Zentyal Forum, Linux Small Business Server

Zentyal Server => Directory and Authentication => Topic started by: ibm_new on March 29, 2020, 02:40:47 pm

Title: The following modules failed while saving... :SAMBA (additional domain)
Post by: ibm_new on March 29, 2020, 02:40:47 pm
Ok, I installed a fresh copy of Zentyal 6.1 several times now. Installed the standard modules, checked that I'm on the same domain as my AD Controller and then tried to make Zentyal an additional domain controller. This is without any success so far. I tried to set admin with no expiration date, manually configured DNS again (was not possible to find internal resources). Formatted, re-installed, changed settings... but whatever I do, I don't get Zentyal as an additional domain controller.

- I use the standard 6.1 image with Ubuntu 18.04 LTS (latest download of the site)
- My domain controller is a Windows 2012R2 patched with the latest fixes
- The domain and forest are demoted to function as a Windows2008R2 (validated)
- I can see AD settings transferred when trying to migrate, but Zentyal will not start anymore and hangs either on DNS or SAMBA
- I checked all the forums, but no answers found sofare are near a solution (mostly this cannot be reproduced?!?)
- I do see that lots of admins do have the same issue but nothing is beeing done to solve this
- I will keep going to find a solution, but a little help from the makes would be very useful
- Maybe the makers of this can take a closer look into this as there are a lot of people out there who struggle with the same issue
- I have rebooted both zentyal and AD on any action to make sure everthing loaded correctly bevore make other changes
- The time settings are correct on both servers (even location settings)

Please find the log below:

