Shares create on DC don´t not configure shares on member server

Knappe · October 18, 2019, 10:54am

ucs version 4.4-2 errata 319

old shares are working but not new shares.

Steps DC:

configure a new share on the DC
create share in container of the destination member server
input global vars - no extra options and save
new samba share is listed in the main share view

Control Member Server:

/etc/samba/shares.conf --> no include statement for the new share
/etc/samba/shares.conf.d/ --> no config file for the new share
(If both created manually shares are announced after smbd restart)

If an existing share is modified on the DC, the changes are also not updated in the corresponding config files.

Any idears ?

SirTux · October 18, 2019, 1:34pm

The container is not important. Do you have specified the correct server name? What’s the local path of the share? You may find some hints in /var/log/univention/listener.log on the member server.

IT-Bizz · October 27, 2019, 7:04am

After a long time (years), I had to create a few new shares. Currently UCS 4.4-2 errata 322. And I also find shares not creating correctly. I might have missed some important information. However, a new new share created: smb-documens , whatever owner/group is selected, it defaults to: root: Domain User.
My /var/log/univention/listener.log returns:

16.10.19 06:25:56.532  DEBUG_INIT
16.10.19 06:25:56.542  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.name:7389
16.10.19 06:25:56.543  LDAP        ( PROCESS ) : connecting to ldap://a.nother.name:7389
16.10.19 06:25:56.553  LISTENER    ( ERROR   ) : failed to connect to any notifier
16.10.19 06:25:56.554  LISTENER    ( WARN    ) : can not connect any server, retrying in 30 seconds
16.10.19 06:26:26.554  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.name:7389
16.10.19 06:26:26.554  LDAP        ( PROCESS ) : connecting to ldap://a.nother.name:7389
16.10.19 06:26:28.460  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.py failed
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/samba4-idmap.py", line 57, in <module>
    lp.load('/etc/samba/smb.conf')
RuntimeError: Unable to load file /etc/samba/smb.conf
16.10.19 06:26:28.460  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.py failed in module_import()
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=a.nother.name port=7389 base=dc=nother,dc=name
UNIVENTION_DEBUG_END    : uldap.__open host=a.nother.name port=7389 base=dc=nother,dc=name
16.10.19 06:45:05.327  LISTENER    ( WARN    ) : received signal 15
16.10.19 06:48:23.042  DEBUG_INIT
16.10.19 06:48:23.069  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.name:7389
16.10.19 06:48:23.069  LDAP        ( PROCESS ) : connecting to ldap://a.nother.name:7389
16.10.19 06:48:23.079  LISTENER    ( ERROR   ) : failed to connect to any notifier
16.10.19 06:48:23.079  LISTENER    ( WARN    ) : can not connect any server, retrying in 30 seconds
16.10.19 06:48:53.080  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.name:7389
16.10.19 06:48:53.080  LDAP        ( PROCESS ) : connecting to ldap://a.nother.name:7389
16.10.19 06:48:57.401  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.py failed
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/samba4-idmap.py", line 57, in <module>
    lp.load('/etc/samba/smb.conf')
RuntimeError: Unable to load file /etc/samba/smb.conf
16.10.19 06:48:57.401  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.py failed in module_import()
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=a.nother.name port=7389 base=dc=nother,dc=name
UNIVENTION_DEBUG_END    : uldap.__open host=a.nother.name port=7389 base=dc=nother,dc=name
16.10.19 10:48:03.063  LISTENER    ( WARN    ) : received signal 15
16.10.19 10:48:09.948  DEBUG_INIT
16.10.19 10:48:09.957  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.name:7389
16.10.19 10:48:09.957  LDAP        ( PROCESS ) : connecting to ldap://a.nother.name:7389

There are also no config files in /etc/samba/shares.conf.d# created. The share module for this share, still returns the chosen selection. I did not notice any upgrade/update errors so far in the past years.
new share name: smb-documents location: /home/smb-documents

Thank you
IT-Bizz

Knappe · October 27, 2019, 9:05am

I made a few tests in the meantime and it seems the problem has to do with the ACL’s from the generating directory.

