Hello there...
I'm attempting to set up a TimeMachine share (using the preset) on TrueNAS-12.0-U1. My users are in an LDAP directory (No write access for TrueNAS). I have not been able to complete a TimeMachine backup to the share. Sometimes the backups will begin, but never complete. Other times, I can not start the backup process at all.
Looking at the samba log, I get these (to me) suspicious entries:
Sometimes, the backup will start (Files are created) after the log entry?
So, the log says the alias for group 546 can not be looked up. Let's see the groups known to samba:
I expect to an entry like like this
it looks as if the mapping used to exist in an older FreeNAS. I think, it should probably also exist in TrueNAS 12. The mapping is missing in the three TrueNAS systems available to me.
Next, I'll take a look at the database of mappings:
Those mapping do not help me much. I don't see any that I can identify as relating to the mappings I have identified.
Looking at the groups file, I can see three local groups clearly matching the mappings I'm interested in:
Any suggestions on how I might create the mapping? The other builtin_* groups are not in LDAP, so they apparently do not need to be.
Thanks,
Tobias
I'm attempting to set up a TimeMachine share (using the preset) on TrueNAS-12.0-U1. My users are in an LDAP directory (No write access for TrueNAS). I have not been able to complete a TimeMachine backup to the share. Sometimes the backups will begin, but never complete. Other times, I can not start the backup process at all.
Looking at the samba log, I get these (to me) suspicious entries:
Code:
... ... [2021/01/20 14:07:29.805959, 2] ../../source3/auth/auth.c:329(auth_check_ntlm_password) check_ntlm_password: authentication for user [***] -> [***] -> [***] succeeded [2021/01/20 14:07:29.810359, 2] ../../source3/passdb/pdb_ldap.c:2412(init_group_from_ldap) init_group_from_ldap: Entry found for group: 90000005 [2021/01/20 14:07:29.810785, 2] ../../source3/passdb/pdb_ldap.c:2412(init_group_from_ldap) init_group_from_ldap: Entry found for group: 90000006 [2021/01/20 14:07:29.863062, 0] ../../source3/groupdb/mapping.c:884(pdb_create_builtin_alias) pdb_create_builtin_alias: Could not add group mapping entry for alias 546 (NT_STATUS_ACCESS_DENIED)
Sometimes, the backup will start (Files are created) after the log entry?
So, the log says the alias for group 546 can not be looked up. Let's see the groups known to samba:
Code:
net groupmap list wifi-cph (S-1-5-21-2270781224-3932256268-732302752-3209) -> wifi-cph ... ... Administrators (S-1-5-32-544) -> 90000005 Users (S-1-5-32-545) -> 90000006 ... ...
I expect to an entry like like this
Guests (S-1-5-32-546) -> 90000007, but it's missing. Looking at an older thread,it looks as if the mapping used to exist in an older FreeNAS. I think, it should probably also exist in TrueNAS 12. The mapping is missing in the three TrueNAS systems available to me.
Next, I'll take a look at the database of mappings:
Code:
tdbdump /var/db/system/samba4/winbindd_idmap.tdb
{
key(13) = "GID 90000002\00"
data(8) = "S-1-5-2\00"
}
{
key(13) = "GID 90000027\00"
data(8) = "S-1-5-7\00"
}
{
key(9) = "USER HWM\00"
data(4) = "\81J]\05"
}
{
key(8) = "S-1-5-7\00"
data(13) = "GID 90000027\00"
}
{
key(8) = "S-1-1-0\00"
data(13) = "GID 90000001\00"
}
{
key(8) = "S-1-5-2\00"
data(13) = "GID 90000002\00"
}
{
key(10) = "GROUP HWM\00"
data(4) = "YL]\05"
}
{
key(14) = "IDMAP_VERSION\00"
data(4) = "\02\00\00\00"
}
{
key(13) = "GID 90000001\00"
data(8) = "S-1-1-0\00"
}
Those mapping do not help me much. I don't see any that I can identify as relating to the mappings I have identified.
Looking at the groups file, I can see three local groups clearly matching the mappings I'm interested in:
Code:
getent group ... ... builtin_administrators:*:544 builtin_users:*:545 builtin_guests:*:546 ... ...
Any suggestions on how I might create the mapping? The other builtin_* groups are not in LDAP, so they apparently do not need to be.
Thanks,
Tobias
Last edited:
