Latest News:
*New 11.2 series Release:
2019-06-20: XigmaNAS 11.2.0.4.6766 - released!

*New 12.0 series Release:
2019-06-20: XigmaNAS 12.0.0.4.6766 - released!

We really need "Your" help on XigmaNAS https://translations.launchpad.net/xigmanas translations. Please help today!

Producing and hosting XigmaNAS cost money, please consider a donation to our project so we can continue to offer you the best.
We need your support! eg: PAYPAL

Error in initialization samba ad

Samba Active Directory Domain Controller.
Forum rules
Set-Up GuideFAQsForum Rules
Post Reply
juliobarcelos
NewUser
NewUser
Posts: 1
Joined: 12 Sep 2015 05:10
Status: Offline

Error in initialization samba ad

#1

Post by juliobarcelos » 04 Oct 2017 03:23

I'm trying to deploy a PDC with samba4 following the thread f=98&t=9056, but the error:

Code: Select all

Initializing...
Administrator password will be set randomly!
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=milcomunicacoes,DC=local
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected information received')
  File "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py", line 471, in run
    nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 2175, in provision
    skip_sysvolacl=skip_sysvolacl)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1806, in provision_fill
    names.domaindn, lp, use_ntvfs)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1593, in setsysvolacl
    service=SYSVOL_SERVICE)
  File "/usr/local/lib/python2.7/site-packages/samba/ntacls.py", line 162, in setntacl
    smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
how to solve?
thanks

Malussilvestris
NewUser
NewUser
Posts: 5
Joined: 29 Oct 2017 13:32
Status: Offline

Re: Error in initialization samba ad

#2

Post by Malussilvestris » 13 Dec 2017 18:19

Hm,

just read https://nas4free.org/forums/viewtopic.p ... 056#p79032.

Currently there is no solution for it.

Putting samba in a Jail with this patch (https://bugs.freebsd.org/bugzilla/show_ ... ?id=220844) might be an option. Recompiling N4F with this patch probably as well. This patch is not accepted by samba development team. They consider this approach as unsafe.

BR
Michael
Last edited by Malussilvestris on 21 Dec 2017 21:08, edited 1 time in total.

Malussilvestris
NewUser
NewUser
Posts: 5
Joined: 29 Oct 2017 13:32
Status: Offline

Re: Error in initialization samba ad

#3

Post by Malussilvestris » 19 Dec 2017 14:41

Issue is solved now for FreeBSD and samba 4.7.3.

See https://bugs.freebsd.org/bugzilla/show_ ... =220844#c5

Remaining question is, when samba 4.7.3 is available for Nas4free...

Malussilvestris
NewUser
NewUser
Posts: 5
Joined: 29 Oct 2017 13:32
Status: Offline

Re: Error in initialization samba ad

#4

Post by Malussilvestris » 03 Jan 2018 19:33

Latest N4F contains samba 4.7.3. - Thanks to th developers!

Unfortunately provisioning still does not work. It quits with the following message:

Code: Select all

Initialisierung läuft …
Usage: samba-tool domain provision [options]

samba-tool domain provision: error: option --function-level: invalid choice: '2012_R2' (choose from '2000', '2003', '2008', '2008_R2')
Any advice?

BR
Michael

User avatar
ms49434
Developer
Developer
Posts: 638
Joined: 03 Sep 2015 18:49
Location: Neuenkirchen-Vörden, Germany - GMT+1
Contact:
Status: Offline

Re: Error in initialization samba ad

#5

Post by ms49434 » 03 Jan 2018 21:03

Malussilvestris wrote:
03 Jan 2018 19:33
Latest N4F contains samba 4.7.3. - Thanks to th developers!

Unfortunately provisioning still does not work. It quits with the following message:

Code: Select all

Initialisierung läuft …
Usage: samba-tool domain provision [options]

samba-tool domain provision: error: option --function-level: invalid choice: '2012_R2' (choose from '2000', '2003', '2008', '2008_R2')
Any advice?

BR
Michael
you could try to modify /usr/local/www/services_samba_ad_init.php line 138

Code: Select all

$cmdargs[] = escapeshellarg('--function-level=2012_R2');
to

Code: Select all

$cmdargs[] = escapeshellarg('--function-level=2008_R2');
1) XigmaNAS 12.0.0.4 amd64-embedded on a Dell T20 running in a VM on ESXi 6.7U2, 22GB out of 32GB ECC RAM, LSI 9300-8i IT mode in passthrough mode. Pool 1: 2x HGST 10TB, mirrored, SLOG: Samsung 850 Pro, L2ARC: Samsung 850 Pro, Pool 2: 1x Samsung 860 EVO 1TB , services: Samba AD, CIFS/SMB, ftp, ctld, rsync, syncthing, zfs snapshots.
2) XigmaNAS 12.0.0.4 amd64-embedded on a Dell T20 running in a VM on ESXi 6.7U2, 8GB out of 32GB ECC RAM, IBM M1215 crossflashed, IT mode, passthrough mode, 2x HGST 10TB , services: rsync.

Malussilvestris
NewUser
NewUser
Posts: 5
Joined: 29 Oct 2017 13:32
Status: Offline

Re: Error in initialization samba ad

#6

Post by Malussilvestris » 04 Jan 2018 09:53

Thanks for the hint. At least I went one step further. The "fset_nt_acl" issue is now gone.
Unfortunately it still does not work. Any Ideas?

BTW:
I tested it once with the suggested option ("function-level=2008_R2"), another time I completely omitted the option (the latter should be the default for n4f, IMHO)

Code: Select all

Initialisierung läuft …
Administrator password will be set randomly!
Looking up IPv4 addresses
More than one IPv4 address found. Using 192.168.2.250
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=malussilvestris,DC=local
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
ltdb: tdb(/mnt/sambaAD/private/sam.ldb.d/CN=CONFIGURATION,DC=MALUSSILVESTRIS,DC=LOCAL.ldb): tdb_transaction_prepare_commit: expansion failed

ltdb: tdb(/mnt/sambaAD/private/sam.ldb.d/CN=CONFIGURATION,DC=MALUSSILVESTRIS,DC=LOCAL.ldb): tdb_transaction_cancel: no transaction

ERROR(ldb): uncaught exception - prepare_commit error on CN=Configuration,DC=malussilvestris,DC=local: Failure during tdb_transaction_prepare_commit(): IO Error -> Protocol error
  File "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py", line 474, in run
    nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 2187, in provision
    skip_sysvolacl=skip_sysvolacl)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1804, in provision_fill
    samdb.transaction_commit()
    

Malussilvestris
NewUser
NewUser
Posts: 5
Joined: 29 Oct 2017 13:32
Status: Offline

Re: Error in initialization samba ad

#7

Post by Malussilvestris » 05 Feb 2018 23:54

Hi all,

sorry for any confusion. Works well now, I made a mistake during setup of the UFS partition.
BR
Michael

Post Reply

Return to “Samba AD”