Invalid parameter error

classic Classic list List threaded Threaded
16 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Invalid parameter error

Samba - General mailing list
Hello all,

I am looking to setup a Samba AD on my NAS. I am currently using the latest
version of NAS4Free which has Samba bundled into it already.

However, I am getting a very nasty error when I go in to setup the samba
service:

Initializing...
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=testdomain,DC=local
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected
information received')
  File "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py",
line 471, in run
    nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 2175, in provision
    skip_sysvolacl=skip_sysvolacl)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 1806, in provision_fill
    names.domaindn, lp, use_ntvfs)
  File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 1593, in setsysvolacl
    service=SYSVOL_SERVICE)
  File "/usr/local/lib/python2.7/site-packages/samba/ntacls.py", line
162, in setntacl
    smbd.set_nt_acl(file, security.SECINFO_OWNER |
security.SECINFO_GROUP | security.SECINFO_DACL |
security.SECINFO_SACL, sd, service=service)


I looked online and I did see a bug report on the same issue here:
https://bugzilla.samba.org/show_bug.cgi?id=12363

However, I ma unable to run the setfacl command due to an invalid parameter
d:o:rx.

I also tried following these instructions which did not work:

http://samba.2283325.n4.nabble.com/samba-tool-ntacl-sysvolreset-NT-STATUS-BUFFER-TOO-SMALL-td4707940.html

As a side note, my version of setfacl does not include the -R command. So,
I have to run a command such as: find /mnt/ZFS1/test/ -type d -exec setfacl
-m u:John:modify_set:fd:allow {} \;

I was wondering if anyone found a fix for the issue I posted above.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Mon, 3 Jul 2017 12:23:24 -0400
phillip mobley via samba <[hidden email]> wrote:

> Hello all,
>
> I am looking to setup a Samba AD on my NAS. I am currently using the
> latest version of NAS4Free which has Samba bundled into it already.
>
> However, I am getting a very nasty error when I go in to setup the
> samba service:
>
> Initializing...
> Looking up IPv4 addresses
> Looking up IPv6 addresses
> No IPv6 address will be assigned
> Setting up share.ldb
> Setting up secrets.ldb
> Setting up the registry
> Setting up the privileges database
> Setting up idmap db
> Setting up SAM db
> Setting up sam.ldb partitions and settings
> Setting up sam.ldb rootDSE
> Pre-loading the Samba 4 and AD schema
> Adding DomainDN: DC=testdomain,DC=local
> Adding configuration container
> Setting up sam.ldb schema
> Setting up sam.ldb configuration data
> Setting up display specifiers
> Modifying display specifiers
> Adding users container
> Modifying users container
> Adding computers container
> Modifying computers container
> Setting up sam.ldb data
> Setting up well known security principals
> Setting up sam.ldb users and groups
> Setting up self join
> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
> ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected
> information received')
>   File
> "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 176, in _run return self.run(*args, **kwargs)
>   File
> "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py", line
> 471, in run nosync=ldap_backend_nosync,
> ldap_dryrun_mode=ldap_dryrun_mode) File
> "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 2175, in provision skip_sysvolacl=skip_sysvolacl)
>   File
> "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1806, in provision_fill names.domaindn, lp, use_ntvfs)
>   File
> "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1593, in setsysvolacl service=SYSVOL_SERVICE)
>   File "/usr/local/lib/python2.7/site-packages/samba/ntacls.py", line
> 162, in setntacl
>     smbd.set_nt_acl(file, security.SECINFO_OWNER |
> security.SECINFO_GROUP | security.SECINFO_DACL |
> security.SECINFO_SACL, sd, service=service)
>
>

I don't think you have identified the problem correctly.

NAS4Free == Freebsd == ZFS

ZFS == NFSv4 ACLs

NFSv4 ACLs != Samba AD DC

Sorry, but a Samba AD DC expects acl_xattr

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
Ok so how can I setup the SAMBA AD on the ZFS? I ma using this tutorial
guide to do what I need it to do. Now, I do have the samba service being
installed o a UFS formatted ZFS Volume. I know that without that, it won't
work right.

On Mon, Jul 3, 2017 at 12:52 PM, Rowland Penny via samba <
[hidden email]> wrote:

> On Mon, 3 Jul 2017 12:23:24 -0400
> phillip mobley via samba <[hidden email]> wrote:
>
> > Hello all,
> >
> > I am looking to setup a Samba AD on my NAS. I am currently using the
> > latest version of NAS4Free which has Samba bundled into it already.
> >
> > However, I am getting a very nasty error when I go in to setup the
> > samba service:
> >
> > Initializing...
> > Looking up IPv4 addresses
> > Looking up IPv6 addresses
> > No IPv6 address will be assigned
> > Setting up share.ldb
> > Setting up secrets.ldb
> > Setting up the registry
> > Setting up the privileges database
> > Setting up idmap db
> > Setting up SAM db
> > Setting up sam.ldb partitions and settings
> > Setting up sam.ldb rootDSE
> > Pre-loading the Samba 4 and AD schema
> > Adding DomainDN: DC=testdomain,DC=local
> > Adding configuration container
> > Setting up sam.ldb schema
> > Setting up sam.ldb configuration data
> > Setting up display specifiers
> > Modifying display specifiers
> > Adding users container
> > Modifying users container
> > Adding computers container
> > Modifying computers container
> > Setting up sam.ldb data
> > Setting up well known security principals
> > Setting up sam.ldb users and groups
> > Setting up self join
> > set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
> > ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected
> > information received')
> >   File
> > "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> > line 176, in _run return self.run(*args, **kwargs)
> >   File
> > "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py", line
> > 471, in run nosync=ldap_backend_nosync,
> > ldap_dryrun_mode=ldap_dryrun_mode) File
> > "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
> > line 2175, in provision skip_sysvolacl=skip_sysvolacl)
> >   File
> > "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
> > line 1806, in provision_fill names.domaindn, lp, use_ntvfs)
> >   File
> > "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
> > line 1593, in setsysvolacl service=SYSVOL_SERVICE)
> >   File "/usr/local/lib/python2.7/site-packages/samba/ntacls.py", line
> > 162, in setntacl
> >     smbd.set_nt_acl(file, security.SECINFO_OWNER |
> > security.SECINFO_GROUP | security.SECINFO_DACL |
> > security.SECINFO_SACL, sd, service=service)
> >
> >
>
> I don't think you have identified the problem correctly.
>
> NAS4Free == Freebsd == ZFS
>
> ZFS == NFSv4 ACLs
>
> NFSv4 ACLs != Samba AD DC
>
> Sorry, but a Samba AD DC expects acl_xattr
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Mon, 3 Jul 2017 15:23:01 -0400
phillip mobley <[hidden email]> wrote:

> Ok so how can I setup the SAMBA AD on the ZFS? I ma using this
> tutorial guide to do what I need it to do. Now, I do have the samba
> service being installed o a UFS formatted ZFS Volume. I know that
> without that, it won't work right.
>

I don't think you can at present, I tried to set up a Samba AD DC on
freebsd and failed for precisely the same reason as yours, NFSv4 ACLs.
These do not work with a Samba AD DC. It used to be possible to use the
deprecated ntvfs server, but this is no longer built by default.

If your filesystem can use acls and passes the tests here:

https://wiki.samba.org/index.php/File_System_Support#Testing_your_filesystem

then it should provision as a DC, but as I said, unless things have
changed, you will not be able to provision a DC on Freebsd or distros
based on it.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Wed, 5 Jul 2017 14:12:12 -0400
phillip mobley <[hidden email]> wrote:

> So what is the best option right now to create a samba active
> directory? Should I install a virtual box with ubuntu on it and then
> install the samba service?
>

If you want use the latest 4.6 packages, then use the packages from
here:

http://apt.van-belle.nl/

These will work on Debian or Devuan (systemd or no systemd).
If you use Ubuntu, you will not get a recent version of Samba.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Wed, 5 Jul 2017 15:09:58 -0400
phillip mobley <[hidden email]> wrote:

> I take it that I should install a virtual machine or will these work
> with a UFS formatted ZVOL?
>

I would use a virtual machine with an ext4 filesystem.

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
In reply to this post by Samba - General mailing list
I believe that iXsystems recently patched Samba 4.6 in FreeNAS so that it
can act as an AD DC. https://bugs.freenas.org/issues/23566

As is mentioned here:
https://lists.samba.org/archive/samba/2017-June/209021.html
I imagine that maybe a fix for vanilla FreeBSD is coming soon. As things
stand, if you want to use FreeBSD as an AD DC on ZFS, I believe that
FreeNAS is the only option.

On Mon, Jul 3, 2017 at 2:39 PM, Rowland Penny via samba <
[hidden email]> wrote:

> On Mon, 3 Jul 2017 15:23:01 -0400
> phillip mobley <[hidden email]> wrote:
>
> > Ok so how can I setup the SAMBA AD on the ZFS? I ma using this
> > tutorial guide to do what I need it to do. Now, I do have the samba
> > service being installed o a UFS formatted ZFS Volume. I know that
> > without that, it won't work right.
> >
>
> I don't think you can at present, I tried to set up a Samba AD DC on
> freebsd and failed for precisely the same reason as yours, NFSv4 ACLs.
> These do not work with a Samba AD DC. It used to be possible to use the
> deprecated ntvfs server, but this is no longer built by default.
>
> If your filesystem can use acls and passes the tests here:
>
> https://wiki.samba.org/index.php/File_System_Support#
> Testing_your_filesystem
>
> then it should provision as a DC, but as I said, unless things have
> changed, you will not be able to provision a DC on Freebsd or distros
> based on it.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Wed, 5 Jul 2017 17:23:28 -0500
Andrew Walker via samba <[hidden email]> wrote:

> I believe that iXsystems recently patched Samba 4.6 in FreeNAS so
> that it can act as an AD DC. https://bugs.freenas.org/issues/23566
>

OK, after reading the above link, I am still no wiser just what they
have done to fix it, I also haven't seen any proposed patches on
Samba-technical. It just says resolved without any information on how
it was resolved, just a reference to a branch.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
I'm sorry. I probably should have linked their samba fork:
https://github.com/freenas/samba You can look at the commits from around
the time period of the bug report. It looks like quite a lot of work in
./python/samba/provision/

On Thu, Jul 6, 2017 at 2:50 AM, Rowland Penny via samba <
[hidden email]> wrote:

> On Wed, 5 Jul 2017 17:23:28 -0500
> Andrew Walker via samba <[hidden email]> wrote:
>
> > I believe that iXsystems recently patched Samba 4.6 in FreeNAS so
> > that it can act as an AD DC. https://bugs.freenas.org/issues/23566
> >
>
> OK, after reading the above link, I am still no wiser just what they
> have done to fix it, I also haven't seen any proposed patches on
> Samba-technical. It just says resolved without any information on how
> it was resolved, just a reference to a branch.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Thu, 6 Jul 2017 05:27:13 -0500
Andrew Walker via samba <[hidden email]> wrote:

> I'm sorry. I probably should have linked their samba fork:
> https://github.com/freenas/samba You can look at the commits from
> around the time period of the bug report. It looks like quite a lot
> of work in ./python/samba/provision/
>

Yes I found them, patched 4.6.5 and I am now trying to build Samba on
ghostbsd (freebsd in disguise), if it works, then Freenas needs to
propose their patches to Samba.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
On Thu, 6 Jul 2017 12:17:42 +0100
Rowland Penny via samba <[hidden email]> wrote:

> On Thu, 6 Jul 2017 05:27:13 -0500
> Andrew Walker via samba <[hidden email]> wrote:
>
> > I'm sorry. I probably should have linked their samba fork:
> > https://github.com/freenas/samba You can look at the commits from
> > around the time period of the bug report. It looks like quite a lot
> > of work in ./python/samba/provision/
> >
>
> Yes I found them, patched 4.6.5 and I am now trying to build Samba on
> ghostbsd (freebsd in disguise), if it works, then Freenas needs to
> propose their patches to Samba.
>
> Rowland
>

Well it builds, but still doesn't provision:

Setting up self join
set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected information received')
  File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line 471, in run
    nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py", line 2183, in provision
    skip_sysvolacl=skip_sysvolacl)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py", line 1811, in provision_fill
    names.domaindn, lp, use_ntvfs)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py", line 1595, in setsysvolacl
    service=SYSVOL_SERVICE)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/ntacls.py", line 162, in setntacl
    smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)

Looks like it needs more work ;-)

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
Yes. I imagine that's why Andrew Bartlett commented: "There may be some
good news in the future, as I've had one of the developers at iXSystems
working with me on a proper fix, specifically for zfs. It might take a
little while however."

As things stand, I believe that domains provision correctly within the
context of FreeNAS itself (i.e. through the webui). Hence, the comment that
currently FreeNAS is the only option if your want FreeBSD + ZFS + AD DC. So
there is hope that things will improve in FreeBSD in general.

My apologies Rowland, I appear to have initially fumbled my reply and sent
it directly to you instead of the list.

Andrew

On Thu, Jul 6, 2017 at 7:07 AM, Rowland Penny via samba <
[hidden email]> wrote:

> On Thu, 6 Jul 2017 12:17:42 +0100
> Rowland Penny via samba <[hidden email]> wrote:
>
> > On Thu, 6 Jul 2017 05:27:13 -0500
> > Andrew Walker via samba <[hidden email]> wrote:
> >
> > > I'm sorry. I probably should have linked their samba fork:
> > > https://github.com/freenas/samba You can look at the commits from
> > > around the time period of the bug report. It looks like quite a lot
> > > of work in ./python/samba/provision/
> > >
> >
> > Yes I found them, patched 4.6.5 and I am now trying to build Samba on
> > ghostbsd (freebsd in disguise), if it works, then Freenas needs to
> > propose their patches to Samba.
> >
> > Rowland
> >
>
> Well it builds, but still doesn't provision:
>
> Setting up self join
> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
> ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected information
> received')
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 176, in _run
>     return self.run(*args, **kwargs)
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
> line 471, in run
>     nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 2183, in provision
>     skip_sysvolacl=skip_sysvolacl)
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1811, in provision_fill
>     names.domaindn, lp, use_ntvfs)
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1595, in setsysvolacl
>     service=SYSVOL_SERVICE)
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/ntacls.py",
> line 162, in setntacl
>     smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP
> | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
>
> Looks like it needs more work ;-)
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
But if Samba AD does not work on the ZFS filesystem, then why bundle it
with the NAS4Free OS? What filesystems does the Samba AD support?

On Thu, Jul 6, 2017 at 10:54 AM, Andrew Walker via samba <
[hidden email]> wrote:

> Yes. I imagine that's why Andrew Bartlett commented: "There may be some
> good news in the future, as I've had one of the developers at iXSystems
> working with me on a proper fix, specifically for zfs. It might take a
> little while however."
>
> As things stand, I believe that domains provision correctly within the
> context of FreeNAS itself (i.e. through the webui). Hence, the comment that
> currently FreeNAS is the only option if your want FreeBSD + ZFS + AD DC. So
> there is hope that things will improve in FreeBSD in general.
>
> My apologies Rowland, I appear to have initially fumbled my reply and sent
> it directly to you instead of the list.
>
> Andrew
>
> On Thu, Jul 6, 2017 at 7:07 AM, Rowland Penny via samba <
> [hidden email]> wrote:
>
> > On Thu, 6 Jul 2017 12:17:42 +0100
> > Rowland Penny via samba <[hidden email]> wrote:
> >
> > > On Thu, 6 Jul 2017 05:27:13 -0500
> > > Andrew Walker via samba <[hidden email]> wrote:
> > >
> > > > I'm sorry. I probably should have linked their samba fork:
> > > > https://github.com/freenas/samba You can look at the commits from
> > > > around the time period of the bug report. It looks like quite a lot
> > > > of work in ./python/samba/provision/
> > > >
> > >
> > > Yes I found them, patched 4.6.5 and I am now trying to build Samba on
> > > ghostbsd (freebsd in disguise), if it works, then Freenas needs to
> > > propose their patches to Samba.
> > >
> > > Rowland
> > >
> >
> > Well it builds, but still doesn't provision:
> >
> > Setting up self join
> > set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER.
> > ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected
> information
> > received')
> >   File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/_
> _init__.py",
> > line 176, in _run
> >     return self.run(*args, **kwargs)
> >   File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/
> domain.py",
> > line 471, in run
> >     nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
> >   File "/usr/local/samba/lib/python2.7/site-packages/samba/
> provision/__init__.py",
> > line 2183, in provision
> >     skip_sysvolacl=skip_sysvolacl)
> >   File "/usr/local/samba/lib/python2.7/site-packages/samba/
> provision/__init__.py",
> > line 1811, in provision_fill
> >     names.domaindn, lp, use_ntvfs)
> >   File "/usr/local/samba/lib/python2.7/site-packages/samba/
> provision/__init__.py",
> > line 1595, in setsysvolacl
> >     service=SYSVOL_SERVICE)
> >   File "/usr/local/samba/lib/python2.7/site-packages/samba/ntacls.py",
> > line 162, in setntacl
> >     smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP
> > | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
> >
> > Looks like it needs more work ;-)
> >
> > Rowland
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
In reply to this post by Samba - General mailing list
On Thu, 6 Jul 2017 09:54:33 -0500
Andrew Walker via samba <[hidden email]> wrote:

> Yes. I imagine that's why Andrew Bartlett commented: "There may be
> some good news in the future, as I've had one of the developers at
> iXSystems working with me on a proper fix, specifically for zfs. It
> might take a little while however."
>
> As things stand, I believe that domains provision correctly within the
> context of FreeNAS itself (i.e. through the webui). Hence, the
> comment that currently FreeNAS is the only option if your want
> FreeBSD + ZFS + AD DC. So there is hope that things will improve in
> FreeBSD in general.
>
> My apologies Rowland, I appear to have initially fumbled my reply and
> sent it directly to you instead of the list.
>
> Andrew
>

No problem, but being able to build Samba on freebsd isn't any good, if
you cannot provision a DC. I think that all mention of acl in the
source needs examining and changing to allow the use of ACLs or NFSv4
acls, something that will probably be a lot of work and beyond me.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
In reply to this post by Samba - General mailing list
On Thu, 6 Jul 2017 11:09:25 -0400
phillip mobley via samba <[hidden email]> wrote:

> But if Samba AD does not work on the ZFS filesystem, then why bundle
> it with the NAS4Free OS? What filesystems does the Samba AD support?
>

I can see no reason why Samba 4 on FreeNAS wouldn't work as a Unix
domain member, it just doesn't seem to work as an AD DC. The name NAS
sort of gives away what is meant for, Network Attached Storage. They
were never designed to be an AD DC, or am I wrong ?

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid parameter error

Samba - General mailing list
I admin several FreeNAS servers that are domain members.

FreeNAS can act as an AD DC, but I personally have never used it in this
capacity (I prefer to keep my DCs and storage separate).
http://doc.freenas.org/11/services.html#domain-controller

When I find some time, I'll make some patches for the FreeBSD net/samba46
port with the provision code from the FreeNAS samba repo and see how far I
can get in provisioning a domain.


On Thu, Jul 6, 2017 at 10:24 AM, Rowland Penny via samba <
[hidden email]> wrote:

> On Thu, 6 Jul 2017 11:09:25 -0400
> phillip mobley via samba <[hidden email]> wrote:
>
> > But if Samba AD does not work on the ZFS filesystem, then why bundle
> > it with the NAS4Free OS? What filesystems does the Samba AD support?
> >
>
> I can see no reason why Samba 4 on FreeNAS wouldn't work as a Unix
> domain member, it just doesn't seem to work as an AD DC. The name NAS
> sort of gives away what is meant for, Network Attached Storage. They
> were never designed to be an AD DC, or am I wrong ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Loading...