Nethserver samba issue

Hello Friends

issue with nethserver active directory file server empty data :frowning:

holy god and i had connected to nextcloud i wipes nethserver and my separate nextcloud since it was connected also with the ldap even with the admin account gives me error now, so i am trying to restaure nethserver vm trying to regain access to my nextcloud

OMG

Are there errors in /var/log/messages?

Is NSDC working?

systemctl status nsdc -l

Do you have Threat Shield installed?

You may try a config restore:

2 Likes

no i haven’t threat shield installed

1 Like

some of the logs
Nov 19 22:04:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=47929 DPT=10002 LEN=144
Nov 19 22:04:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=36011 DPT=10002 LEN=144
Nov 19 22:05:01 ad3 systemd: Created slice User Slice of apache.
Nov 19 22:05:01 ad3 systemd: Started Session 13 of user apache.
Nov 19 22:05:01 ad3 systemd: Removed slice User Slice of apache.
Nov 19 22:05:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=47524 DPT=10002 LEN=144
Nov 19 22:05:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=60861 DPT=10002 LEN=144
Nov 19 22:06:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=57576 DPT=10002 LEN=144
Nov 19 22:06:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=41886 DPT=10002 LEN=144
Nov 19 22:07:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=56927 DPT=10002 LEN=144
Nov 19 22:07:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=46933 DPT=10002 LEN=144
Nov 19 22:08:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=34112 DPT=10002 LEN=144
Nov 19 22:08:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=43381 DPT=10002 LEN=144
Nov 19 22:08:47 ad3 nmbd[1073]: [2021/11/19 22:08:47.358727, 0] …/…/source3/nmbd/nmbd_namequery.c:109(query_name_response)
Nov 19 22:08:47 ad3 nmbd[1073]: query_name_response: Multiple (2) responses received for a query on subnet 192.168.2.194 for name BACKUP<1d>.
Nov 19 22:08:47 ad3 nmbd[1073]: This response was from IP 192.168.2.21, reporting an IP address of 192.168.2.21.
Nov 19 22:09:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=58858 DPT=10002 LEN=144
Nov 19 22:09:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=34782 DPT=10002 LEN=144
Nov 19 22:09:43 ad3 systemd: Started Session c11 of user vitor@tpt.loc.
Nov 19 22:09:43 ad3 systemd-logind: New session c11 of user vitor@tpt.loc.
Nov 19 22:09:44 ad3 systemd-logind: Removed session c11.
Nov 19 22:09:44 ad3 systemd: Started Session c12 of user vitor@tpt.loc.
Nov 19 22:09:44 ad3 systemd-logind: New session c12 of user vitor@tpt.loc.
Nov 19 22:09:44 ad3 systemd-logind: Removed session c12.
Nov 19 22:10:01 ad3 systemd: Created slice User Slice of apache.
Nov 19 22:10:01 ad3 systemd: Started Session 14 of user apache.
Nov 19 22:10:02 ad3 systemd: Removed slice User Slice of apache.
Nov 19 22:10:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=37156 DPT=10002 LEN=144
Nov 19 22:10:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=33706 DPT=10002 LEN=144
Nov 19 22:11:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=38914 DPT=10002 LEN=144
Nov 19 22:11:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=33605 DPT=10002 LEN=144
Nov 19 22:12:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=48209 DPT=10002 LEN=144
Nov 19 22:12:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=34337 DPT=10002 LEN=144
Nov 19 22:13:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=50936 DPT=10002 LEN=144
Nov 19 22:13:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=57254 DPT=10002 LEN=144
Nov 19 22:13:49 ad3 nmbd[1073]: [2021/11/19 22:13:49.597493, 0] …/…/source3/nmbd/nmbd_namequery.c:109(query_name_response)
Nov 19 22:13:49 ad3 nmbd[1073]: query_name_response: Multiple (2) responses received for a query on subnet 192.168.2.194 for name BACKUP<1d>.
Nov 19 22:13:49 ad3 nmbd[1073]: This response was from IP 192.168.2.21, reporting an IP address of 192.168.2.21.
Nov 19 22:14:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=49399 DPT=10002 LEN=144
Nov 19 22:14:15 ad3 systemd: Starting Cockpit Web Service…
Nov 19 22:14:15 ad3 systemd: Started Cockpit Web Service.
Nov 19 22:14:15 ad3 cockpit-ws: Using certificate: /etc/cockpit/ws-certs.d/99-nethserver.cert
Nov 19 22:14:16 ad3 cockpit-ws: couldn’t read from connection: Peer failed to perform TLS handshake
Nov 19 22:14:16 ad3 cockpit-ws: couldn’t read from connection: Peer failed to perform TLS handshake
Nov 19 22:14:16 ad3 cockpit-ws: couldn’t read from connection: Peer failed to perform TLS handshake
Nov 19 22:14:16 ad3 cockpit-ws: couldn’t read from connection: Peer failed to perform TLS handshake
Nov 19 22:14:22 ad3 cockpit-session: pam_ssh_add: Failed adding some keys
Nov 19 22:14:22 ad3 systemd: Created slice User Slice of root.
Nov 19 22:14:22 ad3 systemd: Started Session 15 of user root.
Nov 19 22:14:22 ad3 systemd-logind: New session 15 of user root.
Nov 19 22:14:25 ad3 cockpit-ws: logged in user session
Nov 19 22:14:25 ad3 cockpit-bridge: invalid or unusable locale: fr.UTF-8
Nov 19 22:14:25 ad3 cockpit-ws: New connection to session from 192.168.2.20
Nov 19 22:14:25 ad3 dbus[653]: [system] Activating via systemd: service name=‘org.freedesktop.hostname1’ unit=‘dbus-org.freedesktop.hostname1.service’
Nov 19 22:14:25 ad3 systemd: Starting Hostname Service…
Nov 19 22:14:25 ad3 kernel: ndpi_net_init:ns3 OK
Nov 19 22:14:25 ad3 dbus[653]: [system] Successfully activated service ‘org.freedesktop.hostname1’
Nov 19 22:14:25 ad3 systemd: Started Hostname Service.
Nov 19 22:14:26 ad3 dbus[653]: [system] Activating via systemd: service name=‘org.freedesktop.timedate1’ unit=‘dbus-org.freedesktop.timedate1.service’
Nov 19 22:14:26 ad3 systemd: Starting Time & Date Service…
Nov 19 22:14:26 ad3 dbus[653]: [system] Successfully activated service ‘org.freedesktop.timedate1’
Nov 19 22:14:26 ad3 systemd: Started Time & Date Service.
Nov 19 22:14:27 ad3 dbus[653]: [system] Activating via systemd: service name=‘org.freedesktop.realmd’ unit=‘realmd.service’
Nov 19 22:14:27 ad3 systemd: Starting Realm and Domain Configuration…
Nov 19 22:14:27 ad3 cockpit-bridge: No entry for terminal type “unknown”;
Nov 19 22:14:27 ad3 cockpit-bridge: using dumb terminal settings.
Nov 19 22:14:27 ad3 dbus[653]: [system] Successfully activated service ‘org.freedesktop.realmd’
Nov 19 22:14:27 ad3 systemd: Started Realm and Domain Configuration.
Nov 19 22:14:40 ad3 cockpit-ws: New connection to session from 192.168.2.20
Nov 19 22:14:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=59133 DPT=10002 LEN=144
Nov 19 22:14:44 ad3 cockpit-bridge: No entry for terminal type “unknown”;
Nov 19 22:14:44 ad3 cockpit-bridge: using dumb terminal settings.
Nov 19 22:14:46 ad3 cockpit-ws: WebSocket from 192.168.2.20 for session closed
Nov 19 22:14:59 ad3 kernel: ndpi_net_exit:ns3
Nov 19 22:15:01 ad3 systemd: Created slice User Slice of apache.
Nov 19 22:15:01 ad3 systemd: Started Session 16 of user apache.
Nov 19 22:15:02 ad3 systemd: Removed slice User Slice of apache.
Nov 19 22:15:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=43401 DPT=10002 LEN=144
Nov 19 22:15:31 ad3 cockpit-ws: New connection to session from 192.168.2.20
Nov 19 22:15:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=48086 DPT=10002 LEN=144
Nov 19 22:16:12 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=54316 DPT=10002 LEN=144
Nov 19 22:16:21 ad3 cockpit-ws: WebSocket from 192.168.2.20 for session closed
Nov 19 22:16:22 ad3 dbus[653]: [system] Activating via systemd: service name=‘org.freedesktop.hostname1’ unit=‘dbus-org.freedesktop.hostname1.service’
Nov 19 22:16:22 ad3 systemd: Starting Hostname Service…
Nov 19 22:16:22 ad3 kernel: ndpi_net_init:ns4 OK
Nov 19 22:16:22 ad3 dbus[653]: [system] Successfully activated service ‘org.freedesktop.hostname1’
Nov 19 22:16:22 ad3 systemd: Started Hostname Service.
Nov 19 22:16:22 ad3 cockpit-bridge: No entry for terminal type “unknown”;
Nov 19 22:16:22 ad3 cockpit-bridge: using dumb terminal settings.
Nov 19 22:16:27 ad3 cockpit-ws: New connection to session from 192.168.2.20
Nov 19 22:16:38 ad3 cockpit-ws: WebSocket from 192.168.2.20 for session closed
Nov 19 22:16:39 ad3 cockpit-ws: New connection to session from 192.168.2.20
Nov 19 22:16:42 ad3 kernel: [UFW BLOCK] IN=br0 OUT= MAC=33:33:00:00:00:01:68:d7:9a:5a:bf:30:86:dd SRC=fe80:0000:0000:0000:6ad7:9aff:fe5a:bf30 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=184 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=33312 DPT=10002 LEN=144

By the way i was able to restore the vm nethserver aand connect again to my nextcloud is only the samba files are empty i have something blocking it …or sssd problem but i can logi and authenticate on samba shares and ldap nextcloud based

Maybe a file permission problem?

Did you try to restart the smb service?

systemctl restart smb

I will gonna try tomorrow Markus and send you the results

didnt wotrked either

Did the problem started after some update?
Do you use a desktop environment on the server?

Does the server has an additional firewall (UFW - Uncomplicated FireWall)? If so, try stopping and disabling it.

vm into proxmox the nethserver has no gui and is shorewall normally by default …promox has ufw …

You can disable the proxmox firewall in the network device setting of the vm:

1 Like

Hi Markus, yes the firewall has already been disabled, believe me at the moment I tried them all and as @Andy_Wismer says it must work without changing the vlans on the switch. Thank you

1 Like