I replaced my aging server with a new one, a completely new build, (so perhaps "replaced" would be more accurate than "upgraded") but of course I harvested all the old config files, etc, and the only important function I didn't get going was samba.
I've worked at this for many days now and even upgraded today to Fedora Server 5.7.11-200.fc32.x86_64 to be sure there wasn't some bug now fixed. There were absolutely no installation errors or update errors. And, for what it's worth, there are a dozen or so samba packages:
samba-dc-provision-4.12.5-0.fc32.noarch
samba-test-libs-4.12.5-0.fc32.x86_64
samba-winbind-clients-4.12.5-0.fc32.x86_64
samba-libs-4.12.5-0.fc32.x86_64
samba-winbind-4.12.5-0.fc32.x86_64
samba-dc-bind-dlz-4.12.5-0.fc32.x86_64
samba-winbind-krb5-locator-4.12.5-0.fc32.x86_64
samba-common-tools-4.12.5-0.fc32.x86_64
samba-devel-4.12.5-0.fc32.x86_64
python3-samba-dc-4.12.5-0.fc32.x86_64
samba-dc-libs-4.12.5-0.fc32.x86_64
samba-vfs-cephfs-4.12.5-0.fc32.x86_64
python3-samba-4.12.5-0.fc32.x86_64
samba-krb5-printing-4.12.5-0.fc32.x86_64
samba-vfs-glusterfs-4.12.5-0.fc32.x86_64
samba-winbind-modules-4.12.5-0.fc32.x86_64
samba-client-libs-4.12.5-0.fc32.x86_64
samba-4.12.5-0.fc32.x86_64
samba-pidl-4.12.5-0.fc32.noarch
samba-client-4.12.5-0.fc32.x86_64
samba-common-libs-4.12.5-0.fc32.x86_64
samba-common-4.12.5-0.fc32.noarch
samba-dc-4.12.5-0.fc32.x86_64
samba-test-4.12.5-0.fc32.x86_64
I've tried to do my homework but I can find no examples of anything helpful in search engines. I've tried more configuration file contents than I can even remember - certainly MANY dozens, or a hundred+, depending on how you count. It's probably not fruitful of our time for me to post a variety of configuration files, but for an example configuration that I was hopeful should work and is intended for Fedora 32, please see the link about that below. However, the old configuration data is found below.
The error message is identical no matter what the config file says - so far at least:
At this time the 'samba' binary should only be used for either:
'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote'
You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks
[2020/08/02 15:48:33.190413, 0] ../../lib/util/become_daemon.c:121(exit_daemon)
exit_daemon: daemon failed to start: Samba detected misconfigured 'server role' and exited. Check logs for details, error code 22
Of course, this comes first from the journalctl program, then also, identically, from one of the logs in /var/log/samba/ and after reading every one of them to be sure, there is no further information to be found from there, contrary to the smug suggestion in the message.
The first thing I did was try to figure out what this was trying to say:
You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks
I've followed up, best I can, about smbd, nmbd, and winbindd, but no, these cannot be simply started, as stated, and apparently one needs a PhD to figure out how to deal with them on Fedora - or maybe I just don't understand what the heck I'm reading, though I'm no newbie. Interestingly, following any boot, there's two winbind processes:
/usr/sbin/winbindd --foreground --no-process-group
But my clients cannot connect at all. And, best I can figure, that's for a domain controller we don't want anyway, and nmdb seems to be a NetBios tool and I have no idea how that helps with serving Linux files to Windows. And as for smbd, YES! That sounds for all the world like what we've been using for all these years! BUT... I haven't found ANYTHING about it - I even asked dnf to install it! No, sorry, it's ephemeral, unfortunately.
To be clear about that, I thought SURELY smbd was what's needed, but no, neither of these work:
# systemctl start smbd
Failed to start smbd.service: Unit smbd.service not found.
# dnf install smbd
Last metadata expiration check: 1:27:03 ago on Mon 03 Aug 2020 08:08:24 AM PDT.
No match for argument: smbd
Error: Unable to find a match: smbd
I'd be delighted to try something else along these lines - suggestions welcome! (Notably, I tried to install "samba*" thinking maybe there was a package missing and there was, samba-winexe-2:4.12.5-0.fc32.x86_64, so of course I installed it. systemctl start smbd still did nothing, but there was an image winexe added, but it has no man page and systemctl didn't do anything with it either. However:
# winexe -h
winexe version 4.12
This program may be freely redistributed under the terms of the GNU GPLv3
Usage: winexe [OPTION]... //HOST[:PORT] COMMAND
Options:
-h, --help Display help message
-V, --version Display version number
-U, --user=[DOMAIN/]USERNAME[%PASSWORD] Set the network username
-A, --authentication-file=FILE Get the credentials from a file
-N, --no-pass Do not ask for a password
-k, --kerberos=[yes|no] Use Kerberos
-d, --debuglevel=DEBUGLEVEL Set debug level
--uninstall Uninstall winexe service after
remote execution
--reinstall Reinstall winexe service before
remote execution
--runas=[DOMAIN\]USERNAME%PASSWORD Run as the given user (BEWARE:
this password is sent in
cleartext over the network!)
--runas-file=FILE Run as user options defined in a
file
--interactive=0|1 Desktop interaction: 0 -
disallow, 1 - allow. If allow,
also use the --system switch
(Windows requirement). Vista
does not support this option.
--ostype=0|1|2 OS type: 0 - 32-bit, 1 - 64-bit,
2 - winexe will decide.
Determines which version (32-bit
or 64-bit) of service will be
installed.
This is intriguing but I couldn't figure out what to do with it exactly, what it's for. So, I moved on.
Then, I focused on the obvious changes one might think could work for "server role", an checked the documentation and spent countless hours searching for a solution to the "server role" problem online. I've tried so many variations - not just of "server role" but of entire configuration files - I can't even recall them all. And, the documentation mostly appears to be very old, but I did think this was current, yet it produced no useful results. I tried hard, but did I overlook something? MAYBE I'm not expert enough in the windows world to know what they're saying? Can, for example, domain controllers ONLY serve directories like I'm familiar with? I thought that's exactly what I DON'T want.
In the extensive web searchs, the only thing close can be found here. It's for Fedora 32 but their example doesn't work for me - the server won't start OR give helpful error messages.
What Is Needed Of Samba:
In the 20+ years Samba has been installed here, it has provided perfect services rather like NFS, serving Linux directories to Windows boxes on a local network using the Workgroup paradigm. Domains are NOT helpful and not desired at all, though the printer support was useful. The system must have read and write access, a simple but effective username / password scheme, and honor permissions reasonably well. For maybe 24 years - I've lost track - Samba has served that role in this shop. And yes, the systems are all older, like Windows 7, and we don't care at all about domain controllers - find it rather authoritarian and dictatorial, nothing we want. (Or do we?)
It's worth adding that this is on an internal-only network and SE linux isn't an issue - the server won't even start!
So, does a simple system upgrade end our relationship with Samba - and force us to maybe reconsider windows?! (This is maddening.)
OLD CONFIGURATION:
Commenter Michael Hampton wants to see the old config, though I don't see the pertinence since I'll run with ANY configuration file that lets the server start and just re-do the configuration the modern way. But, for those like Michale, here you go - first, the system:
Server: 3.19.3-200.fc21.x86_64
Packages:
samba-winbind-4.1.17-1.fc21.x86_64
samba-client-4.1.17-1.fc21.x86_64
samba-libs-4.1.17-1.fc21.x86_64
system-config-samba-1.2.100-3.fc21.noarch
samba-common-4.1.17-1.fc21.x86_64
samba-winbind-modules-4.1.17-1.fc21.x86_64
samba-4.1.17-1.fc21.x86_64
Configuration file data - from testparm, which is how you did it back in those days:
Server role: ROLE_STANDALONE
[global]
workgroup = OurWorkgroup
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
idmap config * : backend = tdb
cups options = raw
[printers]
comment = All Printers
path = /var/spool/samba
guest ok = Yes
printable = Yes
print ok = Yes
browseable = No
[Share1]
path = /opt/samba/Share1
username = fred clara
write list = fred, clara
read only = No
The little bit you can't / don't get from testparm:
security = user
bassdb backend = tdbsam
OK, that's it - there is nothing else. And I mean NOTHING else in the config file. There's a lot more stuff in the config file that's commented out, but, well, it's commented out!
