Scénario #29742: Le parametre 'userPassword schemes = CryptSHA256' fait planter Samba 4.11 (Eole 2.8.0) - Distribution EOLE - Ensemble Ouvert Libre Évolutif

Scénario #29742

Le parametre 'userPassword schemes = CryptSHA256' fait planter Samba 4.11 (Eole 2.8.0)

Ajouté par Gilles Grandgérard il y a environ 4 ans. Mis à jour il y a presque 3 ans.

Statut:

Terminé (Sprint)

Priorité:

Normal

Assigné à:

Joël Cuissinat

Catégorie:

Version cible:

sprint 2021 20-22 Equipe MENSR

Début:

08/01/2021

Echéance:

04/06/2021

% réalisé:

100%

Points de scénarios:

1.0

Restant à faire (heures):

0.00 heure

Estimation basée sur la vélocité:

Release:

EOLE 2.8.0.1

Liens avec la release:

Auto

Description

mettre en commentaire la ligne dans le template smb.conf

A voir : ad_hash_sha_512 et ad_hash_sha_256 ne doivent plus fonctionner non plus !

vu dans le thread Upstream samba :
- mettre le paramètre désactivé dans samba-tool domain provision --use-rfc2307 --option="userPassword schemes ="
- réactiver dans le template
- vérifier. au moment du provisionning le parametre n'est pas actif.

Sous-tâches

Révisions associées

Révision ae2d4ca5 (diff)
Ajouté par gilles.grandgerard il y a environ 4 ans

serPassword schemes = CryptSHA256 fait planter Samba 4.11

REF #29742

Historique

#1 Mis à jour par Gilles Grandgérard il y a environ 4 ans

Statut changé de Nouveau à Résolu

#2 Mis à jour par Joël Cuissinat il y a environ 4 ans

Statut changé de Résolu à En cours
Assigné à mis à Gilles Grandgérard
Tâche parente changé de #29652 à #29749

#3 Mis à jour par Gilles Grandgérard il y a environ 4 ans

https://dev-eole.ac-dijon.fr/jenkins/job/2.8.0/job/test-instance-acadc1-2.8.0-amd64/28/console

00:10:40.362             INFO 2020-03-13 14:30:14,772 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2145: Looking up IPv6 addresses
00:10:40.362             WARNING 2020-03-13 14:30:14,773 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2152: No IPv6 address will be assigned
00:10:40.362             INFO 2020-03-13 14:30:15,278 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2319: Setting up share.ldb
00:10:40.362             INFO 2020-03-13 14:30:15,957 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2323: Setting up secrets.ldb
00:10:40.362             INFO 2020-03-13 14:30:16,114 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2329: Setting up the registry
00:10:40.362             INFO 2020-03-13 14:30:16,361 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2332: Setting up the privileges database
00:10:40.362             INFO 2020-03-13 14:30:16,522 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2335: Setting up idmap db
00:10:40.362             INFO 2020-03-13 14:30:16,734 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2342: Setting up SAM db
00:10:40.363             INFO 2020-03-13 14:30:16,860 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #898: Setting up sam.ldb partitions and settings
00:10:40.363             INFO 2020-03-13 14:30:16,865 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #910: Setting up sam.ldb rootDSE
00:10:40.363             INFO 2020-03-13 14:30:16,903 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1339: Pre-loading the Samba 4 and AD schema
00:10:40.363             Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
00:10:40.363             INFO 2020-03-13 14:30:17,023 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1417: Adding DomainDN: DC=domseth,DC=ac-test,DC=fr
00:10:40.363             INFO 2020-03-13 14:30:17,115 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1449: Adding configuration container
00:10:40.363             INFO 2020-03-13 14:30:17,183 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1464: Setting up sam.ldb schema
00:10:46.372             INFO 2020-03-13 14:30:21,190 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1482: Setting up sam.ldb configuration data
00:10:46.372             INFO 2020-03-13 14:30:21,460 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1523: Setting up display specifiers
00:10:46.372             INFO 2020-03-13 14:30:24,138 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1531: Modifying display specifiers and extended rights
00:10:46.372             INFO 2020-03-13 14:30:24,195 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1538: Adding users container
00:10:46.372             INFO 2020-03-13 14:30:24,198 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1544: Modifying users container
00:10:46.372             INFO 2020-03-13 14:30:24,200 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1547: Adding computers container
00:10:46.372             INFO 2020-03-13 14:30:24,202 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1553: Modifying computers container
00:10:46.372             INFO 2020-03-13 14:30:24,204 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1557: Setting up sam.ldb data
00:10:46.372             INFO 2020-03-13 14:30:24,424 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1587: Setting up well known security principals
00:10:46.372             INFO 2020-03-13 14:30:24,502 pid:10423 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1601: Setting up sam.ldb users and groups
00:10:46.372             ERROR(ldb): uncaught exception - setup_primary_userPassword: generation of a CryptSHA256 password hash failed: (Numerical result out of range)
00:10:46.372               File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run
00:10:46.372                 return self.run(*args, **kwargs)
00:10:46.372               File "/usr/lib/python3/dist-packages/samba/netcmd/domain.py", line 519, in run
00:10:46.372                 result = provision(self.logger,
00:10:46.372               File "/usr/lib/python3/dist-packages/samba/provision/__init__.py", line 2371, in provision
00:10:46.372                 provision_fill(samdb, secrets_ldb, logger, names, paths,
00:10:46.373               File "/usr/lib/python3/dist-packages/samba/provision/__init__.py", line 1958, in provision_fill
00:10:46.373                 samdb = fill_samdb(samdb, lp, names, logger=logger,
00:10:46.373               File "/usr/lib/python3/dist-packages/samba/provision/__init__.py", line 1602, in fill_samdb
00:10:46.373                 setup_add_ldif(samdb, setup_path("provision_users.ldif"), {
00:10:46.373               File "/usr/lib/python3/dist-packages/samba/provision/common.py", line 55, in setup_add_ldif
00:10:46.373                 ldb.add_ldif(data, controls)
00:10:46.373               File "/usr/lib/python3/dist-packages/samba/__init__.py", line 230, in add_ldif
00:10:46.373                 self.add(msg, controls)
00:10:46.373             Impossible de initialiser l'annuaire Active Directory