Re: [Freeipa-users] Samba Failing to start (Causing FreeIPA to not start!)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Alexander, Thank you for the pointers, However it seems that I am still not getting the ipaNTSecurityIdentifier returned. Even after re-running the ipa-adtrust-install --add-sids (which I believe it gave me the option for on initial install, and i said yes). I followed the steps on this site (I believe you directed me there) http://firstyear.id.au/entry/22 and the output from the commands: [root@ipa-server-2 ~]# kinit admin Password for ad...@foo.bar: [root@ipa-server-2 ~]# ldapsearch -Y GSSAPI '(cn=Default SMB Group)' SASL/GSSAPI authentication started SASL username: ad...@foo.bar SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base (default) with scope subtree # filter: (cn=Default SMB Group) # requesting: ALL # # Default SMB Group, groups, compat, foo.bar dn: cn=Default SMB Group,cn=groups,cn=compat,dc=foo,dc=bar gidNumber: 3512 objectClass: posixGroup objectClass: top cn: Default SMB Group # Default SMB Group, groups, accounts, foo.bar dn: cn=Default SMB Group,cn=groups,cn=accounts,dc=foo,dc=bar cn: Default SMB Group description: Fallback group for primary group RID, do not add users to this gr oup objectClass: top objectClass: ipaobject objectClass: posixgroup ipaUniqueID: 3aa5e9ac-2f37-11e5-9ef4-5254002ece04 gidNumber: 3512 # search result search: 4 result: 0 Success # numResponses: 3 # numEntries: 2 [root@ipa-server-2 ~]# kdestroy [root@ipa-server-2 ~]# kinit -kt /etc/samba/samba.keytab cifs/`hostname` [root@ipa-server-2 ~]# ldapsearch -Y GSSAPI '(cn=Default SMB Group)' SASL/GSSAPI authentication started SASL username: cifs/ipa-server-2.foo@foo.bar SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base (default) with scope subtree # filter: (cn=Default SMB Group) # requesting: ALL # # Default SMB Group, groups, compat, foo.bar dn: cn=Default SMB Group,cn=groups,cn=compat,dc=foo,dc=bar gidNumber: 3512 objectClass: posixGroup objectClass: top cn: Default SMB Group # Default SMB Group, groups, accounts, foo.bar dn: cn=Default SMB Group,cn=groups,cn=accounts,dc=foo,dc=bar cn: Default SMB Group description: Fallback group for primary group RID, do not add users to this gr oup objectClass: top objectClass: ipaobject objectClass: posixgroup ipaUniqueID: 3aa5e9ac-2f37-11e5-9ef4-5254002ece04 gidNumber: 3512 # search result search: 4 result: 0 Success # numResponses: 3 # numEntries: 2 Thanks, Bill Graboyes On 7/22/15 12:53 PM, Alexander Bokovoy wrote: > On Wed, 22 Jul 2015, William Graboyes wrote: >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 >> >> Hi All, >> >> I have been messing around with AD trust installs mainly around >> doing ntlm_auth for a radius server. >> >> However, as I was unable to see some of the needed resources, I >> thought maybe IPA may need a kick. >> > This is your problem: >> Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 >> 11:03:19.824614, 0] ipa_sam.c:3574(get_fallback_group_sid) Jul >> 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: Missing mandatory >> attribute ipaNTSecurityIdentifier. > What did you do? > > Try to search as admin and as cifs/`hostname`: # kinit admin # > ldapsearch -Y GSSAPI '(cn=Default SMB Group)' # kdestroy # kinit > -kt /etc/samba/samba.keytab cifs/`hostname` # ldapsearch -Y GSSAPI > '(cn=Default SMB Group)' > > If the first one gives you a proper entry with > ipaNTSecurityIdentifier and the second one does not return the same > entry, you've broke ACIs. > > If both of them are failing, you need to re-run > ipa-adtrust-install --add-sids to fix that. > -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVr/+oAAoJEJFMz73A1+zr+BIP/2+77QZnSWSI38Wz47kUr6Uh kOhv3gIAPlIq1ClJClbISOjwdpGBP0AUETsrbBixW7mMFswywDrLij7axbDh8MkO 8PLTH3Sv75foAUmAMH4ZIpB5NA8WNre5+gWuHAhLQnZBbedx0fm6ieuZvZBDHaFw 2rj+w8zkw0TWaf7ZmwTvawZwoy/OTfhkKLqfRvUfSxvpOeRl4AE/yUjje5rvacCK tuYwCM8Y4B0aDqRbOjbL4hyWiIVAmV5PhaVa8Qu5AwbOXV2+G5Mt6MxxMRmWBrE2 +ZwATAlqqomsZ1FYOVKgMn1ylO/SzaNde3u5rvE4vdWzP8mr/+APNIcxmp27GnWr cMGEOapdzehMVvVyW0FJ4gA+BxwhNzpGc+vo+98WeDq49yW/g3vwO/BQKqFkMaZW HZM784EAxRAEXEiAJ9bB2bOGfY/EVrvWZVjDO10Hu99kIFqN8hbjfSKlqEH00fV7 ihqHJf0lcOU4lIBH5vUxRZSHfUjMCv6TySdWZSlblO5dtTGRjgpe7Kwj2pRgCo3P PUagvJY4gkZ4ZbxIq+qkPHCNY90B+pGheVuJRfDA+Pl7bFY24/tbhnJ0kzuNQtYu K8UlD4o34AlDQr60I0bxYkwprtJneVPfVkW1+6LUDWw4eNGf1zjXQH9Jl8uQcir4 Eq5AtMD/ef8TjxQwWaHr =HkdM -END PGP SIGNATURE- -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Samba Failing to start (Causing FreeIPA to not start!)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Dave, There is no actual AD at this time. Thanks :) On 7/22/15 12:22 PM, Dave Sirrine wrote: > Bill, > > Can you let us know what version of FreeIPA you're using? The most > likely due to the occurrence of "NT_STATUS_INVALID_PARAMETER" which > is most likely a time skew issue between AD and IPA. Can you verify > this? Thanks! > > -- Dave > > - Original Message - >> From: "William Graboyes" To: >> "freeipa-users" Sent: Wednesday, July >> 22, 2015 2:14:51 PM Subject: [Freeipa-users] Samba Failing to >> start (Causing FreeIPA to notstart!) >> > Hi All, > > I have been messing around with AD trust installs mainly around > doing ntlm_auth for a radius server. > > However, as I was unable to see some of the needed resources, I > thought maybe IPA may need a kick. > > So I ran the following command > > `ipactl restart` > > # ipactl restart Restarting Directory Service Restarting krb5kdc > Service Restarting kadmin Service Restarting ipa_memcached Service > Restarting httpd Service Restarting ipa-otpd Service Starting smb > Service Job for smb.service failed. See 'systemctl status > smb.service' and 'journalctl -xn' for details. Failed to start smb > Service Shutting down Aborting ipactl > > # systemctl status smb.service smb.service - Samba SMB Daemon > Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled) > Active: failed (Result: exit-code) since Wed 2015-07-22 11:01:44 > PDT; 20s ago Process: 16752 ExecStart=/usr/sbin/smbd $SMBDOPTIONS > (code=exited, status=1/FAILURE) Main PID: 16752 (code=exited, > status=1/FAILURE) Status: "Starting process..." CGroup: > /system.slice/smb.service > > Jul 22 11:01:43 ipa-server-1.foo.bar systemd[1]: Starting Samba > SMB Daemon... Jul 22 11:01:43 ipa-server-1.foo.bar smbd[16751]: > [2015/07/22 11:01:43.956721, 0] > ../source3/smbd/server.c:1269(main) Jul 22 11:01:44 > ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 Jul 22 > 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 Jul > 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client > step 2 Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: > smb.service: main process exited, code=exited, status=1/FAILURE Jul > 22 11:01:44 ipa-server-1.foo.bar systemd[1]: Failed to start Samba > SMB Daemon. Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: Unit > smb.service entered failed state. > > journalctl -xn provides no useful information, however journalctl > does... sorta: > > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824614, 0] ipa_sam.c:3574(get_fallback_group_sid) Jul 22 > 11:03:19 ipa-server-1.foo.bar smbd[16903]: Missing mandatory > attribute ipaNTSecurityIdentifier. Jul 22 11:03:19 > ipa-server-1.foo.bar smbd[16903]: [2015/07/22 11:03:19.824829, 0] > ipa_sam.c:4526(pdb_init_ipasam) Jul 22 11:03:19 > ipa-server-1.foo.bar smbd[16903]: Cannot find SID of fallback > group. Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: > [2015/07/22 11:03:19.824878, 0] > ../source3/passdb/pdb_interface.c:178(make_pdb_method_name) Jul 22 > 11:03:19 ipa-server-1.foo.bar smbd[16903]: pdb backend > ipasam:ldapi://%2fvar%2frun%2fslapd-CENIC-ORG.socket did not > correctly init (error was NT_STATUS_INVALID_PARAMETER) Jul 22 > 11:03:19 ipa-server-1.foo.bar systemd[1]: smb.service: main process > exited, code=exited, status=1/FAILURE Jul 22 11:03:19 > ipa-server-1.foo.bar systemd[1]: Failed to start Samba SMB Daemon. > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: Unit smb.service > entered failed state. > > > Thanks, Bill > >> >> -- Manage your subscription for the Freeipa-users mailing list: >> https://www.redhat.com/mailman/listinfo/freeipa-users Go to >> http://freeipa.org for more info on the project >> -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVr/slAAoJEJFMz73A1+zr9i0P/ikhGkBsqX0zT6bqHjah7Gyy dvP2jd+WJeJxhH8jsLhUEGs26OcPdLVRc8MkvIeINcZd8dTz4l7gRVZZVk4dVho4 Tqg29EMbXh+5EOiOYd0LcFuZA1q0rFUaa9b56a3xnm9njwvKUwjnlRfUOMim3kKZ 6XfN1fAT7VVKqKJXyWn534ym/msivOuklbV5n0if0TAuIHe9X4Uwl8VvMiBsCtSv cpcpFEAZLygzW9qMxl9RgxYqPCN9gor8pW2ijO6BjJqfXTxQ0AxTCz+0C3mMizf7 lc4tdprS4hR1eWnrooBGahznm3usb4eRJvEAslHY7UUfsla9B4fgmJN4Nis8J7Mk CIRMZrFNI1YlVw8bfgxr3viq+lcVxFWAPghffmXfv1yu3Gx0OBa6bGD8fuNKVLU1 AoHZL6z0cHgGH6RsWjgC7APutssE6JqhWDTxa9cDcUozpN9R4fOH3H7uFAhJkSOU ZbslxHnmLOaLRXIDAyx9oAfp4ndYxMQH1mZ5scRHGkIZEv49mJtUOfgka67X/3xB bh78q/nxMibomteFZiWIXeCtxTOKaZ2wZLqPuhd/HS+689C9ONADsGcP8Tae/f35 nSBJEbZXzsrcWy3CN4iYtZ4dQK55FSBfW5GCyvnrBMO4MGsw48UzPOS1WiQ63NPd s0tJA1c/IO2kPzQzCaFM =KNGl -END PGP SIGNATURE- -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Samba Failing to start (Causing FreeIPA to not start!)
On Wed, Jul 22, 2015 at 11:14:51AM -0700, William Graboyes wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hi All, > > I have been messing around with AD trust installs mainly around doing > ntlm_auth for a radius server. > > However, as I was unable to see some of the needed resources, I > thought maybe IPA may need a kick. > > So I ran the following command > > `ipactl restart` > > # ipactl restart > Restarting Directory Service > Restarting krb5kdc Service > Restarting kadmin Service > Restarting ipa_memcached Service > Restarting httpd Service > Restarting ipa-otpd Service > Starting smb Service > Job for smb.service failed. See 'systemctl status smb.service' and > 'journalctl -xn' for details. > Failed to start smb Service > Shutting down > Aborting ipactl > > # systemctl status smb.service > smb.service - Samba SMB Daemon >Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled) >Active: failed (Result: exit-code) since Wed 2015-07-22 11:01:44 > PDT; 20s ago > Process: 16752 ExecStart=/usr/sbin/smbd $SMBDOPTIONS (code=exited, > status=1/FAILURE) > Main PID: 16752 (code=exited, status=1/FAILURE) >Status: "Starting process..." >CGroup: /system.slice/smb.service > > Jul 22 11:01:43 ipa-server-1.foo.bar systemd[1]: Starting Samba SMB > Daemon... > Jul 22 11:01:43 ipa-server-1.foo.bar smbd[16751]: [2015/07/22 > 11:01:43.956721, 0] ../source3/smbd/server.c:1269(main) > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 2 > Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: smb.service: main > process exited, code=exited, status=1/FAILURE > Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: Failed to start Samba > SMB Daemon. > Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: Unit smb.service > entered failed state. > > journalctl -xn provides no useful information, however journalctl > does... sorta: > > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824614, 0] ipa_sam.c:3574(get_fallback_group_sid) > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: Missing mandatory > attribute ipaNTSecurityIdentifier. > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824829, 0] ipa_sam.c:4526(pdb_init_ipasam) > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: Cannot find SID of > fallback group. > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824878, 0] > ../source3/passdb/pdb_interface.c:178(make_pdb_method_name) > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: pdb backend > ipasam:ldapi://%2fvar%2frun%2fslapd-CENIC-ORG.socket did not correctly > init (error was NT_STATUS_INVALID_PARAMETER) > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: smb.service: main > process exited, code=exited, status=1/FAILURE > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: Failed to start Samba > SMB Daemon. > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: Unit smb.service > entered failed state. You can try and run 'ipa-adtrust-install' a second time. This might add all attributes smbd needs. HTH bye, Sumit > > > Thanks, > Bill > > -BEGIN PGP SIGNATURE- > Version: GnuPG/MacGPG2 v2 > Comment: GPGTools - https://gpgtools.org > > iQIcBAEBCgAGBQJVr92bAAoJEJFMz73A1+zrgmAQAJp9DXynmqX89gWlacRmS/Hy > HiwAaiHXmCG7cpWY0PE68l8XgUmpBtOWQJ7hPv83BG1DAyPX267npnFgtJ8t50j7 > mwr9OyuKNiQs0ki4wOnnyNt2xGTgQimugQG0bQsIbP0QBoVAOu6RjK+ucGpagWv8 > zcdIjVP1jjf7I9KtgYzSBT1siFfcP1NAVnd47WC7ombL0db0KIi9oWNy6xXx5rkq > cSmfonN7jFmkn4gHPzNcqZAIVG+IFJfpqU/OAQrELjkcCXM57BRuzwffnI0DFt6d > Wm7liuoZHRABlaQ+L9OazCFPGOzpTWKCICdW4Vq6ixpnBG5eRR24Yfqn0z+86R4u > WmCz2aJEDa2zlZ4IYXZNnIxWkANg+cAxutBKPvyCmQxjxNz9YbPshhQBGG3JVf66 > B3CquNAXNw5O5N/vlKl8RtA4/xArRfvvXtofVrOgRAsjLw2Xdw8tahfIJKptNyYO > 86CDmyxgoK2ucdncJ5dC8GhX1ajBf5Mu8YnFC7MlfrS72TxsjCBMs5Y5rRmwZwA6 > ZF8TkfaZJmQc/bNe9V/+Ol/qXZM28ZrvZTs68/jTlRlruNc2D9458mdajKxUZB3n > OaIdE/hXqH7HB32qp9733TCtFxRoJlrD5tVURkHl9kqgnqKxcDZ56VPmNYRn4GYu > Y7j1+rZUNTtgDUJDk+Jk > =xQLh > -END PGP SIGNATURE- > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Samba Failing to start (Causing FreeIPA to not start!)
On Wed, 22 Jul 2015, William Graboyes wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi All, I have been messing around with AD trust installs mainly around doing ntlm_auth for a radius server. However, as I was unable to see some of the needed resources, I thought maybe IPA may need a kick. This is your problem: Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 11:03:19.824614, 0] ipa_sam.c:3574(get_fallback_group_sid) Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: Missing mandatory attribute ipaNTSecurityIdentifier. What did you do? Try to search as admin and as cifs/`hostname`: # kinit admin # ldapsearch -Y GSSAPI '(cn=Default SMB Group)' # kdestroy # kinit -kt /etc/samba/samba.keytab cifs/`hostname` # ldapsearch -Y GSSAPI '(cn=Default SMB Group)' If the first one gives you a proper entry with ipaNTSecurityIdentifier and the second one does not return the same entry, you've broke ACIs. If both of them are failing, you need to re-run ipa-adtrust-install --add-sids to fix that. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Samba Failing to start (Causing FreeIPA to not start!)
Bill, Can you let us know what version of FreeIPA you're using? The most likely due to the occurrence of "NT_STATUS_INVALID_PARAMETER" which is most likely a time skew issue between AD and IPA. Can you verify this? Thanks! -- Dave - Original Message - > From: "William Graboyes" > To: "freeipa-users" > Sent: Wednesday, July 22, 2015 2:14:51 PM > Subject: [Freeipa-users] Samba Failing to start (Causing FreeIPA to not > start!) > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hi All, > > I have been messing around with AD trust installs mainly around doing > ntlm_auth for a radius