Univention Bugzilla – Bug 36208
Samba 3 Jenkins setup failed with UCS 4.0
Last modified: 2014-11-26 06:54:36 CET
In Jenkins several samba tests fail for Samba 3 environments. For example: ------------------------------------------------------------------------------ *** BEGIN *** ['/bin/bash', '40password-policies'] *** *** 50_samba/40password-policies *** Test whether it works to set a password policy *** ----create user info 2014-10-16 01:25:49 create user bapxaowf Object created: uid=bapxaowf,cn=users,dc=autotest094,dc=local Waiting for replication: OK: replication complete (nid=5050 lid=5050) Done: replication complete. ----net rpc:test normal connection Unable to find a suitable server for domain AUTOTEST094 error 2014-10-16 01:25:51 initial authentification failed ----set pwdChangeNextLogin=1 error 2014-10-16 01:25:51 **************** Test failed above this line (1) **************** Waiting for replication: OK: replication complete (nid=5051 lid=5051) Done: replication complete. ----net rpc: try to login without changing the password (should fail) Unable to find a suitable server for domain AUTOTEST094 ----changing the password with net rpc Failed to set password for 'bapxaowf' with error: The semaphore time-out period has expired.. Waiting for replication: error 2014-10-16 01:26:06 net rpc user password change returned a non-zero exit code: 0. Continuing anyway, see Bug #31794 OK: replication complete (nid=5053 lid=5053) Done: replication complete. ----net rpc:try to login with a new password Unable to find a suitable server for domain AUTOTEST094 ----net rpc:try to login with old password (should fail) error 2014-10-16 01:26:47 *** Check failed (1), but this might be caused by the error above *** Unable to find a suitable server for domain AUTOTEST094 ----UDM:try to login with old password (should fail) ----UDM:try to login with new password info 2014-10-16 01:26:48 remove user bapxaowf Object removed: uid=bapxaowf,cn=users,dc=autotest094,dc=local debug 2014-10-16 01:26:48 user bapxaowf removed info 2014-10-16 01:26:48 checking whether the user bapxaowf is really removed debug 2014-10-16 01:26:49 user bapxaowf does not exist *** END *** 1 *** ------------------------------------------------------------------------------ It seems that the local Samba join failed: ------------------------------------------------------------------------------ Configure 26univention-samba.inst Thu Oct 16 00:03:33 CEST 2014 Create samba/role Multifile: /etc/samba/smb.conf Create samba/profileserver Create samba/profilepath Create samba/homedirserver Create samba/homedirpath Create samba/homedirletter Multifile: /etc/samba/smb.conf Create samba/domain/security Multifile: /etc/samba/smb.conf Setting samba/autostart Multifile: /etc/samba/smb.conf Not updating samba/autostart Stopping the Winbind daemon: winbind. Create samba/user Create samba/user/pwdfile Multifile: /etc/samba/smb.conf Setting stored password for "cn=slave094,cn=dc,cn=computers,dc=autotest094,dc=local" in secrets.tdb setting idmap secret for '*' from /etc/machine.secret Secret stored Stopping Samba daemons: nmbd smbd. Starting Samba daemons: nmbd smbd. Object modified: cn=slave094,cn=dc,cn=computers,dc=autotest094,dc=local Failed to join domain: Machine is a Domain Controller Failed to join domain: Machine is a Domain Controller Failed to join domain: Machine is a Domain Controller ERROR: Failed to join via net rpc join. Please check your Samba DCs and your DNS and WINS configuration. ------------------------------------------------------------------------------
Yes, this new message Failed to join domain: Machine is a Domain Controller was introduced by these commits: https://git.samba.org/samba.git/?p=samba.git;a=commitdiff;h=3f5d5bc3 and https://git.samba.org/samba.git/?p=samba.git;a=commitdiff;h=15f6e27bd I will check if we can change something in smb.conf or if we have to patch this out.
(In reply to Arvid Requate from comment #1) > I will check if we can change something in smb.conf or if we have to patch > this out. OK, another solution would be to skip the local join. I tested it in a first temporary hack: r54618
About this message "Unable to find a suitable server for domain AUTOTEST094": I also get that on a UCS 3.2-3 Samba3 Slave when I run "net rpc info" on the Slave when Samba has been stopped on the master. When I add -S localhost it works. Maybe we now also see this in the UCS4.0 jenkins jobs because both DCs are in different subnets? Maybe it indicates a change in the samba name resolution? Or it's due to the missing join? While we could fix the test by running net rpc info with the option -S localhost, I'd like to first see if this indicates an issue. I re-enabled the DC join now, let's see if this works and changes anything.
Reviving the join code didn't work, so I adjusted the tests (which is good anyway). Let's see.
Fixed by upstream patch 90_allow_samba3_DC_join.patch. I reverted the change of Comment 2. I also reverted the same workaround for related Bug #35766.
OK - samba Join in UCS 4.0 master -> univention-install univention-samba ... Object modified: cn=master,cn=dc,cn=computers,dc=w2k12,dc=test Failed to join domain: failed to find DC for domain W2K12 No realm has been specified! Do you really want to join an Active Directory server? No realm has been specified! Do you really want to join an Active Directory server? Using short domain name -- W2K12 Joined 'MASTER' to domain 'W2K12' -> net rpc testjoin Join to 'W2K12' is OK OK - reverted the same workaround for related Bug #35766. OK - jenkins OK - no changelog entry, join worked in UCS 3.2
UCS 4.0-0 has been released: http://docs.univention.de/release-notes-4.0-0-en.html http://docs.univention.de/release-notes-4.0-0-de.html If this error occurs again, please use "Clone This Bug".