Re: Samba DC provisioning fails with ACL-enabled NetBSD-current

To: Christos Zoulas <christos%zoulas.com@localhost>
Subject: Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
From: Chavdar Ivanov <ci4ic4%gmail.com@localhost>
Date: Sat, 25 Jul 2020 00:46:31 +0100

On Fri, 24 Jul 2020 at 10:55, Chavdar Ivanov <ci4ic4%gmail.com@localhost> wrote:
>
> On Fri, 24 Jul 2020 at 01:09, Christos Zoulas <christos%zoulas.com@localhost> wrote:
> >
> > Be very careful and use a separate partition for sysvol because Matthias reported
> > fs corruption which I have not looked at yet.
>
> Thanks for the warning. It runs on a XCP-NG guest, so I will take a snapshot.
>
> >
> > christos
> >
> > On Jul 23, 2020, at 7:39 PM, Chavdar Ivanov <ci4ic4%gmail.com@localhost> wrote:
> >
> > On Thu, 23 Jul 2020 at 16:25, Chavdar Ivanov <ci4ic4%gmail.com@localhost> wrote:
> >
> >
> > On Thu, 23 Jul 2020 at 15:59, Christos Zoulas <christos%zoulas.com@localhost> wrote:
> >
> >
> > You are missing:
> >
> > PKG_OPTIONS.samba4=     acl
> >
> >
> > Unfortunately not - this is the line:
> >
> > PKG_OPTIONS.samba4=acl avahi ldap pam winbind
> >
> > and I get:
> >
> > #... /net/samba4 ❯ make show-options
> > Any of the following general options may be selected:
> >        acl      Enable POSIX ACL support.
> >        ads      Enable Windows Active Directory support.
> >        avahi    Enable DNS service discovery and multicast DNS support.
> >        fam      Support using File Alteration Monitor (FAM).
> >        ldap     Enable LDAP support.
> >        pam      Enable PAM support.
> >        winbind  Enable name-service switch daemon support using
> > Windows Servers.
> >
> > These options are enabled by default:
> >        ads avahi ldap pam winbind
> >
> > These options are currently enabled:
> >        acl ads avahi ldap pam winbind
> >
> > You can select which build options to use by setting PKG_DEFAULT_OPTIONS
> > or PKG_OPTIONS.samba4.
> >
> > As I said, configure definitely has --with-acl-support and the log
> > file indicates attempts to find the bits in question, so it is
> > something else.
> >
> > This is a fairly used pkgsrc build host, perhaps something has gone
> > wrong at some stage; I have another one setup with much less changes
> > since the original modification, I'll cvs update the whole tree and
> > after a rolling-replace will try one more to build samba4 with ad
> > support.
> >
> >
> >
> > The build on the second pkgsrc host produced a working dc. The two
> > pkgsrc hosts use the same /etc/mk.conf file, with the exception that
> > on the first - failed one - the default python is 3.7, hereas on the
> > second one it is 3.8, if this matters.
> >
> > Now some domain joining...

Just FYI - so far all my initial tests were fine; I was able to join a
Windows 10 Pro and Windows Server Next - both the latest insider
builds available - and do some user/group manipulation. I am getting
some error messages in the syslog file related to the dns updates, but
apparently this does not affect the operation, as far as I can see it
for the moment:

....
  /usr/pkg/sbin/samba_dnsupdate:     raise e
[2020/07/25 00:31:56.229167,  0]
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
  /usr/pkg/sbin/samba_dnsupdate:   File
"/usr/pkg/lib/python3.8/site-packages/samba/netcmd/dns.py", line 940,
in run
[2020/07/25 00:31:56.229329,  0]
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
  /usr/pkg/sbin/samba_dnsupdate:
dns_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
[2020/07/25 00:31:56.229468,  0]
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
  /usr/pkg/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
(9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
[2020/07/25 00:31:56.229616,  0]
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
  /usr/pkg/sbin/samba_dnsupdate:   File
"/usr/pkg/lib/python3.8/site-packages/samba/netcmd/__init__.py", line
186, in _run
[2020/07/25 00:31:56.230793,  0]
../../source4/dsdb/dns/dns_update.c:86(dnsupdate_nameupdate_done)
  dnsupdate_nameupdate_done: Failed DNS update with exit code 28
....

Great work.

> >
> >
> >
> > in /etc/mk.conf
> >
> > christos
> >
> > On Jul 23, 2020, at 9:54 AM, Chavdar Ivanov <ci4ic4%gmail.com@localhost> wrote:
> >
> > ...
> > Chavdar
> >
> >
>
>
> --
> ----



-- 
----

References:
- Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Matthias Petermann
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Christos Zoulas
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Matthias Petermann
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Chavdar Ivanov
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Christos Zoulas
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Chavdar Ivanov
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Chavdar Ivanov
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Christos Zoulas
- Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
  - From: Chavdar Ivanov

Prev by Date: Daily packages for NetBSD/amd64 current
Next by Date: Re: anoncvs access
Previous by Thread: Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
Next by Thread: Re: Samba DC provisioning fails with ACL-enabled NetBSD-current
Indexes:

Home | Main Index | Thread Index | Old Index