Hi. I have Zentyal 6.2 as addition ad controller to windows server 2008r2.
Connects to the domain without errors, I see users in the web interface.
But then i try edit or create users I get the error:
There was an error updating LDAP: The request referenced an attribute that does not exist .<br/> Operation parameters:'modify [ \'add\', [ \'objectClass\', [ \'systemQuotas\' ] ] ] ' at /usr/share/perl5/EBox/Samba/LdapObject.pm line 433
In logs:
Command output: .
Exit value: 1 at root command set -e
rm -f '/var/lib/zentyal/conf/samba.keytab'
samba-tool domain exportkeytab '/var/lib/zentyal/conf/samba.keytab' --principal='ÐÑÑаÑоÑ@EP.LOC'
chown 'ebox:ebox' '/var/lib/zentyal/conf/samba.keytab'
chmod 400 '/var/lib/zentyal/conf/samba.keytab' failed.
Error output: GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Export one principal to /var/lib/zentyal/conf/samba.keytab
chown: cannot access '/var/lib/zentyal/conf/samba.keytab': No such file or directory
Command output: .
Exit value: 1 at /usr/share/perl5/EBox/Module/Service.pm line 971
EBox::Module::Service::restartService('EBox::Samba=HASH(0x561a5296b3d0)', 'restartModules', 1) called at /usr/share/perl5/EBox/Util/Init.pm line 121
eval {...} at /usr/share/perl5/EBox/Util/Init.pm line 119
EBox::Util::Init::moduleAction('samba', 'restartService', 'start') called at /usr/share/perl5/EBox/Util/Init.pm line 87
EBox::Util::Init::start at /usr/bin/zs line 35
main::main at /usr/bin/zs line 82
2021/07/22 11:55:42 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: webadmin
2021/07/22 11:55:45 INFO> Init.pm:90 EBox::Util::Init::start - Start modules finished
2021/07/22 11:55:49 INFO> SyncDaemon.pm:340 EBox::Samba::SyncDaemon::run - Samba sync daemon started
2021/07/22 11:56:06 ERROR> LdapObject.pm:433 EBox::Samba::LdapObject::save - There was an error updating LDAP: The request referenced an attribute that does not exist
Ok, based on this instruction
https://wiki.samba.org/index.php/Keytab_Extraction created a keytab on the windows server and copied to /var/lib/zentyal/conf/samba.keytab', but it didn't help and after restarting the service the keytab file was gone.
if i run command manualy:
user@zentyal:~$ sudo samba-tool domain exportkeytab '/var/lib/zentyal/conf/samba.keytab' --principal='ÐÑÑаÑоÑ@EP.LOC'
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Export one principal to /var/lib/zentyal/conf/samba.keytab
When i edit or create user from windows on zentyal controller - all work fine, in zentual log:
INFO> SyncDaemon.pm:125 EBox::Samba::SyncDaemon::checkUsers - Set user 'CN=test2,CN=Users,DC=EP,DC=LOC' uidNumber=65727
SyncDaemon.pm:131 EBox::Samba::SyncDaemon::checkUsers - Set user 'CN=test2,CN=Users,DC=EP,DC=LOC' gidNumber=2513
How do I fix this problem?