Command output: .
Exit value: 1
2020/03/29 13:59:58 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: logs
2020/03/29 13:59:58 ERROR> GlobalImpl.pm:727 EBox::GlobalImpl::saveAllModules - The following modules failed while saving their changes, their state is unknown: samba  at The following modules failed while saving their changes, their state is unknown: samba  at /usr/share/perl5/EBox/GlobalImpl.pm line 727
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x5638de97f3a8)', 'progress', 'EBox::ProgressIndicator=HASH(0x5638ddf63ff0)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x5638ddf64098)', 'progress', 'EBox::ProgressIndicator=HASH(0x5638ddf63ff0)') called at /usr/share/zentyal/global-action line 32
eval {...} at /usr/share/zentyal/global-action line 30
2020/03/29 14:00:05 INFO> GlobalImpl.pm:616 EBox::GlobalImpl::saveAllModules - Saving config and restarting services: firewall dns samba logs
2020/03/29 14:00:05 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: firewall
2020/03/29 14:00:06 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: dns
2020/03/29 14:00:08 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: samba
2020/03/29 14:00:09 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: logs
2020/03/29 14:00:09 INFO> GlobalImpl.pm:714 EBox::GlobalImpl::saveAllModules - Changes saved successfully
2020/03/29 14:00:15 INFO> Halt.pm:150 EBox::SysInfo::Model::Halt::_prepareSystemForHalt - Zentyal is going down for reboot
2020/03/29 14:00:17 INFO> Init.pm:101 EBox::Util::Init::stop - Modules to stop: webadmin network firewall audit dns logs ntp samba
2020/03/29 14:00:18 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: firewall
2020/03/29 14:00:19 INFO> Init.pm:106 EBox::Util::Init::stop - Stop modules finished
2020/03/29 14:00:26 INFO> Init.pm:85 EBox::Util::Init::start - Modules to start: network firewall audit dns logs ntp samba webadmin
2020/03/29 14:00:26 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: network
2020/03/29 14:00:28 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: firewall
2020/03/29 14:00:28 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: audit
2020/03/29 14:00:28 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: dns
2020/03/29 14:00:30 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: logs
2020/03/29 14:00:30 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: ntp
2020/03/29 14:00:30 WARN> NTP.pm:154 EBox::NTP::_syncDate - Couldn't execute ntpdate 0.europ.pool.ntp.org
2020/03/29 14:00:31 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: samba
2020/03/29 14:00:31 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: webadmin
2020/03/29 14:00:32 INFO> Init.pm:90 EBox::Util::Init::start - Start modules finished
2020/03/29 14:00:33 INFO> Index.pm:187 EBox::Dashboard::CGI::Index::masonParameters - dashboard1
2020/03/29 14:12:38 INFO> Index.pm:187 EBox::Dashboard::CGI::Index::masonParameters - dashboard1
2020/03/29 14:12:55 INFO> GlobalImpl.pm:616 EBox::GlobalImpl::saveAllModules - Saving config and restarting services: firewall dns samba logs
2020/03/29 14:12:55 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: firewall
2020/03/29 14:12:55 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: dns
2020/03/29 14:12:58 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: samba
2020/03/29 14:12:58 INFO> Provision.pm:810 EBox::Samba::Provision::checkAddress - Resolving validate.domain.company.com to an IP address
2020/03/29 14:12:58 INFO> Provision.pm:830 EBox::Samba::Provision::checkAddress - The DC validate.domain.company.com has been resolved to 192.168.10.11
2020/03/29 14:12:58 INFO> Provision.pm:833 EBox::Samba::Provision::checkAddress - Checking reverse DNS resolution of '192.168.10.11'...
2020/03/29 14:12:58 INFO> Provision.pm:857 EBox::Samba::Provision::checkAddress - The IP address 192.168.10.11 does not have associated PTR record
2020/03/29 14:12:58 INFO> Provision.pm:756 EBox::Samba::Provision::checkServerReachable - Checking if AD server '192.168.10.11' is online...
2020/03/29 14:12:58 INFO> Provision.pm:866 EBox::Samba::Provision::checkFunctionalLevels - Checking forest and domain functional levels...
2020/03/29 14:12:58 INFO> Provision.pm:898 EBox::Samba::Provision::checkRfc2307 - Checking RFC2307 compliant schema...
2020/03/29 14:12:58 INFO> Provision.pm:775 EBox::Samba::Provision::checkLocalRealmAndDomain - Checking local domain and realm...
2020/03/29 14:12:58 INFO> Provision.pm:972 EBox::Samba::Provision::checkClockSkew - Checking clock skew with AD server...
2020/03/29 14:12:58 INFO> Provision.pm:993 EBox::Samba::Provision::checkClockSkew - Clock skew below two minutes, should be enough.
2020/03/29 14:12:58 INFO> Provision.pm:675 EBox::Samba::Provision::checkDnsZonesInMainPartition - Checking for old DNS zones stored in main domain partition...
2020/03/29 14:12:58 INFO> Provision.pm:722 EBox::Samba::Provision::checkForestDomains - Checking number of domains inside forest...
2020/03/29 14:12:58 INFO> Provision.pm:932 EBox::Samba::Provision::checkTrustDomainObjects - Checking for domain trust relationships...
2020/03/29 14:12:58 INFO> Provision.pm:1034 EBox::Samba::Provision::checkADServerSite - Checking the site where the specified server is located
2020/03/29 14:12:58 INFO> Provision.pm:1042 EBox::Samba::Provision::checkADServerSite - The specified server has been located at site named Default-First-Site-Name
2020/03/29 14:12:58 INFO> Provision.pm:1059 EBox::Samba::Provision::checkADNebiosName - Checking domain netbios name...
2020/03/29 14:12:59 INFO> Provision.pm:1286 EBox::Samba::Provision::provisionADC - Joining to domain 'domain.company.com' as DC
2020/03/29 14:12:59 INFO> Provision.pm:1299 EBox::Samba::Provision::provisionADC - Trying to get a kerberos ticket for principal 'administrator@DOMAIN.COMPANY.COM'
2020/03/29 14:13:00 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command kinit -e arcfour-hmac-md5 --password-file='/var/lib/zentyal/tmp/b9XCVo' 'administrator@DOMAIN.COMPANY.COM.NL' failed.
Error output: kinit: krb5_get_init_creds: unable to reach any KDC in realm DOMAIN.COMPANY.COM

Command output: .
Exit value: 1 at root command kinit -e arcfour-hmac-md5 --password-file='/var/lib/zentyal/tmp/b9XCVo' 'administrator@DOMAIN.COMPANY.COM' failed.
Error output: kinit: krb5_get_init_creds: unable to reach any KDC in realm DOMAIN.COMPANY.COM

Command output: .
Exit value: 1 at /usr/share/perl5/EBox/Sudo.pm line 240
EBox::Sudo::_rootError('/usr/bin/sudo -p sudo: /var/lib/zentyal/tmp/GqZltwp4Js.cmd 2> /var/lib/zentyal/tmp/stderr', 'kinit -e arcfour-hmac-md5 --password-file=\'/var/lib/zentyal/tmp/b9XCVo\' \'administrator@DOMAIN.COMPANY.COM\'', 256, 'ARRAY(0x55d6e0c7fa08)', 'ARRAY(0x55d6dc61a370)') called at /usr/share/perl5/EBox/Sudo.pm line 210
EBox::Sudo::_root(1, 'kinit -e arcfour-hmac-md5 --password-file=\'/var/lib/zentyal/tmp/b9XCVo\' \'administrator@DOMAIN.COMPANY.COM\'') called at /usr/share/perl5/EBox/Sudo.pm line 153
EBox::Sudo::root('kinit -e arcfour-hmac-md5 --password-file=\'/var/lib/zentyal/tmp/b9XCVo\' \'administrator@DOMAIN.COMPANY.COM\'') called at /usr/share/perl5/EBox/Samba/Provision.pm line 1302
eval {...} at /usr/share/perl5/EBox/Samba/Provision.pm line 1285
EBox::Samba::Provision::provisionADC('EBox::Samba::Provision=HASH(0x55d6e09faea0)') called at /usr/share/perl5/EBox/Samba/Provision.pm line 369
EBox::Samba::Provision::provision('EBox::Samba::Provision=HASH(0x55d6e09faea0)') called at /usr/share/perl5/EBox/Samba.pm line 697
EBox::Samba::_setConf('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Module/Base.pm line 995
EBox::Module::Base::_regenConfig('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Module/Service.pm line 940
EBox::Module::Service::_regenConfig('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Samba.pm line 670
EBox::Samba::_regenConfig('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Module/Base.pm line 234
eval {...} at /usr/share/perl5/EBox/Module/Base.pm line 233
EBox::Module::Base::save('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/GlobalImpl.pm line 648
eval {...} at /usr/share/perl5/EBox/GlobalImpl.pm line 647
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x55d6daf4e340)', 'progress', 'EBox::ProgressIndicator=HASH(0x55d6de602748)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x55d6de6ba388)', 'progress', 'EBox::ProgressIndicator=HASH(0x55d6de602748)') called at /usr/share/zentyal/global-action line 32
eval {...} at /usr/share/zentyal/global-action line 30
2020/03/29 14:13:00 INFO> Provision.pm:299 EBox::Samba::Provision::setupKerberos - Setting up kerberos
2020/03/29 14:13:00 INFO> Provision.pm:276 EBox::Samba::Provision::setupDNS - Setting up DNS
2020/03/29 14:13:00 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: dns
2020/03/29 14:13:03 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command kdestroy failed.
Error output: kdestroy: krb5_cc_destroy: Did not find a plugin for ccache_ops

Command output: .
Exit value: 1 at root command kdestroy failed.
Error output: kdestroy: krb5_cc_destroy: Did not find a plugin for ccache_ops

Command output: .
Exit value: 1 at /usr/share/perl5/EBox/Sudo.pm line 240
EBox::Sudo::_rootError('/usr/bin/sudo -p sudo: /var/lib/zentyal/tmp/rSJKDeH8Ke.cmd 2> /var/lib/zentyal/tmp/stderr', 'kdestroy', 256, 'ARRAY(0x55d6e0d45fb8)', 'ARRAY(0x55d6e0b36c00)') called at /usr/share/perl5/EBox/Sudo.pm line 210
EBox::Sudo::_root(1, 'kdestroy') called at /usr/share/perl5/EBox/Sudo.pm line 153
EBox::Sudo::root('kdestroy') called at /usr/share/perl5/EBox/Sudo.pm line 260
eval {...} at /usr/share/perl5/EBox/Sudo.pm line 259
EBox::Sudo::rootWithoutException('kdestroy') called at /usr/share/perl5/EBox/Samba/Provision.pm line 1379
EBox::Samba::Provision::provisionADC('EBox::Samba::Provision=HASH(0x55d6e09faea0)') called at /usr/share/perl5/EBox/Samba/Provision.pm line 369
EBox::Samba::Provision::provision('EBox::Samba::Provision=HASH(0x55d6e09faea0)') called at /usr/share/perl5/EBox/Samba.pm line 697
EBox::Samba::_setConf('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Module/Base.pm line 995
EBox::Module::Base::_regenConfig('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Module/Service.pm line 940
EBox::Module::Service::_regenConfig('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Samba.pm line 670
EBox::Samba::_regenConfig('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/Module/Base.pm line 234
eval {...} at /usr/share/perl5/EBox/Module/Base.pm line 233
EBox::Module::Base::save('EBox::Samba=HASH(0x55d6df6e0cf8)') called at /usr/share/perl5/EBox/GlobalImpl.pm line 648
eval {...} at /usr/share/perl5/EBox/GlobalImpl.pm line 647
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x55d6daf4e340)', 'progress', 'EBox::ProgressIndicator=HASH(0x55d6de602748)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x55d6de6ba388)', 'progress', 'EBox::ProgressIndicator=HASH(0x55d6de602748)') called at /usr/share/zentyal/global-action line 32
eval {...} at /usr/share/zentyal/global-action line 30
2020/03/29 14:13:03 ERROR> GlobalImpl.pm:652 EBox::GlobalImpl::saveAllModules - Failed to save changes in module samba: root command kinit -e arcfour-hmac-md5 --password-file='/var/lib/zentyal/tmp/b9XCVo' 'administrator@DOMAIN.COMPANY.COM' failed.
Error output: kinit: krb5_get_init_creds: unable to reach any KDC in realm DOMAIN.COMPANY.COM

Command output: .
Exit value: 1
2020/03/29 14:13:03 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: logs
2020/03/29 14:13:03 ERROR> GlobalImpl.pm:727 EBox::GlobalImpl::saveAllModules - The following modules failed while saving their changes, their state is unknown: samba  at The following modules failed while saving their changes, their state is unknown: samba  at /usr/share/perl5/EBox/GlobalImpl.pm line 727
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x55d6daf4e340)', 'progress', 'EBox::ProgressIndicator=HASH(0x55d6de602748)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x55d6de6ba388)', 'progress', 'EBox::ProgressIndicator=HASH(0x55d6de602748)') called at /usr/share/zentyal/global-action line 32
eval {...} at /usr/share/zentyal/global-action line 30

Any iedeas or help would be verymuch appriciated.

C.
Title: Re: The following modules failed while saving... :SAMBA (additional domain)
Post by: doncamilo on March 30, 2020, 07:17:19 pm
 :)

I have checked this feature with a Windows Server 2012 (forest/domain levels as WS2008R2) And I haven't had any problem.

Here a video: https://youtu.be/r92OIlYtqe8 (https://youtu.be/r92OIlYtqe8)

Cheers!
Title: Re: The following modules failed while saving... :SAMBA (additional domain)
Post by: devnull on May 15, 2020, 08:43:49 am
@ibm_new Please share the output of the following command:

Code: [Select]
cat /etc/hosts
Title: Re: The following modules failed while saving... :SAMBA (additional domain)
Post by: turalyon on October 01, 2021, 10:57:57 am
Hi,

Did you try to configure each module after the initial wizard instead of let the wizard configures the modules? I mean:

1. Download the script.
2. Install just the firewall module.
3. In the initial wizard, just configure the Network module.
4. Install the DNS and Domain Controller modules.
5. Configure the DNS module (including a record 'A' for the Windows Servers) and enable it.
6. Check out the connection between both servers.
7. Finally, configure the Domain Controller module and enable it.

Hope it helps.

--

“This world is ours, and by the Holy Light we will keep it safe, now and forever".
Title: Re: The following modules failed while saving... :SAMBA (additional domain)
Post by: ibm_new on July 20, 2022, 07:30:46 pm
Hi turalyon,

many thanks for your replay and no, I did the full Monty. So, first installing just a firewall and DNS helped solving this issue. I think when going with the AD the first time, things are getting messed up. So just installed the bare minimum, configured the network interface and voila, it did the trick!  ;D

I than rebooted the server, updated the system and was able to continue to configure the rest of the server.

Thanks again for your reply and support on this.

Cheers,

C.