I fired up a fresh install in a vm today, used unattended install, updated, rebooted, then installed samba-dc… config failed, unable to create a user. lost the gui error msgs.
(Mon Aug 15 10:27:41:657958 2016) [sssd] [confdb_init_db] (0x0020): Permission check on config file failed. (Mon Aug 15 10:27:41:658044 2016) [sssd] [load_configuration] (0x0010): ConfDB initialization has failed [Operation not permitted] (Mon Aug 15 10:27:41:658131 2016) [sssd] [main] (0x0020): Cannot read config file /etc/sssd/sssd.conf. Please check that the file is accessible only by the owner and owned by root.root.
[root@network sssd]# ls -al total 12 drwx--x--x. 2 sssd sssd 22 Aug 15 10:24 . drwxr-xr-x. 91 root root 8192 Aug 15 10:24 .. -rw-r--r-- 1 root root 0 Aug 15 10:24 sssd.conf
Anything you guys want me to check before I trash this vm and start from scratch again?
thank you for the clarification.
it is also written on manual (sorry for haven’t checked it before… )
so, from a “tester” view it’s all ok, but from a “user point of view” i don’t understand… it’s not a little bit “limiting”?
I agree this may sound like a limitation, a limitation of the OpenLDAP provider we didn’t have on ns6 at the expense of a lot of code. I recall the Samba account database is another account database to keep synchronized with the Unix one (LDAP rfc2307 schema). Very complex setup.
On ns7 there’s just one account DB, being either Samba or OpenLDAP, either local or remote. This saves a lot of code and configuration efforts.
But… we can’t have Samba authentication without a Samba user database.
There should be no big differences between local and remote accounts DB. The only limitation I see on remote account DB is you cannot modify it.
I deleted a user in ns7b samba dc w/ nextcloud and the user won’t go away.
I’ve been trying since last week, server has been rebooted during these attempts.
`
Aug 22 09:53:05 server7c esmith::event[19438]: Event: user-delete admin@ad.stan.local
Aug 22 09:53:05 server7c esmith::event[19438]: Failed to get machine PTY: No such file or directory
Aug 22 09:53:05 server7c esmith::event[19438]:
Aug 22 09:53:05 server7c esmith::event[19438]: Action: /etc/e-smith/events/user-delete/S40nethserver-dc-user-delete SUCCESS [0.028353]
Aug 22 09:53:06 server7c esmith::event[19438]: Action: /etc/e-smith/events/user-delete/S90nethserver-sssd-clear-cache SUCCESS [0.541055]
Aug 22 09:53:06 server7c esmith::event[19438]: Event: user-delete SUCCESS
Aug 22 09:53:12 server7c admin-todos: Failed to get machine PTY: No such file or directory
Aug 22 10:02:27 server7c httpd: [NOTICE] NethServer\Tool\ChangePassword: root is changing password to SomeoneElse (admin@ad.stan.local). Members of the adm group have no restriction (score = 1.00)
Aug 22 10:02:29 server7c esmith::event[19845]: Event: password-modify admin@ad.stan.local /tmp/ng-KefpLo
Aug 22 10:02:29 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.012727]
Aug 22 10:02:30 server7c esmith::event[19845]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword admin
Aug 22 10:02:33 server7c esmith::event[19845]: New Password:
Aug 22 10:02:34 server7c esmith::event[19845]: Changed password OK
Aug 22 10:02:34 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [4.736549]
Aug 22 10:02:37 server7c esmith::event[19845]: Enabled user 'admin’
Aug 22 10:02:37 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [2.45827]
Aug 22 10:02:37 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.640001]
Aug 22 10:02:37 server7c esmith::event[19845]: Event: password-modify SUCCESS`
Aug 22 10:11:26 server7c esmith::event[20018]: Event: user-create bob bob /usr/libexec/openssh/sftp-server
Aug 22 10:11:26 server7c esmith::event[20018]: Failed to get machine PTY: No such file or directory
Aug 22 10:11:26 server7c esmith::event[20018]:
Aug 22 10:11:26 server7c esmith::event[20018]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.063924]
Aug 22 10:11:26 server7c esmith::event[20018]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.31831]
Aug 22 10:11:26 server7c esmith::event[20018]: Event: user-create SUCCESS
Aug 22 10:11:27 server7c esmith::event[20032]: Event: password-policy-update bob yes
Aug 22 10:11:27 server7c esmith::event[20032]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.084168]
