Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: heyste on January 02, 2008, 11:46:46 pm
-
Hi Everyone,
Anyone else had a problem with a clean install of 0.11.2 and joining PCs to the Samba PDC ? I have a working setup of 0.10 .When I try to join my 0.11.2 PDC the client can't find the PDC but with my 0.10 PDC it works 100%.
Used nbtstat -A {eBox_ip_address} and got the following <snipped> results.
eBox 0.11.2
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
SERVER3 <00> UNIQUE Registered
SERVER3 <03> UNIQUE Registered
SERVER3 <20> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered
EBOX <00> GROUP Registered
EBOX <1C> GROUP Registered
EBOX <1E> GROUP Registered
eBox 0.10
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
SERVER4 <00> UNIQUE Registered
SERVER4 <03> UNIQUE Registered
SERVER4 <20> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered
EBOX4 <00> GROUP Registered
EBOX4 <1B> UNIQUE Registered
EBOX4 <1C> GROUP Registered
EBOX4 <1D> UNIQUE Registered
EBOX4 <1E> GROUP Registered
The magic item missing from 0.11.2 is "<1B> UNIQUE Registered" which fits some of the info listed here (http://www.microsoft.com/technet/archive/winntas/plan/capacityplanning/a02_sync.mspx?mfr=true).
Also, I used WireShark (http://www.wireshark.org/) to check the traffic between the client and eBox. The client is doing a netbios name query for the Domain <1B>, which it can't find due to the missing <1B> not been advertised by eBox. Hopefully, this can be confirmed soon and fixed ;D
The project looks promising and Thanks for the effort so far eBox Guys !
Best Regards,
Stephen
-
I think this stems from a uidNumber bug I have noticed in the latest version. Chances are you have duplicate uidNumbers for the Machine account. I'm just guessing at this point, but I plan on spending some time on it this weekend. Should be pretty straight forward samba stuff.
Go ahead and do a "slapcat|grep uidNumber" and see if you have any duplicates. If you do...that might be an indication.
Jim
-
I am also having the same issue.. the I did the slapcat|grep and it turns out that I do have duplicate UID numbers.. now what should I do? *consults samba docs*
# slapcat|grep uidNumbe
/etc/ldap/slapd.conf: line 57: rootdn is always granted unlimited privileges.
bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ebox/ldap: (2)
Expect poor performance for suffix dc=ebox.
uidNumber: 2001
uidNumber: 2001
-
Hi,
I'll try to reproduce your issue during tomorrow and I'll get back to you as soon as I figure out what's happening.
You'll have an answer tomorrow :)
-
thanks javi! let me know if you need me to test anything
-
I am also having the same issue.. the I did the slapcat|grep and it turns out that I do have duplicate UID numbers.. now what should I do?
I thought that might be the case. The fix is simple, but it requires some changes of your LDAP tree. The simplest way to do this with a LDAP admin tool like phpldapadmin. I've become so spoiled with ldap tools, I've forgotten much of the command line syntax...forgive me! :)
Here's some phpldapadmin instructions:
1) Install phpldapadmin on a client computer.
2) Edit two lines in the conig.php (Assuming ebox ip is 192.168.1.1)
/* Examples:
'ldap.example.com',
'ldaps://ldap.example.com/',
'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
(Unix socket at /usr/local/var/run/ldap) */
$ldapservers->SetValue($i,'server','host','192.168.1.1');
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
auto-detect it for you. */
$ldapservers->SetValue($i,'server','base',array('dc=ebox'));
3) Open phpldapadmin in browser and authenticate to ebox server using admindn (cn=admin,dc=ebox). [See attachment screenshot]
4) Browse to Computers->YOUR_COMPUTER->change the uidNumber to something higher...to be safe change it to 2100.
If i spend about ten minutes I can whip out the ldap commad line of need be.
regards,
Jim
-
Hi again,
I've just tested the PDC thing and I haven't been able to reproduce your bug. I successfully added one machine to the domain using a user with administration privileges, and I could log into the domain with a normal user from the Windows XP machine.
Regarding the uidNumber issue, I noticed that if you add the machine to the domain through windows XP -add machine to domain, prompted user/pass- the uidNumber is used correctly by samba and it does not reuse it even if the entry in sambaDomainName contains an already used number.
I would need more info like describing very accurately the steps you follow to try reproduce the problem.
-
Well, we know the PDC won't update the uidumber if you join another samba machine to the domain. Perhaps those having the issue have also tried to add a samba domain member. I actually haven't added any windows machines to my domain here, so I don't actually have the issue duplicated either.
-
thanks for the tips.. Ill give this stuff a go this evening..
-
Javi fixed this....
http://people.warp.es/~javi/ebox-usersandgroups_0.11.3_all.deb
1) install the .deb (dpkg -i ebox-usersandgroups_0.11.3_all.deb)
2) /etc/init.d/ebox apache restart
This won't replace existing duplicates, but will prevent it from happening again.
-
when installing the pdc patch.. I saw this...
pdc800:~# dpkg -i ebox-usersandgroups_0.11.3_all.deb
(Reading database ... 24986 files and directories currently installed.)
Preparing to replace ebox-usersandgroups 0.11.2 (using ebox-usersandgroups_0.11.3_all.deb) ...
Unpacking replacement ebox-usersandgroups ...
Setting up ebox-usersandgroups (0.11.3) ...
Stopping OpenLDAP: slapd.
Can't use string ("/ebox/modules/services/serviceTa") as a HASH ref while "strict refs" in use at /usr/share/perl5/EBox/GConfModule.pm line 416.
Starting OpenLDAP: slapd.
I feel I remember seeing this error somewhere else as well...
Can't use string ("/ebox/modules/services/serviceTa") as a HASH ref while "strict refs" in use at /usr/share/perl5/EBox/GConfModule.pm line 416.
-
suffering on the same bug with hash on
/ebox-ro/modules/network/data_ve
but different line #
/usr/share/perl5/EBox/GConfModule.pm line 916
any solution?
-
Could you send me a bug report please to try reproduce that?
juruen at warp dot es