dvc9
Explorer
- Joined
- May 2, 2012
- Messages
- 72
Hey!
I'm having a challenge, that I cannot manage to solve, and I'm out of ideas!
I'm running a TrueNAS-12.0-U8.1 server, within an Active Directory environment, and all works well.
Permissions on folders and files are enforced and users who connect to the server may only see what they have access to and so on.
The various clients, CentOS, and macOS are all using samba, so no NFS or AFP is enabled, and most machines are domain joined.
Then there is this application that clearly does not want to work, Pro Tools Ultimate 2020.5.0
Basically, every time it tries to write a file on the server I can see an empty file is getting created at 0kb, but no data is added, and Pro Tools are giving out this error;
"Could not complete the Bounce To Disk command because Invalid argument (22) while opening "1.wav"
On the server-side, I'm checking SAMBA Logs, and this was my first find:
from /var/log/samba4/log.smbd
[2022/04/21 19:46:36.471245, 1] ../../source3/modules/vfs_ixnas.c:1047(convert_ntace_to_bsdace)
convert_ntace_to_bsdace: Could not convert S-1-5-88-3-33206 to uid or gid
[2022/04/21 19:46:36.471337, 1] ../../source3/modules/vfs_fruit.c:4285(fruit_fset_nt_acl)
fruit_fset_nt_acl: SMB_VFS_NEXT_FSET_NT_ACL failed03_ENGINEERING/export_protools/qbpdHVMTxbphQRYX.L.wav
Then as a test, I disabled the Enable Apple SMB2/3 Protocol Extensions toggle, and I still got an error but it was much clearer.
from /var/log/samba4/log.smbd
[2022/04/21 19:48:40.378114, 1] ../../source3/modules/vfs_ixnas.c:1047(convert_ntace_to_bsdace)
convert_ntace_to_bsdace: Could not convert S-1-5-88-3-33206 to uid or gid
I did try using;
net ads sid S-1-5-88-3-33206
and after a while, it comes up with "search failed: No such object"
------------------------
So I guess my question is what is happening here?
and can anything be done with it?
Add more tests and info below.
--------------------------
wbinfo --ping-dc
checking the NETLOGON for domain[AD] dc connection to "ad01.DOMAIN.COM" succeeded
wbinfo -D AD
Name : AD
Alt_Name : ad.DOMAIN.COM
SID : S-1-5-21-2090653709-964370587-2645798926
Active Directory : Yes
Native : Yes
Primary : Yes
Some more parameters:
wbinfo -i AD+USERNAME
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user AD+USERNAME
wbinfo -i USERNAME
USERNAME:*:100001113:100000514::/home/AD/USERNAME:/bin/sh
testparm -s
I'm having a challenge, that I cannot manage to solve, and I'm out of ideas!
I'm running a TrueNAS-12.0-U8.1 server, within an Active Directory environment, and all works well.
Permissions on folders and files are enforced and users who connect to the server may only see what they have access to and so on.
The various clients, CentOS, and macOS are all using samba, so no NFS or AFP is enabled, and most machines are domain joined.
Then there is this application that clearly does not want to work, Pro Tools Ultimate 2020.5.0
Basically, every time it tries to write a file on the server I can see an empty file is getting created at 0kb, but no data is added, and Pro Tools are giving out this error;
"Could not complete the Bounce To Disk command because Invalid argument (22) while opening "1.wav"
On the server-side, I'm checking SAMBA Logs, and this was my first find:
from /var/log/samba4/log.smbd
[2022/04/21 19:46:36.471245, 1] ../../source3/modules/vfs_ixnas.c:1047(convert_ntace_to_bsdace)
convert_ntace_to_bsdace: Could not convert S-1-5-88-3-33206 to uid or gid
[2022/04/21 19:46:36.471337, 1] ../../source3/modules/vfs_fruit.c:4285(fruit_fset_nt_acl)
fruit_fset_nt_acl: SMB_VFS_NEXT_FSET_NT_ACL failed03_ENGINEERING/export_protools/qbpdHVMTxbphQRYX.L.wav
Then as a test, I disabled the Enable Apple SMB2/3 Protocol Extensions toggle, and I still got an error but it was much clearer.
from /var/log/samba4/log.smbd
[2022/04/21 19:48:40.378114, 1] ../../source3/modules/vfs_ixnas.c:1047(convert_ntace_to_bsdace)
convert_ntace_to_bsdace: Could not convert S-1-5-88-3-33206 to uid or gid
I did try using;
net ads sid S-1-5-88-3-33206
and after a while, it comes up with "search failed: No such object"
------------------------
So I guess my question is what is happening here?
and can anything be done with it?
Add more tests and info below.
--------------------------
wbinfo --ping-dc
checking the NETLOGON for domain[AD] dc connection to "ad01.DOMAIN.COM" succeeded
wbinfo -D AD
Name : AD
Alt_Name : ad.DOMAIN.COM
SID : S-1-5-21-2090653709-964370587-2645798926
Active Directory : Yes
Native : Yes
Primary : Yes
Some more parameters:
wbinfo -i AD+USERNAME
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user AD+USERNAME
wbinfo -i USERNAME
USERNAME:*:100001113:100000514::/home/AD/USERNAME:/bin/sh
testparm -s
Code:
Load smb config files from /usr/local/etc/smb4.conf Loaded services file OK. Weak crypto is allowed Server role: ROLE_DOMAIN_MEMBER # Global parameters [global] aio max threads = 2 allow trusted domains = No bind interfaces only = Yes client ldap sasl wrapping = seal disable spoolss = Yes dns proxy = No domain master = No enable web service discovery = Yes kerberos method = secrets and keytab kernel change notify = No load printers = No local master = No logging = file map to guest = Bad User max log size = 5120 netbios name = TRUENAS nsupdate command = /usr/local/bin/samba-nsupdate -g preferred master = No realm = AD.DOMAIN.COM registry shares = Yes security = ADS server role = member server server string = TrueNAS Server template shell = /bin/sh unix extensions = No winbind cache time = 7200 winbind enum groups = Yes winbind enum users = Yes winbind max domain connections = 10 winbind nss info = rfc2307 winbind use default domain = Yes workgroup = AD idmap config *: range = 90000001-100000000 idmap config ad: range = 100000001-200000000 idmap config ad: backend = rid idmap config * : backend = tdb directory name cache size = 0 dos filemode = Yes [SHARE-A] ea support = No hosts allow = 192.168.150.0/24 hosts deny = 0.0.0.0/0 192.168.150.1 kernel share modes = No path = /mnt/S1/3 posix locking = No read only = No vfs objects = streams_xattr shadow_copy_zfs ixnas aio_fbsd nfs4:chown = true [SHARE-B] ea support = No guest ok = Yes kernel share modes = No path = /mnt/S1/4 posix locking = No read only = No vfs objects = streams_xattr shadow_copy_zfs ixnas aio_fbsd nfs4:chown = true [SHARE-C] ea support = No level2 oplocks = No oplocks = No path = /mnt/S1/1 read only = No strict locking = Yes vfs objects = streams_xattr shadow_copy_zfs ixnas aio_fbsd nfs4:chown = true