If I created a new share on a memberserver in the directory “/var/www”, the share is created (as IT-Bizz mentioned) with root: Domain User (where Domain User is here nogroup).
In this case no entries created in /etc/samba/shares.conf.

> # getfacl /var
> getfacl: Entferne führende '/' von absoluten Pfadnamen
> # file: var
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x

> # getfacl /var/www/
> getfacl: Entferne führende '/' von absoluten Pfadnamen
> # file: var/www/
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x

If a directory is created directly under root, everything is ok.
Same, if new dir is under exsting “/opt”

> # getfacl /opt
> getfacl: Entferne führende '/' von absoluten Pfadnamen
> # file: opt
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x

If a share is created as a subdir of a new dir (e.g. “/newdir/newshare”) the main dir “/newdir” get´s wrong group type --> nogroup instead of the group from the config dialog in DC. The “newshare” dir is correct.

But never under “/var” or /var/www", although the ACL’s are identical to those of e.g. “/ opt”; actually no idear why.

Last but not least: a directory share is never deleted on the memberserver. Also not when it is empty, never used and the checkbox “Delete associated items” is checked. The entries in the config-files are deleted.

Moritz_Bunkus · October 27, 2019, 9:23am

Hey,

IT-Bizz:

Rraceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/samba4-idmap.py", line 57, in <module>
    lp.load('/etc/samba/smb.conf')
RuntimeError: Unable to load file /etc/samba/smb.conf

This doesn’t sound good. Is Sabma really installed on that machine? Please check with dpkg -l univention-samba4 which should show a line starting with ii univention-samba4 …

Next let UCS re-create all managed config files from their templates & tell the directory listener to re-run the Samba listener module:

ucr commit
univention-directory-listener-ctrl resync samba-shares

This is most likely a result of the prior error: the directory listener module for Samba cannot be loaded because smb.conf isn’t found, and therefore it won’t handle share creation/modification events. The commands above might already fix this.

Please see this post about creating Samba shares in /var. Yes, that post is in German; if you don’t understand it, I’ll be happy to translate it into English.

Edit: oops, removed my note about old threads. I somehow read “8 days” as “8 years”. Sorry about that.

IT-Bizz · October 28, 2019, 6:51am

Hello Mr Bunkus,

is samba installed?

# dpkg -l univention-samba4
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version      Architecture Description
+++-==============-============-============-=================================
ii  univention-sam 8.0.0-27A~4. amd64        UCS - Samba4 integration package

The other, I will do in a next reply, as this might get to long

IT-Bizz · October 28, 2019, 6:54am

# ucr commit              //results
File: /etc/logrotate.d/univention-management-console
File: /etc/sudoers.d/univention
File: /etc/cron.d/sysvol-cleanup
File: /etc/modules
File: /etc/cron.d/univention-system-stats
Multifile: /etc/python2.7/sitecustomize.py
File: /etc/init.d/heimdal-kdc
File: /etc/cron.d/univention-server-master
Module: setup_saml_sp
skipping UCR registration
File: /etc/security/access-su.conf
File: /etc/security/access-chfn.conf
File: /etc/logrotate.d/univention-config-registry-replog
File: /etc/nagios-plugins/config/univention-s4-connector.cfg
File: /etc/samba/base.conf
File: /etc/docker/seccomp-systemd.json
File: /etc/cron.d/univention-pam
File: /etc/postfix/sasl/smtpd.conf
File: /etc/postfix/tls_policy
File: /etc/pam.d/login
File: /etc/init.d/bind9
Multifile: /etc/postfix/transport
File: /etc/default/stunnel4
File: /etc/dhcp/dhcpd.conf
File: /etc/ldap/sasl2/slapd.conf
File: /var/lib/univention-ldap/ldap/DB_CONFIG
File: /etc/cron.d/univention-directory-policy
File: /etc/cron.d/univention-mail-postfix
File: /etc/apache2/ports.conf
File: /var/www/robots.txt
Multifile: /etc/postfix/ldap.virtualwithcanonical
File: /etc/sysctl.d/local.conf
File: /var/www/univention/languages.json
Module: autostart
File: /etc/default/locale
File: /etc/initramfs-tools/initramfs.conf
File: /etc/ntp.conf
File: /etc/security/access-ppp.conf
Multifile: /etc/apache2/sites-available/default-ssl.conf
Multifile: /etc/pam.d/univention-management-console
File: /etc/network/if-up.d/bind9
Multifile: /etc/simplesamlphp/metadata/saml20-sp-remote.php
File: /etc/pam.d/kdm
File: /etc/apache2/sites-available/univention-saml.conf
File: /etc/modprobe.d/univention-blacklist.conf
File: /etc/krb5.conf
File: /etc/resolv.conf
File: /etc/nagios-plugins/config/univention-libvirtd.cfg
File: /etc/security/packetfilter.d/10_univention-firewall_start.sh
Multifile: /etc/postfix/ldap.transport
File: /etc/memcached_univention_saml.conf
File: /etc/univention/directory/reports/default/de_DE/header.rml
File: /etc/apache2/sites-available/univention-portal.conf
File: /etc/kernel-img.conf
File: /var/lib/samba/private/krb5.conf
File: /etc/apache2/sites-available/univention-udm.conf
File: /usr/share/univention-management-console/i18n/de/apps.mo
File: /etc/univention/directory/reports/default/en_US/footer.rml
File: /etc/pam.d/common-password
File: /etc/cron.d/univention-directory-reports-cleanup
Multifile: /etc/postfix/master.cf
File: /var/lib/univention-ldap/translog/DB_CONFIG
Module: uvmm_restore
File: /etc/logrotate.d/univention-portal
File: /etc/cron.d/univention-home-mounter
File: /etc/security/access-rlogin.conf
File: /etc/default/ssh
File: /etc/nsswitch.conf
File: /etc/security/access-screen.conf
File: /etc/security/access-kdm.conf
File: /etc/logrotate.d/univention-virtual-machine-manager-daemon
File: /etc/cron.d/univention-mrtg
File: /etc/cron.d/univention-ldap
File: /etc/bash.bashrc
Multifile: /etc/simplesamlphp/metadata/saml20-idp-hosted.php
File: /etc/security/packetfilter.d/80_univention-firewall_policy.sh
File: /etc/pam.d/chfn
File: /etc/docker/daemon.json
File: /etc/lsb-release
File: /etc/heimdal-kdc/kdc.conf
File: /etc/e2fsck.conf
Multifile: /etc/hosts
File: /etc/systemd/system/getty@.service.d/nottyreset.conf
File: /etc/cron.d/univention-nagios
File: /etc/systemd/system/bind9.service.d/10-configure-backend.conf
Module: univention_blog
Object exists: cn=univentionblog,cn=portal,cn=univention,dc=it-bizz,dc=intranet
Multifile: /etc/postfix/ldap.sharedfolderremote
File: /etc/security/access-kscreensaver.conf
File: /usr/share/initramfs-tools/init
File: /etc/init.d/samba
File: /etc/cron.d/sysvol-sync
File: /etc/freeradius/3.0/radiusd.conf
File: /etc/security/packetfilter.d/20_rsyslog.sh
File: /etc/univention/directory/reports/default/de_DE/footer.rml
Multifile: /etc/postfix/main.cf
File: /etc/pam.d/sudo
File: /usr/share/univention-management-console/modules/setup-certificate.xml
File: /etc/bind/named.conf.proxy
File: /etc/runit/univention-virtual-machine-manager-daemon/run
File: /etc/pam.d/cron
File: /etc/logrotate.d/samba
File: /etc/pam.d/ppp
File: /etc/systemd/journald.conf
File: /etc/pam.d/gdm
File: /etc/libvirt/libvirtd.conf
File: /etc/pam.d/smtp
File: /etc/cron.d/univention-ucr-cronjobs
File: /etc/pam_ldap.conf
File: /etc/default/nfs-kernel-server
File: /etc/logrotate.d/univention-directory-notifier
Multifile: /etc/python2.6/sitecustomize.py
File: /etc/security/access-passwd.conf
File: /etc/logrotate.d/winbind
File: /etc/logrotate.d/univention-updater
File: /etc/apt/apt.conf.d/20secureapt
File: /etc/dhcp/dhclient.conf
Multifile: /etc/postfix/ldap.canonicalrecipient
File: /etc/default/ifplugd
File: /etc/security/access-kcheckpass.conf
File: /etc/simplesamlphp/config.php
File: /etc/apache2/sites-available/univention-proxy.conf
File: /etc/logrotate.d/univention-dhcp
File: /etc/security/access-sshd.conf
Multifile: /etc/postfix/ldap.distlist
File: /etc/univention/directory/reports/default/en_US/header.rml
File: /etc/listfilter.secret
Multifile: /etc/postfix/ldap.canonicalsender
File: /etc/logrotate.d/univention-samba4
File: /etc/modprobe.d/nfs-kernel-lockd.conf
File: /etc/nagios/nrpe.cfg
File: /etc/apache2/ucs-sites.conf.d/univention-portal.conf
File: /etc/networks
File: /etc/ssh/ssh_config
File: /etc/pam.d/screen
Script: /etc/univention/templates/scripts/univention-maintenance-mode-service
File: /etc/apache2/sites-available/univention.conf
File: /etc/apache2/sites-available/univention-proxy.conf
Multifile: /etc/pam.d/common-auth
Multifile: /etc/pam.d/common-session
File: /etc/ldap/ldap.conf
File: /etc/stunnel/univention_saml.conf
File: /etc/default/heimdal-kdc
File: /etc/cron.d/univention-ldap-server
File: /etc/pam.d/passwd
Multifile: /etc/simplesamlphp/authsources.php
File: /etc/init.d/postfix
File: /etc/nscd.conf
File: /etc/logrotate.d/univention-appcenter
File: /etc/logrotate.d/rsyslog
File: /etc/logrotate.d/univention-directory-reports
File: /etc/pam.d/sshd
File: /etc/security/access-cron.conf
File: /etc/logrotate.d/univention-server-password-change
Multifile: /etc/apache2/sites-available/000-default.conf
File: /etc/ssh/sshd_config
File: /etc/pam.d/kscreensaver
Multifile: /etc/network/interfaces
2565
Restarting univention-s4-connector (via systemctl): univention-s4-connector.service.
16600
Restarting univention-s4-connector (via systemctl): univention-s4-connector.service.
File: /etc/dhcp/dhclient.conf

Waiting for br0 to get ready (MAXWAIT is 2 seconds).
File: /etc/dhcp/dhclient.conf
File: /etc/apt/apt.conf.d/61invoke
File: /etc/libvirt/qemu.conf
File: /etc/pam.d/kcheckpass
File: /etc/locale.gen
Generating locales (this might take a while)...
  en_US.UTF-8... done
  de_DE.UTF-8... done
  vi_VN.UTF-8... done
Generation complete.
File: /etc/init.d/networking
File: /etc/default/grub
Generating grub configuration file ...
Found background: /boot/grub/uniboot.png
Found background image: /boot/grub/uniboot.png
Found linux image: /boot/vmlinuz-4.9.0-11-amd64
Found initrd image: /boot/initrd.img-4.9.0-11-amd64
Found linux image: /boot/vmlinuz-4.9.0-9-amd64
Found initrd image: /boot/initrd.img-4.9.0-9-amd64
Found linux image: /boot/vmlinuz-4.9.0-6-amd64
Found initrd image: /boot/initrd.img-4.9.0-6-amd64
Found memtest86+ image: /memtest86+.bin
done
File: /etc/freeradius/3.0/mods-available/ldap
File: /etc/init.d/rpcbind
File: /etc/default/ntpdate
File: /etc/security/access-kde.conf
File: /etc/cron.d/univention-virtual-machine-manager-daemon
File: /etc/security/access-gdm.conf
File: /etc/init.d/nagios-nrpe-server
File: /etc/logrotate.d/heimdal-kdc
File: /etc/hostname
File: /etc/pam.d/other
File: /etc/rsyslog.d/univention-admin-diary-client.conf
File: /etc/bind/named.conf.samba4
File: /etc/runit/univention-directory-notifier/run
File: /etc/pam.d/common-auth-nowrite
File: /etc/pam.d/chsh
File: /etc/default/keyboard
File: /etc/network/if-down.d/bind9
File: /usr/share/univention-management-console/meta.json
File: /etc/issue
Multifile: /etc/postfix/ldap.virtual_mailbox
File: /etc/issue.net
File: /etc/runit/univention-directory-listener/run
File: /etc/init.d/quotarpc
Module: create_portal_entries
File: /etc/pam.d/rsh
Multifile: /etc/postfix/ldap.external_aliases
File: /etc/pam.d/su
Multifile: /etc/postfix/ldap.saslusermapping
File: /etc/logrotate.d/univention-system-setup
File: /etc/logrotate.conf
File: /boot/boot.msg
Multifile: /etc/postfix/ldap.groups
File: /etc/apache2/mods-available/ssl.conf
File: /etc/default/quota
File: /etc/cron.d/univention-config-registry-backup
File: /etc/apache2/ucs-sites.conf.d/ucs-sites.conf
File: /etc/mailname
File: /etc/init.d/rdate
File: /etc/profile
File: /etc/security/access-sudo.conf
File: /etc/default/docker
File: /etc/univention/uvmmd.ini
Multifile: /etc/samba/smb.conf
File: /etc/freeradius/3.0/proxy.conf
File: /etc/security/access-other.conf
Script: /etc/univention/templates/scripts/samba.local.config.py
File: /etc/apt/mirror.list
File: /etc/inputrc
File: /etc/default/apache2
File: /etc/apache2/sites-available/univention.conf
File: /etc/security/access-chsh.conf
File: /etc/apache2/sites-available/univention-server-overview.conf
File: /etc/welcome.msg
File: /etc/systemd/system/libvirtd.service.d/ucr.conf
File: /etc/pam.d/samba
File: /etc/logrotate.d/univention-directory-listener
File: /etc/default/libvirtd
File: /etc/plymouth/plymouthd.conf
File: /etc/freeradius/3.0/sites-available/default
File: /etc/nagios-plugins/config/univention-uvmmd.cfg
Module: xkbKeyboard
File: /etc/logrotate.d/univention-directory-policy
File: /etc/modprobe.d/vmgfx.conf
File: /etc/libnss-ldap.conf
File: /etc/default/nfs-common
File: /etc/freeradius/3.0/mods-available/mschap
Multifile: /etc/postfix/ldap.sharedfolderlocal_aliases
File: /etc/rsyslog.conf
File: /etc/systemd/system/docker.service.d/http-proxy.conf
File: /etc/logrotate.d/univention-admindiary
File: /etc/cron.d/univention-updater-check
File: /etc/init.d/slapd
File: /etc/apache2/mods-available/proxy.conf
File: /etc/security/packetfilter.d/20_docker.sh
File: /etc/security/access-rsh.conf
File: /etc/init.d/isc-dhcp-server
File: /etc/apt/sources.list.d/20_ucs-online-component.list
File: /etc/security/limits.conf
File: /etc/logrotate.d/univention-ssl
File: /usr/share/univention-management-console/modules/apps.xml
File: /etc/udev/rules.d/99-uvmm-node-kvm.rules
File: /etc/logrotate.d/univention-join
File: /usr/share/univention-portal/apps.json
File: /etc/default/libvirt-guests
Multifile: /etc/ldap/slapd.conf
File: /etc/logrotate.d/univention-s4-connector
File: /etc/nagios-plugins/config/univention-samba.cfg
File: /usr/share/univention-heimdal/check_cracklib.py
File: /etc/security/access-login.conf
File: /etc/security/access-ftp.conf
File: /etc/apt/apt.conf.d/55user_agent
File: /etc/heimdal-kdc/kadmind.acl
File: /etc/pam.d/common-account
File: /etc/bind/named.conf
File: /etc/logrotate.d/univention-maintenance
File: /etc/init.d/nscd
File: /etc/pam.d/kde
File: /etc/apache2/conf-available/univention-system-setup.conf
File: /etc/apt/sources.list.d/15_ucs-online-version.list
Multifile: /etc/postfix/ldap.virtualdomains
File: /etc/pam.d/rlogin
File: /etc/apache2/conf-available/ucs.conf
Multifile: /etc/postfix/ldap.sharedfolderlocal
File: /etc/freeradius/3.0/sites-available/inner-tunnel
Multifile: /etc/postfix/ldap.virtual
File: /etc/apt/apt.conf.d/80proxy
File: /etc/logrotate.d/univention-directory-manager
File: /usr/share/univention-web/js/umc/hooks.json
File: /etc/cron.d/univention-samba4-backup
File: /etc/freeradius/3.0/mods-available/eap
File: /etc/aliases
File: /etc/apache2/conf-available/univention-web.conf
File: /etc/security/pam_env.conf
File: /etc/univention/service.info/services/univention-appcenter.cfg
File: /etc/univention/directory/reports/config.ini
File: /etc/pam.d/ftp

IT-Bizz · October 28, 2019, 7:02am

and the final results:

~# univention-directory-listener-ctrl resync samba-shares
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
listener shutdown done
~# univention-directory-listener-ctrl resync samba-shares
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
waiting for listener modules to finish
listener shutdown done

This didn’t change, even after a reboot

Also with the two options, from the older topic, ucr set listener, no changes in output, however, now all config files from /etc/samba/shares.conf.d are gone, just deleted.

a new share created: again, the folder only created with root:Domain Users

and here my listener log:

 GNU nano 2.7.4                                File: /var/log/univention/listener.log                                          

20.10.19 07:41:35.830  LISTENER    ( ERROR   ) : failed to connect to any notifier
20.10.19 07:41:35.830  LISTENER    ( WARN    ) : can not connect any server, retrying in 30 seconds
20.10.19 07:42:05.831  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.server:7389
20.10.19 07:42:05.831  LDAP        ( PROCESS ) : connecting to ldap://a.nother.server:7389
20.10.19 07:42:22.913  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.$
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/samba4-idmap.py", line 57, in <module>
    lp.load('/etc/samba/smb.conf')
RuntimeError: Unable to load file /etc/samba/smb.conf
20.10.19 07:42:22.914  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.$
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=a.nother.server port=7389 base=dc=nother,dc=server
UNIVENTION_DEBUG_END    : uldap.__open host=a.nother.server port=7389 base=dc=nother,dc=server
20.10.19 13:00:14.752  LISTENER    ( WARN    ) : received signal 15
21.10.19 07:41:36.450  DEBUG_INIT
21.10.19 07:41:36.471  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.server:7389
21.10.19 07:41:36.471  LDAP        ( PROCESS ) : connecting to ldap://a.nother.server:7389
21.10.19 07:41:36.482  LISTENER    ( ERROR   ) : failed to connect to any notifier
21.10.19 07:41:36.482  LISTENER    ( WARN    ) : can not connect any server, retrying in 30 seconds
21.10.19 07:42:06.483  LISTENER    ( WARN    ) : Notifier/LDAP server is a.nother.server:7389
21.10.19 07:42:06.483  LDAP        ( PROCESS ) : connecting to ldap://a.nother.server:7389
21.10.19 07:42:23.051  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.$
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/samba4-idmap.py", line 57, in <module>
    lp.load('/etc/samba/smb.conf')
RuntimeError: Unable to load file /etc/samba/smb.conf
21.10.19 07:42:23.051  LISTENER    ( ERROR   ) : import of filename=/usr/lib/univention-directory-listener/system/samba4-idmap.$
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=a.nother.server port=7389 base=dc=nother,dc=server
UNIVENTION_DEBUG_END    : uldap.__open host=a.nother.server port=7389 base=dc=nother,dc=server
21.10.19 13:00:14.685  LISTENER    ( WARN    ) : received signal 15
22.10.19 07:41:37.846  DEBUG_INIT