server. > > However, as I was unable to see some of the needed resources, I > thought maybe IPA may need a kick. > > So I ran the following command > > `ipactl restart` > > # ipactl restart > Restarting Directory Service > Restarting krb5kdc Service > Restarting kadmin Service > Restarting ipa_memcached Service > Restarting httpd Service > Restarting ipa-otpd Service > Starting smb Service > Job for smb.service failed. See 'systemctl status smb.service' and > 'journalctl -xn' for details. > Failed to start smb Service > Shutting down > Aborting ipactl > > # systemctl status smb.service > smb.service - Samba SMB Daemon >Loaded: loaded (/usr/lib/systemd/system/smb.service; disabled) >Active: failed (Result: exit-code) since Wed 2015-07-22 11:01:44 > PDT; 20s ago > Process: 16752 ExecStart=/usr/sbin/smbd $SMBDOPTIONS (code=exited, > status=1/FAILURE) > Main PID: 16752 (code=exited, status=1/FAILURE) >Status: "Starting process..." >CGroup: /system.slice/smb.service > > Jul 22 11:01:43 ipa-server-1.foo.bar systemd[1]: Starting Samba SMB > Daemon... > Jul 22 11:01:43 ipa-server-1.foo.bar smbd[16751]: [2015/07/22 > 11:01:43.956721, 0] ../source3/smbd/server.c:1269(main) > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 1 > Jul 22 11:01:44 ipa-server-1.foo.bar smbd[16752]: GSSAPI client step 2 > Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: smb.service: main > process exited, code=exited, status=1/FAILURE > Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: Failed to start Samba > SMB Daemon. > Jul 22 11:01:44 ipa-server-1.foo.bar systemd[1]: Unit smb.service > entered failed state. > > journalctl -xn provides no useful information, however journalctl > does... sorta: > > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824614, 0] ipa_sam.c:3574(get_fallback_group_sid) > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: Missing mandatory > attribute ipaNTSecurityIdentifier. > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824829, 0] ipa_sam.c:4526(pdb_init_ipasam) > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: Cannot find SID of > fallback group. > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: [2015/07/22 > 11:03:19.824878, 0] > ../source3/passdb/pdb_interface.c:178(make_pdb_method_name) > Jul 22 11:03:19 ipa-server-1.foo.bar smbd[16903]: pdb backend > ipasam:ldapi://%2fvar%2frun%2fslapd-CENIC-ORG.socket did not correctly > init (error was NT_STATUS_INVALID_PARAMETER) > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: smb.service: main > process exited, code=exited, status=1/FAILURE > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: Failed to start Samba > SMB Daemon. > Jul 22 11:03:19 ipa-server-1.foo.bar systemd[1]: Unit smb.service > entered failed state. > > > Thanks, > Bill > > -BEGIN PGP SIGNATURE- > Version: GnuPG/MacGPG2 v2 > Comment: GPGTools - https://gpgtools.org > > iQIcBAEBCgAGBQJVr92bAAoJEJFMz73A1+zrgmAQAJp9DXynmqX89gWlacRmS/Hy > HiwAaiHXmCG7cpWY0PE68l8XgUmpBtOWQJ7hPv83BG1DAyPX267npnFgtJ8t50j7 > mwr9OyuKNiQs0ki4wOnnyNt2xGTgQimugQG0bQsIbP0QBoVAOu6RjK+ucGpagWv8 > zcdIjVP1jjf7I9KtgYzSBT1siFfcP1NAVnd47WC7ombL0db0KIi9oWNy6xXx5rkq > cSmfonN7jFmkn4gHPzNcqZAIVG+IFJfpqU/OAQrELjkcCXM57BRuzwffnI0DFt6d > Wm7liuoZHRABlaQ+L9OazCFPGOzpTWKCICdW4Vq6ixpnBG5eRR24Yfqn0z+86R4u > WmCz2aJEDa2zlZ4IYXZNnIxWkANg+cAxutBKPvyCmQxjxNz9YbPshhQBGG3JVf66 > B3CquNAXNw5O5N/vlKl8RtA4/xArRfvvXtofVrOgRAsjLw2Xdw8tahfIJKptNyYO > 86CDmyxgoK2ucdncJ5dC8GhX1ajBf5Mu8YnFC7MlfrS72TxsjCBMs5Y5rRmwZwA6 > ZF8TkfaZJmQc/bNe9V/+Ol/qXZM28ZrvZTs68/jTlRlruNc2D9458mdajKxUZB3n > OaIdE/hXqH7HB32qp9733TCtFxRoJlrD5tVURkHl9kqgnqKxcDZ56VPmNYRn4GYu > Y7j1+rZUNTtgDUJDk+Jk > =xQLh > -END PGP SIGNATURE- > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project