Aug 22 10:11:27 server7c esmith::event[20032]: Failed to get machine PTY: No such file or directory
Aug 22 10:11:27 server7c esmith::event[20032]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.098384]
Aug 22 10:11:27 server7c esmith::event[20032]: Event: password-policy-update SUCCESS
Aug 22 10:11:28 server7c esmith::event[20042]: Event: password-modify bob@ad.stan.local /tmp/ng-aJILrK
Aug 22 10:11:28 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.001725]
Aug 22 10:11:28 server7c esmith::event[20042]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword bob
Aug 22 10:11:29 server7c esmith::event[20042]: New Password:
Aug 22 10:11:29 server7c esmith::event[20042]: ERROR: Failed to set password for user 'bob': Unable to find user "bob"
Aug 22 10:11:30 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set FAILED: 2 [2.807022]
Aug 22 10:11:31 server7c esmith::event[20042]: ERROR: Failed to enable user 'bob': Unable to find account where '(&(objectClass=user)(sAMAccountName=bob))'
Aug 22 10:11:31 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock FAILED: 2 [0.71775]
Aug 22 10:11:31 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.093477]
Aug 22 10:11:31 server7c esmith::event[20042]: Event: password-modify FAILED
Aug 22 10:18:10 server7c esmith::event[2139]: Event: user-create tom tom /usr/libexec/openssh/sftp-server
Aug 22 10:18:10 server7c esmith::event[2139]: Failed to get machine PTY: No such file or directory
Aug 22 10:18:10 server7c esmith::event[2139]:
Aug 22 10:18:10 server7c esmith::event[2139]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.023673]
Aug 22 10:18:10 server7c chronyd[592]: Source 69.41.163.31 replaced with 108.61.194.85
Aug 22 10:18:10 server7c esmith::event[2139]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.213979]
Aug 22 10:18:10 server7c esmith::event[2139]: Event: user-create SUCCESS
Aug 22 10:18:11 server7c esmith::event[2154]: Event: password-policy-update tom yes
Aug 22 10:18:11 server7c esmith::event[2154]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.073909]
Aug 22 10:18:11 server7c esmith::event[2154]: Failed to get machine PTY: No such file or directory
Aug 22 10:18:11 server7c esmith::event[2154]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.099588]
Aug 22 10:18:11 server7c esmith::event[2154]: Event: password-policy-update SUCCESS
Aug 22 10:18:11 server7c esmith::event[2164]: Event: password-modify tom@ad.stan.local /tmp/ng-4kDbrT
Aug 22 10:18:11 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.001939]
Aug 22 10:18:11 server7c esmith::event[2164]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword tom
Aug 22 10:18:12 server7c esmith::event[2164]: New Password:
Aug 22 10:18:12 server7c esmith::event[2164]: ERROR: Failed to set password for user 'tom': Unable to find user "tom"
Aug 22 10:18:12 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set FAILED: 2 [1.107705]
Aug 22 10:18:12 server7c esmith::event[2164]: ERROR: Failed to enable user 'tom': Unable to find account where '(&(objectClass=user)(sAMAccountName=tom))'
Aug 22 10:18:12 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock FAILED: 2 [0.393614]
Aug 22 10:18:12 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.127978]
Aug 22 10:18:12 server7c esmith::event[2164]: Event: password-modify FAILED
Hei Jeff, happy to see you here! Thanks for accepting my invite.
As I already said you, help us to improve the product and our documentation. We’re all ears.
Let’s tell us something about you, if you don’t mind.
2 Likes
alefattorini
(Alessio Fattorini)
Split this topic
117
I haven’t been able to join a machine to the domain and haven’t found anything in the logs as to why, all the sssd logs are empty… not really sure where I should be looking, I’ve been following Gabriel’s post in the first blood thread, I also can see a shared folder I created from a non joined win machine but login fails when trying to open it with a permission’d user, I don’t know if that’s a domain permission thing though.
So, I haven’t had a lot of success with setting up the samba dc and I don’t really know what I’m doing.
seems there is somthing wrong with user-auth. I recognized that in /etc/passwd there are no users which were created with GUI. Does ssh authenticate agains ldap or local users?