Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Samba DC provisioning fails with Posix ACL enabled FFS

Hello all,

has anyone tried provisioning a Samba DC on NetBSD current recently?

I managed to do this about half a year ago. Currently, however, there seems to be a problem that I can't quite figure out yet.

I use as storage for Samba / Sysvol a FFS with Posix ACLs enabled. I have enabled these with tunefs after formatting and also give them as mount options.

However, when trying to provision I get:

net# samba-tool domain provision --use-rfc2307 --interactive
Domain [MPNET]:
Server Role (dc, member, standalone) [dc]: DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]: DNS forwarder IP address (write 'none' to disable forwarding) []: Administrator password:
Retype password:
INFO 2021-11-25 13:53:38,235 pid:1640 /usr/pkg/lib/python3.8/site-packages/samba/provision/ #1570: Setting up well known security principals INFO 2021-11-25 13:53:38,260 pid:1640 /usr/pkg/lib/python3.8/site-packages/samba/provision/ #1584: Setting up sam.ldb users and groups INFO 2021-11-25 13:53:38,351 pid:1640 /usr/pkg/lib/python3.8/site-packages/samba/provision/ #1592: Setting up self join Repacking database from v1 to v2 format (first record CN=Print-Media-Ready,CN=Schema,CN=Configuration,DC=mpnet,DC=local)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=msCOM-PartitionSet-Display,CN=411,CN=DisplaySpecifiers,CN=Configuration,DC=mpnet,DC=local) Repacking database from v1 to v2 format (first record CN=Builtin,DC=mpnet,DC=local)
set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
ERROR(runtime): uncaught exception - (3221225485, 'An invalid parameter was passed to a service or function.') File "/usr/pkg/lib/python3.8/site-packages/samba/netcmd/", line 186, in _run
    return*args, **kwargs)
File "/usr/pkg/lib/python3.8/site-packages/samba/netcmd/", line 487, in run
    result = provision(self.logger,
File "/usr/pkg/lib/python3.8/site-packages/samba/provision/", line 2341, in provision
    provision_fill(samdb, secrets_ldb, logger, names, paths,
File "/usr/pkg/lib/python3.8/site-packages/samba/provision/", line 1979, in provision_fill
    setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid,
File "/usr/pkg/lib/python3.8/site-packages/samba/provision/", line 1764, in setsysvolacl
    _setntacl(os.path.join(root, name))
File "/usr/pkg/lib/python3.8/site-packages/samba/provision/", line 1753, in _setntacl
    return setntacl(
File "/usr/pkg/lib/python3.8/site-packages/samba/", line 236, in setntacl

I am using Samba 4.13.11 from pkgsrc-2021Q3 (compiled with acl-Option). The NetBSD version is: NetBSD net.local 9.99.92 NetBSD 9.99.92 (XEN3_DOMU_CUSTOM) #0: Thu Nov 25 06:26:36 CET 2021 mpeterma@sysbldr92.local:/home/mpeterma/netbsd-current/obj/sys/arch/amd64/compile/XEN3_DOMU_CUSTOM amd64

(yes, I am using a custom XEN3_DOMU kernel as the provided kernel conf lacks the UFS_ACL option)

Has anyone an idea what is wrong here?

Kind regards

Home | Main Index | Thread Index | Old Index