problems after upgrade from 3.3.2 to 3.4.0
in [Samba]
|
Prev: Error joining domain "The specified account already exists"
Next: [Samba] Interdomain trust with different WINS servers
From: Dale Schroeder on 27 May 2010 15:20 On 05/26/2010 9:00 PM, Thomas Gutzler wrote: > On 27/05/2010 4:19 AM, Harry Jede wrote: > >> On Mittwoch, 26. Mai 2010 wrote Thomas Gutzler: >> >>> On 26/05/2010 4:44 PM, Christian PERRIER wrote: >>> >>>> Quoting Thomas Gutzler (thomas.gutzler(a)gmail.com): >>>> >>>>> After upgrading one of my samba servers from ubuntu jaunty (3.3.2) >>>>> to karmic (3.4.0) I cannot access the shares any more. >>>>> >>>> >> Or my favorite upgrade path: >> # testparm -v -s /dev/null> smb.conf.default-$(smbd -V|cut -f2 -d' ') >> Run this before and after upgrading samba >> >> To get a small host specific file without the services: >> # testparm -s --section-name=global> smb.conf.$HOSTNAME-$(smbd -V| >> cut -f2 -d' ') >> > It's a bit late to run it before the upgrade now but I found another > machine running jaunty (enjoy), so I installed samba and ran testparm > with the smb.conf from the updated machine (fintlewoodlewix). Here's the > diff between the two defaults (without the line numbers): > # diff smb.conf.default-3.3.2 smb.conf.default-3.4.0 > < netbios name = ENJOY > >> netbios name = FINTLEWOODLEWIX >> > < server string = Samba 3.3.2 > >> server string = Samba 3.4.0 >> > < config backend = file > < passdb backend = smbpasswd > >> passdb backend = tdbsam >> > < use kerberos keytab = No > >> dedicated keytab file = >> kerberos method = default >> map untrusted to domain = No >> I recall you saying that you had accounted for the default passdb backend change in 3.4.0. That leaves the authentications changes as the other big difference with 3.4.0. I don't recall you saying whether or not KRIKKIT is in the domain. If KRIKKIT is not in the domain, try setting map untrusted to domain = Yes on the box that is giving you problems. Dale > < max open files = 10000 > >> max open files = 16384 >> > < config file = > < lock directory = > >> lock directory = /var/run/samba >> state directory = /var/lib/samba >> cache directory = /var/cache/samba >> perfcount module = >> access based share enum = No >> browsable = Yes >> > < include = > > And the host specific ones. The only thing I changed there was to get > rid of the PAM stuff and change the password server from name to IP. > # diff smb.conf.enjoy-3.3.2 smb.conf.fintlewoodlewix-3.4.0 > < obey pam restrictions = Yes > < password server = io > >> password server = 130.95.136.177 >> > < passdb backend = tdbsam > < pam password change = Yes > > > I also deleted all .tdb files in /var/lib/samba, the machine account on > the PDC and rejoined the domain but authentication still doesn't work. > Neither does the mapping to guest for invalid users. > > While I had samba running on the jaunty machine, I joined it to the > domain and tried if I could connect to it using the same machine and > credentials as before; and I could. Even the guest account seems to work > alright with no change in the configuration other than the path in the > share. > > I might follow Christians suggestion and upgrade to 10.04 unless there > are any other suggestions. Maybe a second upgrade fixes it. > > Tom > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Thomas Gutzler on 27 May 2010 22:10
On 28/05/2010 3:14 AM, Dale Schroeder wrote: >>>>> Quoting Thomas Gutzler (thomas.gutzler(a)gmail.com): >>>>> >>>>>> After upgrading one of my samba servers from ubuntu jaunty (3.3.2) >>>>>> to karmic (3.4.0) I cannot access the shares any more. > > I recall you saying that you had accounted for the default passdb > backend change in 3.4.0. > That leaves the authentications changes as the other big difference with > 3.4.0. > I don't recall you saying whether or not KRIKKIT is in the domain. If > KRIKKIT is not in the domain, try setting > > map untrusted to domain = Yes > > on the box that is giving you problems. That fixed it. And I really don't know why I didn't spot that from the output I posted. I must have been assuming identical behaviour for PDC and domain member, which isn't the case for map untrusted to domain. Thanks for your help! Tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |