Solved Samba 4.1 on FreeBSD 10.1: Duplicate Objects is Shared Directory Listings

Yes, both under [global] and under each individual share. It was one of the first things I tried before eventually resorting to building a second server.

If you don't believe me, silkie, von_Gaden, or waywardnl, you can reproduce this bug rather easily by actually installing samba41 and provisioning a DC via samba-tool. Nothing else seems necessary to reproduce.
 
Zeal said:
It's an obnoxious regression since provisioning a domain is easy, well documented, and impressively fool-proof, but joining an existing domain is less so. Especially since samba-tool purports to allow such a feat, but it doesn't actually work.
Click to expand...

You should provision only AD DCs, member servers are easily joined after building the config file (the old way). If you like I can provide a little how-to. The last post here https://forums.freebsd.org/threads/samba-4-1-member-server-problems-with-accessing-ad.46881 would be very helpful I think.

Duplicate objects appeared for me after update to FreeBSD 10.1. Now I think when the file server is not AD DC we have no duplicate objects but I'm not sure about some problems with file locking not discussed here.
 
Well Lads, I fixed this!

I had a read of this file /usr/ports/net/samba43/files/README.FreeBSD.in while tinkering with something else.

Turns out that commenting out the following lines does the trick :)

Code: 
#  server services = rpc, .....
#  dcerpc endpoint servers = epmapper, .....

I hope this helps someone out there. I know it's been almost a year since I originally posted this but if it saves someone else pulling there hair out then that would be dandy.

Moral of the story, RTFM. Just helps to know where the sodding manual is I guess. :p

Mod - please mark as solved. If we leave it to me it might take me a year to figure it out... hahahahaha
 
Oh dear ... I've been wrestling with these issues all week ... in the end I will follow the Samba devs and run separate DC and file server(s). Not so much because of the undocumented maybe solutions right now all ending up with duplicated file and directory entries, but because it is obvious over the years that AD integration and file sharing are really two (or more with zfs, btrfs etc) separate tracks ... I don't want to be in a situation where my "all in one" AD and file server has issues because then everything goes down ... so my experience is telling me always have one (or more) virtualized DC's doing nothing but DC work and then add the file servers physical or virtual ... fwiw I am running FreeBSD based virtualized dcs both Vrtualbox or bhyve with good results, although they can be a little slow at times ... just my 2 cents' and trying to help!

Also, very strange that with FreeBSD 10.2 and Samba 42 (or 43, I don't think it matters), I get a painless domain join for Win 2012 server (and assuming Windows workstations, haven't got there yet), but joining a Samba member server proved to be incredibly painful to diagnose - had to manually add the DNS A record first (via Microsoft's rsat tools) and then try to join the domain with net ads join ... - still get an error
Code: 
Joined 'M1' to dns domain 'samdom.example.com'
No DNS domain configured for m1. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER

But in fact the file server does properly show up in Active Directory Sites and I can issue this command on the newly joined samba member server:

net rpc rights list accounts -U'SAMDOM\administrator'

[replace SAMDOM with your domain]

And get the accounts/rights list for the domain ... so I'd say it has successfully joined the domain. now I am on to wrestling with zfs underlying file shares ...
 
If your server is not a DC but member the share definition is quite simple:
Code: 
[users]
  path = /var/smb/users
  read only = No
  browseable = Yes
  vfs objects = zfsacl recycle
  recycle:keeptree = On
  recycle:versions = On
  recycle:maxsize = 10485760
  recycle:repository = .recycle
  recycle:exclude = *.tmp, *.bak
note that recycle VFS does NOT work on DC (tested on net/samba41 and net/samba42).

I didn't test "previous versions" via ZFS snapshots yet.
 
You must log in or register to reply here.
Back
Top