Hello,
I installed TrueNAS Core a few weeks back and have slowly been making my way through all it has to offer
TrueNAS-12.0-U8.1
I successfully connected a child pool to our Windows 2016 Domain Controller[DC] and managed to utilize the DC to map the drive to my own user.
Yesterday morning I arrived and the drive did not reconnect on my windows machine. Further investigation lead me to discover that the ACL Share Settings for the child pool were showing what I can only assume to be my UID rather than the name which was originally input as DOMAIN\username.
I've logged into the shell in order to attempt to discover the root of the problem, I've left/joined the domain, reset the unit multiples of times.
From within /var/log/messages I see messages such as: This has been cherry picked to include what I believe is the root of the problem as well as the spammed errors.
I have not directly modified the permissions for these file but did move one to .BAK in an attempt to resolve this
This is not a production unit, however I would like to better understand both the root cause as well as the recommended way of resolving this.
Thank-You
I installed TrueNAS Core a few weeks back and have slowly been making my way through all it has to offer
TrueNAS-12.0-U8.1
I successfully connected a child pool to our Windows 2016 Domain Controller[DC] and managed to utilize the DC to map the drive to my own user.
Yesterday morning I arrived and the drive did not reconnect on my windows machine. Further investigation lead me to discover that the ACL Share Settings for the child pool were showing what I can only assume to be my UID rather than the name which was originally input as DOMAIN\username.
I've logged into the shell in order to attempt to discover the root of the problem, I've left/joined the domain, reset the unit multiples of times.
From within /var/log/messages I see messages such as: This has been cherry picked to include what I believe is the root of the problem as well as the spammed errors.
Code:
May 18 00:48:38 truenas 1 2022-05-18T00:48:38.109385-03:00 fqdn.domain.com winbindd 7694 - - [2022/05/18 00:48:38.109346, 1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) May 18 00:48:38 truenas 1 2022-05-18T00:48:38.109428-03:00 fqdn.domain.com winbindd 7694 - - ldb: Unable to open tdb '/var/db/system/samba4/private/secrets.ldb': No such file or dir ectory May 18 00:48:38 truenas 1 2022-05-18T00:48:38.109461-03:00 fqdn.domain.com winbindd 7694 - - [2022/05/18 00:48:38.109443, 1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) May 18 00:48:38 truenas 1 2022-05-18T00:48:38.109486-03:00 fqdn.domain.com winbindd 7694 - - ldb: Failed to connect to '/var/db/system/samba4/private/secrets.ldb' with backend 'tdb': Unable to open tdb '/var/db/system/samba4/private/secrets.ldb': No such file or directory May 18 00:48:38 truenas 1 2022-05-18T00:48:38.963171-03:00 fqdn.domain.com smbd 15994 - - [2022/05/18 00:48:38.962879, 0] ../../source3/auth/auth_util.c:1914(check_account) May 18 00:48:38 truenas 1 2022-05-18T00:48:38.963229-03:00 fqdn.domain.com smbd 15994 - - check_account: Failed to convert SID S-1-5-21-419682117-327514257-1137216518-1234 to a UID (dom_user[DOMAIN\user]) May 18 00:48:58 truenas 1 2022-05-18T00:48:58.087523-03:00 fqdn.domain.com smbd 15996 - - [2022/05/18 00:48:58.087285, 0] ../../source3/auth/auth_util.c:1914(check_account) May 18 00:48:58 truenas 1 2022-05-18T00:48:58.087580-03:00 fqdn.domain.com smbd 15996 - - check_account: Failed to convert SID S-1-5-21-419682117-327514257-1137216518-1234 to a UID (dom_user[DOMAIN\user]) May 18 00:52:07 truenas 1 2022-05-18T00:52:07.990536-03:00 fqdn.domain.com smbd 16042 - - [2022/05/18 00:52:07.990279, 0] ../../source3/auth/auth_util.c:1914(check_account) May 18 00:52:07 truenas 1 2022-05-18T00:52:07.990593-03:00 fqdn.domain.com smbd 16042 - - check_account: Failed to convert SID S-1-5-21-419682117-327514257-1137216518-1234 to a UID (dom_user[DOMAIN\user])
I have not directly modified the permissions for these file but did move one to .BAK in an attempt to resolve this
Code:
[root@truenas /var/db/system/samba4/private]# pwd /var/db/system/samba4/private [root@truenas /var/db/system/samba4/private]# ll total 528 drwx------ 3 root wheel uarch 16 May 18 12:19 ./ drwxr-xr-x 4 root wheel uarch 10 May 18 11:28 ../ drwx------ 2 root wheel uarch 485 May 18 13:18 msg.sock/ -rw------- 1 root wheel uarch 28672 May 18 11:28 netlogon_creds_cli.tdb -rw------- 1 root wheel uarch 421888 May 11 13:47 passdb.tdb -rw------- 1 root wheel uarch 1345 May 18 12:19 samba.keytab -rwxrwxrwx 1 root wheel uarch 0 May 18 11:05 secrets.ldb* -rw-r--r-- 1 root wheel uarch 0 May 18 09:31 secrets.ldb.BAK -rw------- 1 root wheel uarch 430080 May 18 11:23 secrets.tdb -rw------- 1 root wheel uarch 430080 May 17 15:06 secrets.tdb.BAK -rw------- 1 root wheel uarch 430080 Apr 26 15:33 secrets.tdb.bak.1650997996 -rw------- 1 root wheel uarch 430080 Apr 27 09:14 secrets.tdb.bak.1651061652 -rw------- 1 root wheel uarch 430080 May 11 08:28 secrets.tdb.bak.1652268491 -rw------- 1 root wheel uarch 430080 May 17 14:07 secrets.tdb.bak.1652807226 -rw------- 1 root wheel uarch 430080 May 17 15:04 secrets.tdb.bak.1652810663 -rwxrwxrwx 1 root wheel uarch 430080 May 18 11:14 secrets.tdb.bak.1652883263* [root@truenas /var/db/system/samba4/private]#
This is not a production unit, however I would like to better understand both the root cause as well as the recommended way of resolving this.
Thank-You