Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Several errors when running as instructed #62

Open
bananabr opened this issue May 13, 2024 · 1 comment
Open

Several errors when running as instructed #62

bananabr opened this issue May 13, 2024 · 1 comment

Comments

@bananabr
Copy link

bananabr commented May 13, 2024
edited
Loading

I am running the container according to the docker run example.

docker run -t -i \
    -e "DOMAIN=LAB.LOCAL" \
    -e "DOMAIN_DC=dc=lab,dc=local" \
    -e "DOMAIN_EMAIL=lab.local" \
    -e "DOMAINPASS=*********" \
    -e "DNSFORWARDER=1.1.1.1" \
    -e "HOSTIP=172.16.0.2" \
    -p 172.16.0.2:53:53 \
    -p 172.16.0.2:53:53/udp \
    -p 172.16.0.2:88:88 \
    -p 172.16.0.2:88:88/udp \
    -p 172.16.0.2:123:123 \
    -p 172.16.0.2:123:123/udp \
    -p 172.16.0.2:135:135 \
    -p 172.16.0.2:137-138:137-138/udp \
    -p 172.16.0.2:139:139 \
    -p 172.16.0.2:389:389 \
    -p 172.16.0.2:389:389/udp \
    -p 172.16.0.2:445:445 \
    -p 172.16.0.2:464:464 \
    -p 172.16.0.2:464:464/udp \
    -p 172.16.0.2:636:636 \
    -p 172.16.0.2:3268-3269:3268-3269 \
    -p 172.16.0.2:49152-49172:49152-49172 \
    -v /etc/localtime:/etc/localtime:ro \
    -v /data/docker/containers/samba/data/:/var/lib/samba \
    -v /data/docker/containers/samba/config/samba:/etc/samba/external \
    --dns-search lab.local \
    --dns 172.16.0.2 \
    --dns 1.1.1.1 \
    --add-host fakedc.lab.local:172.16.0.2 \
    -h fakedc \
    --name samba4 \
    --privileged \
    nowsci/samba-domain

These are my runtime logs:

Waiting for log files...
==> /var/log/supervisor/ntpd-stderr---supervisor-rrcof1w9.log <==
MS-SNTP signd operations currently block ntpd degrading service to all clients.
restrict default: KOD does nothing without LIMITED.

==> /var/log/supervisor/ntpd-stdout---supervisor-31xyofmh.log <==
13 May 15:04:03 ntpd[13]: ntp-4 is maintained by Network Time Foundation,
13 May 15:04:03 ntpd[13]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
13 May 15:04:03 ntpd[13]: corporation.  Support and training for ntp-4 are
13 May 15:04:03 ntpd[13]: available at https://www.nwtime.org/support
13 May 15:04:03 ntpd[13]: ----------------------------------------------------
13 May 15:04:03 ntpd[13]: proto: precision = 0.103 usec (-23)
13 May 15:04:03 ntpd[13]: basedate set to 2022-02-04
13 May 15:04:03 ntpd[13]: gps base set to 2022-02-06 (week 2196)
13 May 15:04:03 ntpd[13]: MS-SNTP signd operations currently block ntpd degrading service to all clients.
13 May 15:04:03 ntpd[13]: restrict default: KOD does nothing without LIMITED.

==> /var/log/supervisor/samba-stderr---supervisor-jozcmxrl.log <==
samba version 4.15.13-Ubuntu started.
Copyright Andrew Tridgell and the Samba Team 1992-2021
binary_smbd_main: samba: using 'prefork' process model
dnsupdate_nameupdate_done: Failed DNS update with exit code 5

==> /var/log/supervisor/samba-stdout---supervisor-alfg08b8.log <==

==> /var/log/supervisor/supervisor.log <==
  self.warnings.warn(
2024-05-13 15:04:01,990 CRIT Supervisor is running as root.  Privileges were not dropped because no user is specified in the config file.  If you intend to run as root, you can set user=root in the config file to avoid this message.
2024-05-13 15:04:01,991 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2024-05-13 15:04:01,994 INFO RPC interface 'supervisor' initialized
2024-05-13 15:04:01,995 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2024-05-13 15:04:01,995 INFO supervisord started with pid 10
2024-05-13 15:04:03,001 INFO spawned: 'ntpd' with pid 13
2024-05-13 15:04:03,004 INFO spawned: 'samba' with pid 14
2024-05-13 15:04:04,311 INFO success: ntpd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-05-13 15:04:04,312 INFO success: samba entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

==> /var/log/supervisor/supervisord.log <==
2024-05-13 15:04:01,990 CRIT Supervisor is running as root.  Privileges were not dropped because no user is specified in the config file.  If you intend to run as root, you can set user=root in the config file to avoid this message.
2024-05-13 15:04:01,991 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2024-05-13 15:04:01,994 INFO RPC interface 'supervisor' initialized
2024-05-13 15:04:01,995 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2024-05-13 15:04:01,995 INFO supervisord started with pid 10
2024-05-13 15:04:03,001 INFO spawned: 'ntpd' with pid 13
2024-05-13 15:04:03,004 INFO spawned: 'samba' with pid 14
2024-05-13 15:04:04,311 INFO success: ntpd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-05-13 15:04:04,312 INFO success: samba entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

==> /var/log/supervisor/ntpd-stderr---supervisor-rrcof1w9.log <==
13 May 15:04:13 ntpd[13]: restrict: ignoring line 13, address/host '1.pool.ntp.org' unusable.
13 May 15:04:13 ntpd[13]: restrict: ignoring line 14, address/host '2.pool.ntp.org' unusable.

==> /var/log/supervisor/ntpd-stdout---supervisor-31xyofmh.log <==
13 May 15:04:13 ntpd[13]: switching logging to file /var/log/ntp
13 May 15:04:13 ntpd[13]: Listen and drop on 0 v6wildcard [::]:123
13 May 15:04:13 ntpd[13]: Listen and drop on 1 v4wildcard 0.0.0.0:123
13 May 15:04:13 ntpd[13]: Listen normally on 2 lo 127.0.0.1:123
13 May 15:04:13 ntpd[13]: Listen normally on 3 eth0 172.17.0.2:123
13 May 15:04:13 ntpd[13]: Listening on routing socket on fd #20 for interface updates
13 May 15:04:13 ntpd[13]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
13 May 15:04:13 ntpd[13]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
13 May 15:10:05 ntpd[13]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized

However, trying to run domain.sh info results in:

failed to call wbcDomainInfo: WBC_ERR_DOMAIN_NOT_FOUND
Could not get domain info

Running domain.sh ldapinfo, with valid credentials results in:

SASL/NTLM authentication started
Please enter your authentication name: administrator
Please enter your password: 
ldap_sasl_interactive_bind: Invalid credentials (49)
        additional info: 8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 52e, v1db1

Any suggestions on how to make this functional?

Thank you!
@frasou
Copy link

frasou commented May 14, 2024

First of all, try develop branch. Many issues are solved there. Master is quite outdated and full of bugs. I don't know the reason though, why maintainer is doing such thing.

Concerning NTP, check apparmor on your HOST system, not in the container. Switch off or alter apparmor for NTP. It should work then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bananabr @frasou