Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

  1. #1
    Join Date
    Jul 2011
    Beans
    17

    No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    On my Linux box I am running the new Ubuntu Server 16.04 LTS 64-bit (Xenial Xerus) operating system. A new big capacity hard drive has been added to it lately, hence I wished to use the box as a File Server and Domain Controller for Windows workstations, as well. To achieve the goal, this site was my guide - http://blogging.dragon.org.uk/samba4...-ubuntu-14-04/. Everything seems to be OK except of after this command is issued: smbclient //localhost/netlogon -UAdministrator -c 'ls'.

    Instead of getting something like this:
    ------------------------------------------------------------
    Enter Administrator's password:
    Domain=[BLACK] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
    . D 0 Sat May 9 12:20:08 2015
    .. D 0 Sat May 9 12:20:14 2015

    41773 blocks of size 262144. 27672 blocks available
    ------------------------------------------------------------
    I can only see this error: NT_STATUS_OBJECT_NAME_NOT_FOUND listing \*. As DNS Backend I am using BIND 9.10.3-P4-Ubuntu. The Samba version is Version 4.3.9-Ubuntu.

    Commands kinit and klist are all working great. Even I can see the shares in Windows, but no access to them although my workstation is joined into the domain and I am logged on as a domain admin. The Active Directory can be managed from workstation without any troubles, too. Only the shares including sysvol and netlogon and all others I created cannot be accessed at all. That's weird.

    I did install Samba4 as a DC many times before on Ubuntu Server 14.04.4 LTS. Everything was always working great. Can someone explain what can be wrong in my configuration and help to solve this unpleasant issue? Is it a bug of Samba 4.3.9-Ubuntu, or Ubuntu Server 16.04 LTS is the reason for this strange behavior?
    Last edited by joebell; May 13th, 2016 at 10:45 PM.

  2. #2
    Join Date
    Jan 2014
    Beans
    2

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    I'm using Samba 4.3.9 and I have exactly the same problem. I have Samba set up as an AD server and whilst the Windows client can see the directories, it won't allow me to access them. And when attempting to access any shared files from the server itself, I also get the NT_STATUS error message. I'm thinking it may be a bug.

    Perhaps we need to update our Samba version? Which would mean compiling it from source.
    Last edited by peterp772000; May 14th, 2016 at 11:15 PM.

  3. #3
    Join Date
    Nov 2009
    Location
    Mataro, Spain
    Beans
    14,108
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    This is not strictly related to 16.04, but it might be related to a combination of kernel 4.4 and samba 4.3.9, or only to samba 4.3.9. I was able to reproduce that error message on 14.04 too. Here is what I did:
    1. In vbox I installed 14.04.3 and then added the linux-generic-lts-xenial package which adds the latest kernel 4.4.0-22.
    2. From the standard apt repository I installed samba which is 4.3.9 version (the 4.3.9 has been added to 14.04 LTS too few months ago, so now even 14.04 installs that samba version by default).
    3. I provisioned a test domain and tried the smbclient right away, the error message showed up.

    Now the next tests would be to try with 14.04.3 with default kernel of 3.19 and with 4.2 (by adding linux-generic-lts-wily I think it was). In all cases samba should be 4.3.9 and that can show if it is kernel related or not. After that a bug can be reported and see what the developers will say.
    Darko.
    -----------------------------------------------------------------------
    Ubuntu 14.04 LTS 64bit & Windows 10 Pro 64bit

  4. #4
    Join Date
    Nov 2009
    Location
    Mataro, Spain
    Beans
    14,108
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    Hmmm, it looks to me like issue with samba 4.3.9 package. Here is what I get on basic 14.04.3 with kernel 3.19:
    Code:
    root@dc1:~# smbclient -L localhost -U%
    session setup failed: NT_STATUS_OBJECT_NAME_NOT_FOUND
    root@dc1:~# uname -a
    Linux dc1 3.19.0-59-generic #65~14.04.1-Ubuntu SMP Tue Apr 19 18:57:09 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
    root@dc1:~# samba -V
    Version 4.3.9-Ubuntu
    So, it doesn't look related to 16.04 or kernel version because I still haven't added kernels 4.2 or 4.4 to the testing 14.04. The error shows up even for kernel 3.19. Unless I did something wrong during testing but there isn't much room for mistake.
    Darko.
    -----------------------------------------------------------------------
    Ubuntu 14.04 LTS 64bit & Windows 10 Pro 64bit

  5. #5
    Join Date
    Nov 2009
    Location
    Mataro, Spain
    Beans
    14,108
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    Searching for that error message on Launchpad it seems it was already reported as bug with samba 4.3.8:
    https://bugs.launchpad.net/ubuntu/+s...a/+bug/1573221

    According to that only adding winbind package solves it (probably better to reboot after adding it, instead of trying to restart all samba services). It doesn't say you need any special winbind config. I still haven't tried it in my test environment. I'll post later.
    Darko.
    -----------------------------------------------------------------------
    Ubuntu 14.04 LTS 64bit & Windows 10 Pro 64bit

