thr3ads.net - samba - [Samba] samba ad errors in log [Oct 2020]

If this information is useful, please help other people find it:
Share via:

Sonic

2020-Oct-24 14:44 UTC

[Samba] samba ad errors in log

I'm seeing a lot of these errors from a Samba 4.13.0 DC running on
Debian Buster, the smb.conf is untouched from that which was created
via a classic upgrade.
==============================Oct 24 10:25:43 srvr01 samba[26688]: [2020/10/24
10:25:43.886363,  0]
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Oct 24 10:25:43 srvr01 samba[26688]:   /usr/local/samba/sbin/samba_dnsupdate:
dns_tkey_gssnegotiate: TKEY is unacceptable
Oct 24 10:25:43 srvr01 samba[26688]: [2020/10/24 10:25:43.970786,  0]
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Oct 24 10:25:43 srvr01 samba[26688]:   /usr/local/samba/sbin/samba_dnsupdate:
dns_tkey_gssnegotiate: TKEY is unacceptable
Oct 24 10:25:43 srvr01 samba[26688]: [2020/10/24 10:25:43.996118,  0]
../../source4/dsdb/dns/dns_update.c:86(dnsupdate_nameupdate_done)
Oct 24 10:25:43 srvr01 samba[26688]:   dnsupdate_nameupdate_done: Failed DNS
update with exit code 2
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.313981,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.343201,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.343972,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.344623,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.345268,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.345987,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.347542,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.348141,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.348730,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.349318,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.350016,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:30 srvr01 smbd[18336]: [2020/10/24 10:32:30.390516,  0]
../../source3/smbd/service.c:169(chdir_current_service)
Oct 24 10:32:30 srvr01 smbd[18336]:   chdir_current_service:
vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied. Current
token: uid=5035,
Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: starting transaction on zone
example.com
Oct 24 10:32:50 srvr01 named[24228]: client @0x7fd0fc01a040
192.168.7.176#64721: update 'example.com/IN' denied
Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: cancelling transaction on zone
example.com
Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: starting transaction on zone
example.com
Oct 24 10:32:50 srvr01 named[24228]: client @0x7fd0fc01a040
192.168.7.176#63427: update 'example.com/IN' denied
Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: cancelling transaction on zone
example.com
==============================Any clues as to why?

Thanks,
Chris

Rowland penny

2020-Oct-24 15:11 UTC

head link

[Samba] samba ad errors in log

On 24/10/2020 15:44, Sonic via samba wrote:> I'm seeing a lot of these errors from a Samba 4.13.0 DC running on
> Debian Buster, the smb.conf is untouched from that which was created
> via a classic upgrade.
> ==============================> Oct 24 10:25:43 srvr01 samba[26688]:
[2020/10/24 10:25:43.886363,  0]
> ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
> Oct 24 10:25:43 srvr01 samba[26688]:  
/usr/local/samba/sbin/samba_dnsupdate:
> dns_tkey_gssnegotiate: TKEY is unacceptable
> Oct 24 10:25:43 srvr01 samba[26688]: [2020/10/24 10:25:43.970786,  0]
> ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
> Oct 24 10:25:43 srvr01 samba[26688]:  
/usr/local/samba/sbin/samba_dnsupdate:
> dns_tkey_gssnegotiate: TKEY is unacceptable
> Oct 24 10:25:43 srvr01 samba[26688]: [2020/10/24 10:25:43.996118,  0]
> ../../source4/dsdb/dns/dns_update.c:86(dnsupdate_nameupdate_done)
> Oct 24 10:25:43 srvr01 samba[26688]:   dnsupdate_nameupdate_done: Failed
DNS
> update with exit code 2
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.313981,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.343201,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.343972,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.344623,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.345268,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.345987,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.347542,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.348141,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.348730,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.349318,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:15 srvr01 smbd[18336]: [2020/10/24 10:32:15.350016,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:15 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:30 srvr01 smbd[18336]: [2020/10/24 10:32:30.390516,  0]
> ../../source3/smbd/service.c:169(chdir_current_service)
> Oct 24 10:32:30 srvr01 smbd[18336]:   chdir_current_service:
> vfs_ChDir(/usr/local/samba/var/locks/sysvol) failed: Permission denied.
Current
> token: uid=5035,
> Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: starting transaction on
zone
> example.com
> Oct 24 10:32:50 srvr01 named[24228]: client @0x7fd0fc01a040
> 192.168.7.176#64721: update 'example.com/IN' denied
> Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: cancelling transaction on
zone
> example.com
> Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: starting transaction on
zone
> example.com
> Oct 24 10:32:50 srvr01 named[24228]: client @0x7fd0fc01a040
> 192.168.7.176#63427: update 'example.com/IN' denied
> Oct 24 10:32:50 srvr01 named[24228]: samba_dlz: cancelling transaction on
zone
> example.com
> ==============================> Any clues as to why?
You seem to have three things going wrong there, the keytab that 
samba-dnsupdate is using isn't being accepted, user '5035' is being 
denied access to sysvol and a client is being denied updating its record.

Does the DC use itself as the first nameserver in /etc/resolv.conf ?

Who is user '5035' ?

What is '192.168.7.176' ? A Windows client or what ? Is anything else 
updating the dns in AD ?

Rowland

Sonic

2020-Oct-24 16:46 UTC

head link

[Samba] samba ad errors in log

On Sat, Oct 24, 2020 at 11:13 AM Rowland penny via samba
<samba at lists.samba.org> wrote:> denied access to sysvol and a client is being denied updating its record.
>
> Does the DC use itself as the first nameserver in /etc/resolv.conf ?Same issue whether or  not I point to itself first or to the local cache.
> Who is user '5035' ?No clue, all users have a uidNumber in 1000-1999 with all sids ending
in 2000-2999.
> What is '192.168.7.176' ? A Windows client or what ? Is anything
else
> updating the dns in AD ?A windows 7 client.

Chris

Maybe Matching Threads

Search for more reasonably related threads

samba - Oct 2020 - samba ad errors in log

[Samba] samba ad errors in log

[Samba] samba ad errors in log

[Samba] samba ad errors in log

Maybe Matching Threads