Author Topic: Master/Slave Samba Shares and User Accounts  (Read 10549 times)

bacob

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Master/Slave Samba Shares and User Accounts
« on: September 26, 2010, 12:16:05 am »
Hi everyone,

I am setting up a new PDC and slave file server.

The PDC is hosting the LDAP/Samba backend. The slave is a beefy box that has about 4 TB of shares that will replace a really old server that is about to die.

The users will authenticate off the PDC (Mac/Win) and then need to connect to the file server with the same network login account.

I have setup the PDC and can authenticate, SSH and mount the basic Samba shares from the PDC. The slave is setup and is replicating the user accounts but cannot login via samba shares on that server (or ssh or user corner, all fails).

When I setup a share on the slave it seems fine until I try to login. I have tried with both guest access on (and no ACL's) and also with user permissions turned on. Both ways authentication fails.

The slave is configured with the modules "Users and Groups", "User Corner" and "File Sharing". The samba configuration on the slave is not set to be a PDC.

In the samba log files I get this error:

[2010/09/25 18:00:59,  0] passdb/pdb_get_set.c:211(pdb_get_group_sid)
  pdb_get_group_sid: Failed to find Unix account for xxxx
[2010/09/25 18:00:59,  1] auth/auth_util.c:577(make_server_info_sam)
  User xxxx in passdb, but getpwnam() fails!
[2010/09/25 18:00:59,  0] auth/auth_sam.c:355(check_sam_security)
  check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'

Any ideas what could be causing this?

Is there something configured wrong or is a slave not supported for samba shares, login, etc..

Thanks.

bacob

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #1 on: September 26, 2010, 05:32:57 am »
I am also seeing this error now when trying to restart "File Sharing":

root command mkdir -p /home/samba/shares/InterBox chmod 0670 /home/samba/shares/InterBox chown ebox:__USERS__ /home/samba/shares/InterBox failed. Error output: chown: invalid group: `ebox:__USERS__' Command output: . Exit value: 1


Any ideas?


axxxcel

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #2 on: September 27, 2010, 03:02:36 pm »
root command mkdir -p /home/samba/shares/InterBox chmod 0670 /home/samba/shares/InterBox chown ebox:__USERS__ /home/samba/shares/InterBox failed. Error output: chown: invalid group: `ebox:__USERS__' Command output: . Exit value: 1

I have the same issu here.  Error Details:

Code: [Select]
root command mkdir -p /home/samba/shares/install
chmod 0670 /home/samba/shares/install
chown ebox:__USERS__ /home/samba/shares/install failed.
Error output: chown: ungültige Gruppe: „ebox:__USERS__“

Command output: .
Exit value: 1 at /usr/share/perl5/Error.pm line 182
Error::throw('EBox::Exceptions::Sudo::Command', 'cmd', 'mkdir -p /home/samba/shares/install\x{a}chmod 0670 /home/samba/sh...', 'output', 'ARRAY(0xbd3de7c0)', 'error', 'ARRAY(0xb9a8c250)', 'exitValue', 1, ...) called at /usr/share/perl5/EBox/Sudo.pm line 212
EBox::Sudo::_rootError('/usr/bin/sudo -p sudo: /var/lib/ebox/tmp/JrbagfC2tQ.cmd 2> /v...', 'mkdir -p /home/samba/shares/install\x{a}chmod 0670 /home/samba/sh...', 256, 'ARRAY(0xbd3de7c0)', 'ARRAY(0xb9a8c250)') called at /usr/share/perl5/EBox/Sudo.pm line 181
EBox::Sudo::_root(1, 'mkdir -p /home/samba/shares/install', 'chmod 0670 /home/samba/shares/install', 'chown ebox:__USERS__ /home/samba/shares/install') called at /usr/share/perl5/EBox/Sudo.pm line 136
EBox::Sudo::root('mkdir -p /home/samba/shares/install', 'chmod 0670 /home/samba/shares/install', 'chown ebox:__USERS__ /home/samba/shares/install') called at /usr/share/perl5/EBox/Samba/Model/SambaShares.pm line 278
EBox::Samba::Model::SambaShares::createDirs('EBox::Samba::Model::SambaShares=HASH(0xbd3f28c8)') called at /usr/share/perl5/EBox/Samba.pm line 519
EBox::Samba::_setConf('EBox::Samba=HASH(0xbbd77120)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Base.pm line 840
EBox::Module::Base::_regenConfig('EBox::Samba=HASH(0xbbd77120)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 644
EBox::Module::Service::_regenConfig('EBox::Samba=HASH(0xbbd77120)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 672
EBox::Module::Service::restartService('EBox::Samba=HASH(0xbbd77120)') called at /usr/share/perl5/EBox/CGI/EBox/RestartService.pm line 51
EBox::CGI::EBox::RestartService::_process('EBox::CGI::EBox::RestartService=HASH(0xbd3cd700)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::EBox::RestartService=HASH(0xbd3cd700)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'EBox/RestartService', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0xbd4001b0)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0xbd3c14d0)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0xbd3c14d0)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0xbd4001b0)') called at -e line 0
eval {...} called at -e line 0

I can only create shares when i give them guest access.

I tried to reinstall/reconfigure ldap on master and slave an also unconfigured samba on the slave using.

Code: [Select]
sudo /usr/share/ebox-usersandgroups/ebox-usersandgroups-reinstall
sudo /usr/share/ebox/ebox-unconfigure-module samba

Master/Salve synchronisation works fine for users and groups, but Samba on the slave does not.

I am using Ubuntu 10.04.1 LTS Server 32bit and installed Zentyal 2.0.2 via the repositories.

Any hints or suggestions?

Regards
Alexander

axxxcel

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #3 on: September 29, 2010, 02:09:15 am »
I also tried to install the servers with the original Zentyal Install CD and the same error accure.   :(

Jan Jacobs

  • Zen Warrior
  • ***
  • Posts: 132
  • Karma: +1/-0
    • View Profile
    • My blog (dutch)
Re: Master/Slave Samba Shares and User Accounts
« Reply #4 on: September 29, 2010, 07:25:19 pm »
try setting the user:group to nobody with chown
chown -R nobody:nobody /root/of/share
that seems to work on my box.. its a little bit unsecure, but it seems to do the trick
because, apearantly, samba users are not system users on Zentyal, thus.. the user you login with, has no access rights to the share, because linux says he/she doesnt exist in his database, wheras they do exist in samba
For i dipt into the future far as human eye could see,
saw a vision of the world and all the wonders there would be

MavRickS

  • Zen Apprentice
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #5 on: October 08, 2010, 11:06:03 am »
I have the same problem. Other services (for example Radius) are working on my slave server, but file sharing doesn't.

If I do ldapsearch to view the ldap groups, I can see the __USERS__ group.

If I do on the slave shell:

$ id username

id: username: No such user

Is it a bug?
« Last Edit: October 08, 2010, 11:28:36 am by MavRickS »

brumela

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #6 on: October 10, 2010, 06:33:10 pm »
I have the same problem. Other services (for example Radius) are working on my slave server, but file sharing doesn't.

If I do ldapsearch to view the ldap groups, I can see the __USERS__ group.

If I do on the slave shell:

$ id username

id: username: No such user

Is it a bug?
I can confirm this behavior. Same problems. Bug?

apicito

  • Zen Apprentice
  • *
  • Posts: 21
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #7 on: October 11, 2010, 10:38:37 am »
I has a similar problem and solve it creating in slave a group __USERS__ and add user ebox into __USERS__.

brumela

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #8 on: October 11, 2010, 10:27:25 pm »
I has a similar problem and solve it creating in slave a group __USERS__ and add user ebox into __USERS__.
Didn't help me.

axxxcel

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #9 on: October 13, 2010, 07:38:11 pm »
I has a similar problem and solve it creating in slave a group __USERS__ and add user ebox into __USERS__.
Didn't help me.

same here does not work

jsalamero

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1419
  • Karma: +45/-1
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #10 on: October 17, 2010, 12:31:13 pm »
This is a known issue, will be fixed soon. Keep an eye on usersandgroups changelog.

eboxbuggy

  • Zen Monk
  • **
  • Posts: 89
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #11 on: October 20, 2010, 11:15:13 am »
This is a known issue, will be fixed soon. Keep an eye on usersandgroups changelog.

I'm not sure if this will fix your problems but I just removed apparmor. Mine seems to fix it.

Clean install MASTER
- only users & groups installed
- removed apparmor

Clean install SLAVE
- ebox office installed
- removed apparmor
- enabled users & groups = JOY :)

eboxbuggy

  • Zen Monk
  • **
  • Posts: 89
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #12 on: October 20, 2010, 04:28:11 pm »
spoke too soon ...  :P

got a couple of errors while trying to enable Samba PDC ...

axxxcel

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Master/Slave Samba Shares and User Accounts
« Reply #13 on: October 28, 2010, 06:19:49 pm »
this bug is realy a show stopper  :(

exekias

  • Zentyal Staff
  • Zen Warrior
  • *****
  • Posts: 196
  • Karma: +21/-0
    • View Profile
    • The Big Bug Theory
Re: Master/Slave Samba Shares and User Accounts
« Reply #14 on: October 28, 2010, 07:23:46 pm »
Hi there,

I think this issue has been fixed with last ebox-samba release, if you want you can give it a try an tell us the result. You will need to reinstall ebox-usersandgroups module and reconfigure samba

Best regards