  6. #6
    Join Date
    Nov 2009
    Location
    Mataro, Spain
    Beans
    14,108
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    Yes, just adding winbind and rebooting seems to work:
    Code:
    darko@dc1:~$ smbclient -L dc1 -U administrator
    Enter administrator's password:
    Domain=[HOME] OS=[Windows 6.1] Server=[Samba 4.3.9-Ubuntu]
    
    
            Sharename       Type      Comment
            ---------       ----      -------
            netlogon        Disk
            sysvol          Disk
            IPC$            IPC       IPC Service (Samba 4.3.9-Ubuntu)
    Domain=[HOME] OS=[Windows 6.1] Server=[Samba 4.3.9-Ubuntu]
    
    
            Server               Comment
            ---------            -------
    
    
            Workgroup            Master
            ---------            -------
            WORKGROUP            DC1
    This is still on 14.04 with kernel 3.19. I will try later with kernel 4.4 and with 16.04 with kernel 4.4.
    Darko.
    -----------------------------------------------------------------------
    Ubuntu 14.04 LTS 64bit & Windows 10 Pro 64bit

  7. #7
    Join Date
    Nov 2009
    Location
    Mataro, Spain
    Beans
    14,108
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    It works on 16.04 with kernel 4.4 too. Only you need to add winbind and reboot. I'm not sure if that's a good fix for this bug but it seems obvious it's within samba and not ubuntu itself. Installing the winbind package is a quick and easy workaround. No need for any special configuration, at least not in my tests.

    As they commented in that Launchpad bug report, this might be due to big differences between samba 4.3 and 4.1.
    Darko.
    -----------------------------------------------------------------------
    Ubuntu 14.04 LTS 64bit & Windows 10 Pro 64bit

  8. #8
    Join Date
    Jul 2011
    Beans
    17

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    Darko,

    Congratulations. You are making progress. I keep my fingers crossed. This is what I can share with you by now.

    1. winbind daeomon installed
    2. box rebooted
    3. testing commands issued:
      • smbclient -L localhost -U%
      • smbclient //localhost/netlogon -UAdministrator -c 'ls'
      • smbclient -L dc1 -U administrator

    4. all of them working great
    5. NETLOGON - can be open from workstations
      • as Administrator, no objects can be created

    6. SYSYVOL - can be open from workstations
      • as Administrator, the folder scripts cannot be open. Error: The Filename, directory name, or volume label syntax is incorrect.

    7. Assess to shares via Computer Manager from Windows 10 Workstation:
      • Computer Selection through Active Directory: OK
      • click on Systems Tools - error: The procedure number is out of range(1745), proceeded with click on OK
      • Shared Folder double clicked: I can see all the shares - this is OK
      • right-click on NETLOGON, then Properties chosen: in a new window I can see that by default the User limit is set to 0. Why????
      • trying to switch to Maximum allowed - error: The system encountered the following error while saving the properties of share netlogon: Error 1: Incorrect function.

    8. RESULT: I can open NETLOGON and SYSVOL, however no object can be created within them. Trying to adjust Folder permissions in Computer Management snap-in results in no success.


    As you can see, the installation of winbind took the system just a step forward. However, this configuration of an AD DC cannot be applied atl all in aproduction environment. My Ubuntu Server 16.04 LTS Kernel is: 4.4.0-22-generic #39-Ubuntu. I do hope you will finally hit the nail and find out what is making all these troubles never seen before with previous versions of Samba and Ubuntu Server.

  9. #9
    Join Date
    Nov 2009
    Location
    Mataro, Spain
    Beans
    14,108
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    For me it allows creating/copying files in NETLOGON on the 16.04 DC with kernel 4.4 and samba 4.3.9. I didn't do anything special, just installed a test windows server 2016 vm, joined it to the domain (as member server, not as DC), logged in as domain admin and tried opening and writing to netlogon folder. It worked.

    If you have more specific permission settings and limitations for your shares, you will have to look into it. By default, it is working as expected for me.

    Also, be sure to go through your notes if you started changing things while trying to fix the samba error. You might have changed something that now affects writing to the shares.
    Darko.
    -----------------------------------------------------------------------
    Ubuntu 14.04 LTS 64bit & Windows 10 Pro 64bit

  10. #10
    Join Date
    Jun 2011
    Beans
    1

    Re: No Access to NETLOGON and SYSVOL with Samba 4.3.9-Ubuntu on Ubuntu Server 16.04

    I am experiencing the same issue but installing winbind and setting my file system with the noatime flag lets me access the NETLOGON and sysvol.

    I still cannot manage any group policies using RSAT in Windows 10 it throws the error: System cannot find the file specified

    I am trying to compile samba 4.3.3 from source on 16.04 and see if that fixes this issue.

    It does seem that alot of samba functions are more complex to configure in the package that shipped with 16.04

Page 1 of 3 123 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •