m > >>> max log size = 1000 > >>> log level = 5 > >>> netbios name = MYHOST > >>> server string = Samba %v (%h) > >>> vfs objects = catia fruit streams_xattr > >>> fruit:time machine = yes > >>> fruit:time machine max size = 1024G > >>> [TimeMachineBackup] > >>> writeable = yes > >>> browsable = yes > >>> path = /var/timemachine > >>> > >>> Cluebat, anyone? > >>> > >>> // Best wishes; Johan > >>> > >>> > >> Why are you using 'tdb2' for the default domain instead of > 'tdb', is > >> this machine part of a ctdb cluster ? > >> > >> You are using the winbind 'ad' backend , so have you given > >> your users a > >> uidNumber attribute containing a unique number inside the > >> '10000-9999999999' range and given Domain Users a gidNumber > >> containing a > >> number inside the same range ? > >> > >> Rowland > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > >> > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >