View Issue Details

IDProjectCategoryView StatusLast Update
0016929CentOS-8ipa-serverpublic2020-05-07 15:32
Reporteropoplawski Assigned To 
Status acknowledgedResolutionopen 
Product Version8.1.1911 
Summary0016929: ipa-server-trust-ad appears to built with the incorrect samba version

# pdbedit -s /dev/null -b ipasam -d5

errors with:

Attempting to find a passdb backend to match ipasam (ipasam)
No builtin backend found, trying to load plugin
load_module_absolute_path: Probing module '/usr/lib64/samba/pdb/'
Error loading module '/usr/lib64/samba/pdb/': /usr/lib64/samba/pdb/ undefined symbol: DEBUGLEVEL_CLASS seems to suggest that it was build with the wrong samba version
TagsNo tags attached.




2020-01-15 23:36

reporter   ~0036028

Indeed - shows that it was built with samba 4.9.1-8.el8


2020-01-15 23:48

reporter   ~0036029

I'll note that RHEL 8.1 appears to have a newer version of ipa in DL1: 4.8.0-13.module+el8.1.0+4923+c6efe041


2020-01-23 15:20

reporter   ~0036102

do you have found a workaround? btw. can i offer help here? what is needed to do to fix it?

compile the freeipa sources with the right samba version?


2020-01-23 15:33

reporter   ~0036103

My workaround was to install the RHEL8.1 packages :(. Re-compiling the ipa rpm with the proper deps would do it - though modules greatly complicates things here.


2020-01-23 19:14

reporter   ~0036108

The -13 still is compiled against the old samba 4.9.1 (why?). The workaround that works for me is to dnf downgrade samba back to 4.9.1. And then the samba service runs for ipa.service.


2020-02-17 08:28

reporter   ~0036296

My vote would go marking this as 'urgent'
If you integrate Samba with ipa-adtrust-install then "smb" service will fail to start.
regards, L.


2020-02-23 17:15

reporter   ~0036366

I have the same problem.


2020-02-23 17:17

reporter   ~0036367

Anothe solutions is copy file from RHEL 8.1 or OL 8.1


2020-02-24 16:38

reporter   ~0036369

i wouldn't recommend to use libs from other systems like this, there are reasons why they get compiled for each distro and their flavours

dnf install // downgrade samba-4.9.1 is the better way i think until this is resolved


2020-04-11 17:47

reporter   ~0036679

I'm rather surprised this has not been fixed yet. It has been 3 months since originally reported, and it leads to a fatal non-working component.


2020-04-11 20:31

reporter   ~0036681

This bug is marked as urgent, yet, nothing has been done for the packages since January 21, which was only debranding. The builds are still against samba 4.9.1 when they shouldn't be. It would be nice to know why the build environment hasn't been fixed and the packages rebuilt.


2020-04-18 09:03

administrator   ~0036707

Reminder sent to: bstinson



2020-04-28 21:03

reporter   ~0036802

I hope this gets fixed in CentOS 8.2 builds.


2020-05-05 10:59

reporter   ~0036871

just to note that samba-4.9.1 seems to got removed from the mirrors ...

so the workaround

# dnf downgrade samba-4.9.1
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:00:26 ago on Tue May 5 10:54:57 2020.
No package samba-4.9.1 available.
Error: No packages marked for downgrade.

isn't working anymore, this means this bug is hyper critical due to this its not possible to setup new repliacs on centos 8.1 if the cluster is in an adtrust


2020-05-06 07:38

reporter   ~0036875

The only workaround which works but not recommended is to put from red hat 8.1 or OL8.1 package to directory. After that my freeipa instance with trust work fine for me. I have two freeipa servers with trust agent and two AD replicas. seem to woks for me. I am using this method 2 month already.


2020-05-06 11:02

reporter   ~0036876

This is how i fixxed it, thanks to

he pointed out this link:

so i was able to get all packages i needed from there and install it via:

i checked the installed packages which ipa installs by default (rpm -qa | grep 4.10.4) this listed me all packages related to samba, all those packages i downloaded from the mirror above, baked into ansible and roll them out like:

- name: Copy samba 4.9.1 rpms to server
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     - { src: "libwbclient-4.9.1.rpm", dest: "/tmp/libwbclient-4.9.1.rpm" }
     - { src: "samba-4.9.1.rpm", dest: "/tmp/samba-4.9.1.rpm" }
     - { src: "samba-client-libs-4.9.1.rpm", dest: "/tmp/samba-client-libs-4.9.1.rpm" }
     - { src: "samba-libs-4.9.1.rpm", dest: "/tmp/samba-libs-4.9.1.rpm" }
     - { src: "samba-common-libs-4.9.1.rpm", dest: "/tmp/samba-common-libs-4.9.1.rpm" }
     - { src: "samba-common-4.9.1.rpm", dest: "/tmp/samba-common-4.9.1.rpm" }
     - { src: "samba-common-tools-4.9.1.rpm", dest: "/tmp/samba-common-tools-4.9.1.rpm" }
     - { src: "samba-winbind-modules-4.9.1.rpm", dest: "/tmp/samba-winbind-modules-4.9.1.rpm" }
     - { src: "python3-samba-4.9.1.rpm", dest: "/tmp/python3-samba-4.9.1.rpm" }
     - { src: "samba-winbind-4.9.1.rpm", dest: "/tmp/samba-winbind-4.9.1.rpm" }
     - { src: "libsmbclient-4.9.1.rpm", dest: "/tmp/libsmbclient-4.9.1.rpm" }

- name: Install samba 4.9.1
  shell: rpm --force -U /tmp/*.rpm

now i have the samba version installed on centos 8.1 i need to run successfully an ipa in and adtrust setup


2020-05-07 15:32

developer   ~0036891

We are working on resolving this as part of the 8.2 rebuild effort. Emailing the team members directly is not necessary.

Issue History

Date Modified Username Field Change
2020-01-15 23:30 opoplawski New Issue
2020-01-15 23:36 opoplawski Note Added: 0036028
2020-01-15 23:48 opoplawski Note Added: 0036029
2020-01-16 07:18 toracat Status new => acknowledged
2020-01-23 15:20 elytscha Note Added: 0036102
2020-01-23 15:33 opoplawski Note Added: 0036103
2020-01-23 19:14 Sokel Note Added: 0036108
2020-02-17 08:28 lejeczek Note Added: 0036296
2020-02-23 17:15 zerocool Note Added: 0036366
2020-02-23 17:17 zerocool Note Added: 0036367
2020-02-24 16:38 elytscha Note Added: 0036369
2020-04-11 17:47 alatteri Note Added: 0036679
2020-04-11 20:31 Sokel Note Added: 0036681
2020-04-18 09:03 arrfab Note Added: 0036707
2020-04-28 21:03 alatteri Note Added: 0036802
2020-05-05 10:59 elytscha Note Added: 0036871
2020-05-06 07:38 zerocool Note Added: 0036875
2020-05-06 11:02 elytscha Note Added: 0036876
2020-05-07 15:32 carlwgeorge Note Added: 0036891