PS: language is no problem, I speak German/English same as native

Moritz_Bunkus · October 28, 2019, 7:50am

The lines from listener.log are from a week ago. Are you sure you’re showing us the latest messages (= the end of the file)?

Is the listener running at all? Check with sv status univention-directory-listener and post its output here, please.

Please also show us the content of /etc/samba/smb.conf

IT-Bizz · October 28, 2019, 8:02am

Sorry, was not on purpose. As the log is to big and character here are limited, please see the whole log on: http://it-bizz.net/mylog,

Moritz_Bunkus · October 28, 2019, 8:05am

From your log:

28.10.19 14:05:01.571  LISTENER    ( ERROR   ) : samba-shares: rename/create of sharePath for cn=alien,cn=shares,dc=nother,dc=server failed (WARNING: the path '/home-cesar/alien' for the share 'alien' matches a blacklisted path. The whitelist can be extended via the UCR variables listener/shares/whitelist/.)

All of your shares are on paths that are blacklisted. This is the same issue I was talking about in the post I linked to earlier. You can follow the recommendation in it (= setting certain UCR variables which will whitelist your share locations).

Knappe · October 28, 2019, 8:35am

the linked post helped, so I could solve the problem.

But the problems

no info to the user, if anything went wrong during the config of shares (see this thread)
never erased a shared dir (checkbox marked or not)

persist and should be fixed.

Moritz_Bunkus · October 28, 2019, 8:39am

Feel free to open bug reports for those points.

IT-Bizz · October 28, 2019, 8:41am

ok, I have tried and tested now:
1- I did add my line via cli ucr set ‘listener/shares/whitelist/var=/home-*’ , it appears as whitelisted location in the Univention Configuration Registry
2- univention-directory-listener-ctrl resync samba-shares
3- created a new test share in my usual (/home-cesar/test)
4- no config file in /etc/samba/shares.conf.d# created
5- owner and group owner in the settings are NOT applied to the directory, just defaulted back to root:Domain Users with 755
The same, as before. The blacklist seems to me not the cause

IT-Bizz · October 28, 2019, 8:54am

I am now a bit further, hope it helps
I did add :/home- to the default directories, univention-directory-listener-ctrl resync samba-shares and systemctl restart smbd nmbd
This created the actual folder correctly as set with owner: group
Still missing are the config files in /etc/samba/shares.conf.d#

I will upload the listener log again to http://it-bizz.net/mylog,
log updated

Knappe · October 28, 2019, 9:20am

done:

Moritz_Bunkus · October 28, 2019, 9:42am

Yeah, seems like the listener module’s code won’t re-create the file unless something in the share’s configuration is changed. You’ll have to edit each share, change anything in it, save, change it back.

IT-Bizz · October 28, 2019, 9:43am

Finally, the adding of my path: /home-* did succeed. All the config files are also back again (yes, they where gone) in /etc/samba/shares.conf.d ALL back now and working for me again.

ocr var: listener/shares/whitelist/defaults /home/:/opt/:/run/:/media/:/mnt/:/srv/:/home-* :/home-*

Thank you
***** support

IT-Bizz · October 28, 2019, 9:46am

This is no problem, as old shares still remained working and only new ones ‘not ready’