Results 1 to 10 of 10

Thread: SAMBA: idmap range not specified for domain '*'

  1. #1

    Default SAMBA: idmap range not specified for domain '*'

    Hi,

    after the complete failure of setting up SAMBA using the YAST tool, which was solved here (but without samba running)
    https://forums.opensuse.org/showthre...ternet-access!

    I have tried it with manual editing the smb.conf file according to this manual:
    https://forums.opensuse.org/content....-Lan-Workgroup

    plus reading through
    https://wiki.samba.org/index.php/Set...ndalone_Server

    This time, nothing bad has happened, however I also don't get any connection to my Windows computers and neither can I see the shared folder from my linux laptop on my Windows computer. Can someone please help me?

    Some checks I found in the net, but unfortunately I couldn't find how to react to the warnings/errors:

    When I use
    Code:
    testparm
    
    to test my smb.conf file, I get the error:
    Code:
    Load smb config files from /etc/samba/smb.conf 
    Loaded services file OK. 
    Weak crypto is allowed 
    
    idmap range not specified for domain '*' 
    ERROR: Invalid idmap range for domain *! 
    
    Server role: ROLE_DOMAIN_MEMBER
    
    
    When I check nmb and smb by
    Code:
    su -c "service nmb status; service smb status"
    
    
    I get nmb.service running, but then further down in the output:
    Code:
    daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface >
    May 14 23:45:24 mylaptop nmbd[3075]: [2022/05/14 23:45:24.685810,  0] ../../source3/nmbd/nmbd_subnetdb.c:252(create_subnets)
    May 14 23:45:24 mylaptop nmbd[3075]:   NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
    May 14 23:45:41 mylaptop systemd[1]: Started Samba NMB Daemon. 
    May 14 23:46:04 mylaptop nmbd[3075]: [2022/05/14 23:46:04.759844,  0] ../../source3/nmbd/nmbd_become_lmb.c:398(become_local_master_stage2)
    May 14 23:46:04 mylaptop nmbd[3075]:   *****
    May 14 23:46:04 mylaptop nmbd[3075]:  
    May 14 23:46:04 mylaptop nmbd[3075]:   Samba name server MYLAPTOP is now a local master browser for workgroup WORKGROUP on subnet 192.168.178.32
    May 14 23:46:04 mylaptop nmbd[3075]:  
    May 14 23:46:04 mylaptop nmbd[3075]:   *****
    
    
    As far as I can tell, I have done everything as written in the above manuals, but here I attach my smb.conf file:

    Code:
    [# smb.conf is the main Samba configuration file. You find a full commented
    # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
    # samba-doc package is installed.
    [global]
        passdb backend = tdbsam
        printing = cups
        printcap name = cups
        printcap cache time = 750
        cups options = raw
        map to guest = Bad User
        logon path = \\%L\profiles\.msprofile
        logon home = \\%L\%U\.9xprofile
        logon drive = P:
        usershare allow guests = No
        netbios name = laptopname
        usershare max shares = 100
        wins support = No
        include = /etc/samba/dhcp.conf
        security = domain
    [homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes
    [MyShare]
        path = /home/myshare/myshare_medien
        comment = MyShare
        guest OK = yes
        guest only = yes
        read only = No
    [profiles]
        comment = Network Profiles Service
        path = %H
        read only = No
        store dos attributes = Yes
        create mask = 0600
        directory mask = 0700
    
    [users]
        comment = All users
        path = /home
        read only = No
        inherit acls = Yes
        veto files = /aquota.user/groups/shares/
    [groups]
        comment = All groups
        path = /home/groups
        read only = No
        inherit acls = Yes
    [printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No
    [print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @ntadmin root
        force group = ntadmin
        create mask = 0664
        directory mask = 0775
    Last edited by malcolmlewis; 14-May-2022 at 18:43. Reason: Fix code tags

  2. #2
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: SAMBA: idmap range not specified for domain '*'

    Quote Originally Posted by flo37 View Post
    ...I also don't get any connection to my Windows computers and neither can I see the shared folder from my linux laptop on my Windows computer. Can someone please help me?
    In order for Windows to discover the samba host "automatically", you would need to use WS-Discovery to advertise it as such. There is wsdd that can perform this function...

    https://build.opensuse.org/package/show/network/wsdd

    Alternatively, just navigate to the share in the file explorer then save it by dragging it to 'Quick Access' (left hand side of file explorer), or right click on it and 'Pin to Quick Access'...
    https://services.dartmouth.edu/TDCli...leDet?ID=70251

    I get nmb.service running, but then further down in the output:
    Code:
    daemon_status: daemon 'nmbd' : No local IPv4 non-loopback interfaces available, waiting for interface >
    May 14 23:45:24 mylaptop nmbd[3075]: [2022/05/14 23:45:24.685810,  0] ../../source3/nmbd/nmbd_subnetdb.c:252(create_subnets)
    May 14 23:45:24 mylaptop nmbd[3075]:   NOTE: NetBIOS name resolution is not supported for Internet Protocol Version 6 (IPv6).
    May 14 23:45:41 mylaptop systemd[1]: Started Samba NMB Daemon.
    This is because the network is not up at the time nmbd is starting up. It could be due to using NetworkManager with a connection that is only activated at the desktop login for example. It is possible to configure so that the network is brought up at boot.
    Last edited by deano_ferrari; 14-May-2022 at 20:06.
    openSUSE Leap 15.3; KDE Plasma 5

  3. #3
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: SAMBA: idmap range not specified for domain '*'

    Quote Originally Posted by flo37 View Post

    Some checks I found in the net, but unfortunately I couldn't find how to react to the warnings/errors:

    When I use
    Code:
    testparm
    
    to test my smb.conf file, I get the error:
    Code:
    Load smb config files from /etc/samba/smb.conf 
    Loaded services file OK. 
    Weak crypto is allowed 
    
    idmap range not specified for domain '*' 
    ERROR: Invalid idmap range for domain *! 
    
    Server role: ROLE_DOMAIN_MEMBER
    
    
    If you're using samba as a standalone server, then remove 'security = domain' from smb.conf.
    openSUSE Leap 15.3; KDE Plasma 5

  4. #4

    Default Re: SAMBA: idmap range not specified for domain '*'

    Hi and thanks Deano Ferrari,

    this got me two steps further.
    I can now connect from my windows laptop to the samba share on my linux laptop (r/w). However, not the other way round, yet.

    This is, what I did according to your advise:
    I removed 'security = domain' from the smb.conf file. testparm now gives
    Code:
    Server role: ROLE_STANDALONE
    
    as expected. And I changed the password storing method for the KDE network manager to "for all users" which seems to lead to a connection at boot. At any rate,
    Code:
    su -c "service nmb status; service smb status" 
    does not give any errors anymore, especially, not the error which is the topic of this post.
    It says:
    Code:
     Samba name server MYLAPTOP is now a local master browser for workgroup WORKGROUP on subnet 192.168.178.32
    
    which I hope is ok. I didn't try WSDD yet, because I understood it only helps, once the SAMBA connection works. I can enter \\MYLAPTOP in the Windows explorer, no problem.

    So, what am I missing to connect from my linux laptop to the windows share? If I browse in KDE Dolphin to "network", only my linux laptop itself appears at "Shared Folders (SMB)". If I enter the "remote" in the address bar:
    Code:
    smb://MYWINDOWSLAPTOP/
    I get
    Code:
    smb://mywindowslaptop/ does not exist.
    I tried small or capital letters, with or without the trailing / and also with adding the shared folder behind. All with the same result.

    Actually, is there a way to connect right from the command prompt, instead of using Dolphin?

    Thank you for your efforts, and kind regards,
    Flo

    PS: I can connect to the windows share from another windows computer.

  5. #5
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: SAMBA: idmap range not specified for domain '*'

    Quote Originally Posted by flo37 View Post
    Hi and thanks Deano Ferrari,

    this got me two steps further.
    I can now connect from my windows laptop to the samba share on my linux laptop (r/w). However, not the other way round, yet.

    This is, what I did according to your advise:
    I removed 'security = domain' from the smb.conf file. testparm now gives
    Code:
    Server role: ROLE_STANDALONE
    
    as expected. And I changed the password storing method for the KDE network manager to "for all users" which seems to lead to a connection at boot. At any rate,
    Code:
    su -c "service nmb status; service smb status" 
    does not give any errors anymore, especially, not the error which is the topic of this post.
    It says:
    Code:
     Samba name server MYLAPTOP is now a local master browser for workgroup WORKGROUP on subnet 192.168.178.32
    
    which I hope is ok. I didn't try WSDD yet, because I understood it only helps, once the SAMBA connection works. I can enter \\MYLAPTOP in the Windows explorer, no problem.
    That reads like progress!

    So, what am I missing to connect from my linux laptop to the windows share? If I browse in KDE Dolphin to "network", only my linux laptop itself appears at "Shared Folders (SMB)". If I enter the "remote" in the address bar:
    Code:
    smb://MYWINDOWSLAPTOP/
    I get
    Code:
    smb://mywindowslaptop/ does not exist.
    I tried small or capital letters, with or without the trailing / and also with adding the shared folder behind. All with the same result.
    That should work if the name resolves ok. I assume that the following will also fail...
    Code:
    nmblookup MYWINDOWSLAPTOP
    Can you reach it by IP address at least?

    If so check the firewall settings.

    BTW, Dolphin should be capable of finding the host "automatically" Network > Shared Folders (SMB) provided the firewall is allowing port 3702 (UDP) for WS-Discovery.

    Actually, is there a way to connect right from the command prompt, instead of using Dolphin?
    Yes, by using smbclient...

    Code:
    smbclient //<server>/<share> -U <user>
    For example...
    Code:
    smbclient //192.168.1.2/Documents -U dean 
    Password for [WORKGROUP\dean]: 
    Try "help" to get a list of possible commands. 
    smb: \>
    openSUSE Leap 15.3; KDE Plasma 5

  6. #6

    Default Re: SAMBA: idmap range not specified for domain '*'

    Thanks. This got me another step further:
    Firstly, I found, I could already connect to the windows share using smbclient, the ip address and username/pwd (although the windows share should be with guest access, it didn't work without username/pwd using --no-pass).

    After opening the port 3702 (UDP) on the firewall as you suggested (using YAST>Firewall), I can now also connect to the windows share using
    Code:
    smbclient //windowslaptop/windowsshare -U username
    However, I can still not connect using Dolphin. There is a little progress: I can now see the windowslaptop under Network>Shared Folders (SMB), but when I click on it, I still get the error message
    Code:
      The file or folder smb://windowslaptop/ does not exist.
    While the address line now reads
    Code:
    smb://windowslaptop.kio-discovery-wsd/
    Likewise, if I enter
    Code:
    smb://windowslaptop/windowsshare or
    smb://ip-address/windowsshare
    in the address line.

    PS: The other way round i.e. from Windows accessing the Linux share still works. Apparently, WSDD was already installed by the TW default installation process. Browsing to the Linux laptop in the Windows explorer still does not work, however, I could connect it as a network-directory (with a "LETTER:") with auto-connect at boot.

  7. #7
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: SAMBA: idmap range not specified for domain '*'

    Quote Originally Posted by flo37 View Post
    Thanks. This got me another step further:
    Firstly, I found, I could already connect to the windows share using smbclient, the ip address and username/pwd (although the windows share should be with guest access, it didn't work without username/pwd using --no-pass).
    I get the same, but any username/password supplied works (the Windows share is shared for 'Everyone')

    After opening the port 3702 (UDP) on the firewall as you suggested (using YAST>Firewall), I can now also connect to the windows share using
    Code:
    smbclient //windowslaptop/windowsshare -U username
    No, smbclient isn't aware of WS-Discovery, and not relevant to connectivity in any way.

    However, I can still not connect using Dolphin. There is a little progress: I can now see the windowslaptop under Network>Shared Folders (SMB), but when I click on it, I still get the error message
    Code:
      The file or folder smb://windowslaptop/ does not exist.
    While the address line now reads
    Code:
    smb://windowslaptop.kio-discovery-wsd/
    Ok, so the Windows host is discovered using WS-Discovery at least. When you click on the above are you not presented with the shares after a few seconds?

    Likewise, if I enter
    Code:
    smb://windowslaptop/windowsshare or
    smb://ip-address/windowsshare
    in the address line.
    For me that just works. Something missing from your KDE install perhaps?
    openSUSE Leap 15.3; KDE Plasma 5

  8. #8
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: SAMBA: idmap range not specified for domain '*'

    Just in case you've been impacted by the this...
    https://forums.opensuse.org/showthre...t-work-anymore
    openSUSE Leap 15.3; KDE Plasma 5

  9. #9

    Default Re: SAMBA: idmap range not specified for domain '*'

    Quote Originally Posted by deano_ferrari View Post
    I get the same, but any username/password supplied works (the Windows share is shared for 'Everyone')
    Yes. Here too. From another windows laptop it works without username/password, though.


    Quote Originally Posted by deano_ferrari View Post
    No, smbclient isn't aware of WS-Discovery, and not relevant to connectivity in any way.
    Oh. So
    Code:
    smbclient //windowslaptop/windowsshare -U ...
    would have worked before opening the port? Perhaps, I didn't try.

    Quote Originally Posted by deano_ferrari View Post
    Ok, so the Windows host is discovered using WS-Discovery at least. When you click on the above are you not presented with the shares after a few seconds?
    For me that just works. Something missing from your KDE install perhaps?
    Unfortunately no. Not even after minutes. And what's the part that could be missing? It's a pretty fresh install.

    Kind regards,

    Flo

  10. #10

    Default Re: SAMBA: idmap range not specified for domain '*'

    Quote Originally Posted by deano_ferrari View Post
    Just in case you've been impacted by the this...
    https://forums.opensuse.org/showthre...t-work-anymore
    Perhaps. Thanks for bringing it to my attention.
    I'll write a comment into that thread.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •