Samba with LDAP will not start when rebooting. bind password gone!

[jmserrano]

Hi.

Working with FreeNAS-9.3-STABLE-201602031011

After reboot, bind password is gone!. CIFS is active but not running.

I can see this log

Feb 11 10:47:49 nas generate_smb4_conf.py: [common.pipesubr:71] Popen()ing: /usr/local/bin/net -d 0
getlocalsid
Feb 11 10:47:49 nas generate_smb4_conf.py: [common.pipesubr:71] Popen()ing: /usr/local/bin/smbpasswd
-w '***************'
Feb 11 10:47:56 nas nmbd[2766]: [2016/02/11 10:47:56.619504, 0] ../lib/util/become_daemon.c:136(dae
mon_ready)
Feb 11 10:47:56 nas nmbd[2766]: STATUS=daemon 'nmbd' finished starting up and ready to serve conne
ctionsadd_domain_logon_names:
Feb 11 10:47:56 nas nmbd[2766]: Attempting to become logon server for workgroup XXXXX on subnet xxx.xxx.xxx.xx
Feb 11 10:47:56 nas nmbd[2766]: [2016/02/11 10:47:56.620768, 0] ../source3/nmbd/nmbd_become_dmb.c:2
94(become_domain_master_browser_bcast)
Feb 11 10:47:56 nas nmbd[2766]: become_domain_master_browser_bcast:
Feb 11 10:47:56 nas nmbd[2766]: Attempting to become domain master browser on workgroup XXXXX on s
ubnet xxx.xxx.xxx.xx
Feb 11 10:47:56 nas nmbd[2766]: [2016/02/11 10:47:56.620860, 0] ../source3/nmbd/nmbd_become_dmb.c:3
07(become_domain_master_browser_bcast)
Feb 11 10:47:56 nas nmbd[2766]: become_domain_master_browser_bcast: querying subnet 192.168.128.69
for domain master browser on workgroup XXXXX
Feb 11 10:47:56 nas nmbd[2766]: [2016/02/11 10:47:56.621439, 0] ../source3/nmbd/nmbd_become_dmb.c:2
37(become_domain_master_query_success)
Feb 11 10:47:56 nas nmbd[2766]: become_domain_master_query_success:
Feb 11 10:47:56 nas nmbd[2766]: There is already a domain master browser at IP xxx.xxx.xxx.xx for
workgroup XXXXX registered on subnet xxx.xxx.xxx.xx.
Feb 11 10:47:56 nas smbd[2769]: [2016/02/11 10:47:56.690873, 0] ../source3/passdb/secrets.c:366(fet
ch_ldap_pw)
Feb 11 10:47:56 nas smbd[2769]: fetch_ldap_pw: neither ldap secret retrieved!
Feb 11 10:47:56 nas smbd[2769]: [2016/02/11 10:47:56.691336, 0] ../source3/passdb/pdb_ldap.c:6427(pdb_init_ldapsam_common)
Feb 11 10:47:56 nas smbd[2769]: pdb_init_ldapsam_common: Failed to retrieve LDAP password from secrets.tdb
Feb 11 10:47:56 nas smbd[2769]: [2016/02/11 10:47:56.691376, 0] ../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
Feb 11 10:47:56 nas smbd[2769]: pdb backend ldapsam:ldap://xxxxxxxxx.xxxx.xxx:7389 did not correctly init (error was NT_STATUS_NO_MEMORY)
Feb 11 10:47:56 nas winbindd[2772]: [2016/02/11 10:47:56.786052, 0] ../source3/winbindd/winbindd_cache.c:3196(initialize_winbindd_cache)
Feb 11 10:47:56 nas winbindd[2772]: initialize_winbindd_cache: clearing cache and re-creating with version number 2
Feb 11 10:47:56 nas winbindd[2772]: [2016/02/11 10:47:56.848496, 0] ../lib/util/become_daemon.c:136(daemon_ready)
Feb 11 10:47:56 nas winbindd[2776]: STATUS=daemon 'winbindd' finished starting up and ready to serve connectionsfetch_ldap_pw: neither ldap secret retrieved!
Feb 11 10:47:56 nas winbindd[2776]: [2016/02/11 10:47:56.916381, 0] ../source3/passdb/pdb_ldap.c:6427(pdb_init_ldapsam_common)
Feb 11 10:47:56 nas winbindd[2776]: pdb_init_ldapsam_common: Failed to retrieve LDAP password from secrets.tdb
Feb 11 10:47:56 nas winbindd[2776]: [2016/02/11 10:47:56.916449, 0] ../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
Feb 11 10:47:56 nas winbindd[2776]: pdb backend ldapsam:ldap://xxxxxxxxx.xxxxx.xxx:7389 did not correctly init (error was NT_STATUS_NO_MEMORY)
Feb 11 10:47:56 nas winbindd[2776]: [2016/02/11 10:47:56.916738, 0] ../source3/lib/util.c:785(smb_panic_s3)
Feb 11 10:47:56 nas winbindd[2776]: PANIC (pid 2776): pdb_get_methods: failed to get pdb methods for backend ldapsam:ldap://servicios-ad.domca.com:7389
Feb 11 10:47:56 nas winbindd[2776]:
Feb 11 10:47:56 nas winbindd[2776]: [2016/02/11 10:47:56.917636, 0] ../source3/lib/util.c:896(log_stack_trace)
Feb 11 10:47:56 nas winbindd[2776]: BACKTRACE: 20 stack frames:
Feb 11 10:47:56 nas winbindd[2776]: #0 0x80552520c <smb_panic_s3+111> at /usr/local/lib/libsmbconf.so.0
Feb 11 10:47:56 nas winbindd[2776]: #1 0x800b7316f <smb_panic+40> at /usr/local/lib/libsamba-util.so.0
Feb 11 10:47:56 nas winbindd[2776]: #2 0x80282b98b <make_pdb_method_name+1349> at /usr/local/lib/libpdb.so.0
Feb 11 10:47:56 nas winbindd[2776]: #3 0x80282de79 <pdb_capabilities+13> at /usr/local/lib/libpdb.so.0
Feb 11 10:47:56 nas winbindd[2776]: #4 0x4c4ef5 <_lsa_EnumTrustedDomainsEx+21> at /usr/local/sbin/winbindd
Feb 11 10:47:56 nas winbindd[2776]: #5 0x4cf4ad <_lsa_LSARADTREPORTSECURITYEVENT+36934> at /usr/local/sbin/winbindd
Feb 11 10:47:56 nas winbindd[2776]: #6 0x433a38 <make_internal_rpc_pipe_p+1461> at /usr/local/sbin/winbindd​

the solution is to set the ldap bind password again with: smbpasswd -W and restart CIFS service.
Debugging 'generate_smb4_conf.py', i can see this command executed on boot.

So i don't know why this command executed on boot fails, nevertheless from command line it performs OK.

Attached is freenas-debug -C and freenas-debug -l

Almost there's two bug reports related: Bug #12407 and Bug #4624 closed or marked as 'Waiting For Feedback'

Thanks in advance.

 

[dlavigne]

Please create another bug report at bugs.freenas.org that includes your debug info and the required workaround and post the new issue number here.

 

[Martintamare]

Same issue here, how did you fix it ?

 

[jmserrano]

Still no luck.

Bug report #13592

 

[Martintamare]

I did the following, ugly but efficient :

edit /conf/base/etc/ix.rc.d/ix-pre-samba
comment lines in samba_pre_init
#backup_secrets_tdb
#restore_secrets_tdb