Hello there...
I just updated a FreeNAS server from 11.2-U1 to 11.2-U2.
I can no longer start the SMB service. My users are in LDAP.
EDIT:
The problem was fixed by adding Adding
Something is going wrong with the mapping of user IDs as far as I can tell? Any thoughts?
This is what I get in /var/log/samb4/log.smbd:
This is mu SAMBA config (I have no shares as I deleted them to simplify the setup):
I just updated a FreeNAS server from 11.2-U1 to 11.2-U2.
I can no longer start the SMB service. My users are in LDAP.
EDIT:
The problem was fixed by adding Adding
winbind nested groups = no
in section auxiliary parameter under Services->SMB. Thank you @anodos.Something is going wrong with the mapping of user IDs as far as I can tell? Any thoughts?
This is what I get in /var/log/samb4/log.smbd:
Code:
[2019/02/25 12:25:47.765122, 3] ../source3/smbd/server.c:1842(main) Becoming a daemon. [2019/02/25 12:25:47.767435, 2] ../source3/passdb/pdb_ldap_util.c:281(smbldap_search_domain_info) smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ZFS_ULTRAMAN))] [2019/02/25 12:25:47.817732, 3] ../source3/lib/smbldap.c:632(smbldap_start_tls) StartTLS issued: using a TLS connection [2019/02/25 12:25:47.817788, 2] ../source3/lib/smbldap.c:847(smbldap_open_connection) smbldap_open_connection: connection opened [2019/02/25 12:25:47.827892, 3] ../source3/lib/smbldap.c:1069(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2019/02/25 12:25:47.979475, 3] ../source3/lib/util_procid.c:54(pid_to_procid) pid_to_procid: messaging_dgm_get_unique failed: No such file or directory [2019/02/25 12:25:47.982172, 2] ../source3/passdb/pdb_ldap_util.c:281(smbldap_search_domain_info) smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ZFS_ULTRAMAN))] [2019/02/25 12:25:47.990562, 3] ../source3/lib/smbldap.c:632(smbldap_start_tls) StartTLS issued: using a TLS connection [2019/02/25 12:25:47.990626, 2] ../source3/lib/smbldap.c:847(smbldap_open_connection) smbldap_open_connection: connection opened [2019/02/25 12:25:47.996891, 2] ../source3/passdb/pdb_ldap_util.c:281(smbldap_search_domain_info) smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ZFS_ULTRAMAN))] [2019/02/25 12:25:48.005126, 3] ../source3/lib/smbldap.c:632(smbldap_start_tls) StartTLS issued: using a TLS connection [2019/02/25 12:25:48.005218, 2] ../source3/lib/smbldap.c:847(smbldap_open_connection) smbldap_open_connection: connection opened [2019/02/25 12:25:48.005653, 3] ../source3/lib/smbldap.c:1069(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2019/02/25 12:25:48.021043, 3] ../source3/lib/smbldap.c:1069(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2019/02/25 12:25:48.036973, 3] ../source3/lib/smbldap.c:632(smbldap_start_tls) StartTLS issued: using a TLS connection [2019/02/25 12:25:48.037043, 2] ../source3/lib/smbldap.c:847(smbldap_open_connection) smbldap_open_connection: connection opened [2019/02/25 12:25:48.051993, 3] ../source3/lib/smbldap.c:1069(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2019/02/25 12:25:48.052787, 2] ../source3/passdb/pdb_ldap.c:2386(init_group_from_ldap) init_group_from_ldap: Entry found for group: 90000005 [2019/02/25 12:25:48.053792, 2] ../source3/passdb/pdb_ldap.c:2386(init_group_from_ldap) init_group_from_ldap: Entry found for group: 90000006 [2019/02/25 12:25:48.107401, 3] ../source3/passdb/pdb_ldap.c:5210(ldapsam_gid_to_sid) ERROR: Got 0 entries for gid 90000016, expected one [2019/02/25 12:25:48.108434, 0] ../source3/groupdb/mapping.c:863(pdb_create_builtin_alias) pdb_create_builtin_alias: Could not add group mapping entry for alias 546 (NT_STATUS_ACCESS_DENIED) [2019/02/25 12:25:48.108496, 2] ../source3/auth/token_util.c:774(finalize_local_nt_token) Failed to create BUILTIN\Guests group NT_STATUS_ACCESS_DENIED! Can Winbind allocate gids? [2019/02/25 12:25:48.108529, 3] ../source3/auth/token_util.c:412(create_local_nt_token_from_info3) Failed to finalize nt token [2019/02/25 12:25:48.108557, 0] ../source3/auth/auth_util.c:1382(make_new_session_info_guest) create_local_token failed: NT_STATUS_ACCESS_DENIED [2019/02/25 12:25:48.108590, 0] ../source3/smbd/server.c:2000(main) ERROR: failed to setup guest info.
This is mu SAMBA config (I have no shares as I deleted them to simplify the setup):
Code:
testparm -s Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED Load smb config files from /usr/local/etc/smb4.conf Loaded services file OK. Server role: ROLE_DOMAIN_PDC # Global parameters [global] deadtime = 15 disable spoolss = Yes dns proxy = No domain logons = Yes dos charset = CP437 hostname lookups = Yes kernel change notify = No ldap admin dn = ***** ldap passwd sync = yes ldap suffix = *** lm announce = Yes load printers = No local master = No logging = file max log size = 51200 max open files = 6603833 nsupdate command = /usr/local/bin/samba-nsupdate -g obey pam restrictions = Yes panic action = /usr/local/libexec/samba/samba-backtrace passdb backend = ldapsam:ldap://ldap.example.com printcap name = /dev/null security = USER server min protocol = SMB2_02 server role = member server server string = FreeNAS Server workgroup = ZFS_ULTRAMAN idmap config zfs_ultraman: range = 10000-90000000 idmap config zfs_ultraman: backend = ldap ldapsam:trusted = yes idmap config *: range = 90000001-100000000 idmap config * : backend = tdb acl allow execute always = Yes create mask = 0666 directory mask = 0777 directory name cache size = 0 dos filemode = Yes strict locking = No
Last edited: