If SMB over tcp is not running (port 445), then samba-tool domain backup online --server localhost --targetdir=backup will fail with an exception. It crashes when trying to backup the sysvol. My suggestion is to add a try and except block on line 278 to catch the exception. I can provide a patch file, or make a pull request. If you want.
> I can provide a patch file, or make a pull request. If you want. A patch is good. It would also be good to see the traceback.
Created attachment 18339 [details] Patch to ignore sysvol backup when smb is not running Adding a try and except when trying to connect to smb share sysvol.
Here is the exception. Note that the exception comes from another version of Samba, I think 4.13.x, but it is still the same problem in the latest version. Connecting to 192.168.10.1 at port 445 ERROR(runtime): uncaught exception - (3221226038, 'The transport-connection attempt was refused by the remote system.') File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py, line 186, in _run return self.run(*args, **kwargs) File "/usr/lib/python3/dist-packages/samba/netcmd/domain_backup.py", line 271, in run smb_conn = smb_sysvol_conn(server, lp, creds) File "/usr/lib/python3/dist-packages/samba/netcmd/domain_backup.py", line 116, in smb_sysvol_conn return libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds, sign=True)
(In reply to Thomas Karlsson from comment #3) In what situation does that happen? A Windows DC only providing QUIC? A backup without the sysvol content is useless. I think we should not silently ignore the error, an explicit --no-sysvol options would be ok if needed.
(In reply to Stefan Metzmacher from comment #4) I only use Samba AD for authentication and authorisation (group handling) and not client management, so sysvol isn't used. These options are in the smb.conf server services = rpc, ldap, cldap, kdc, drepl, kcc, dnsupdate The backup fails with these services. I think the backup still is relevant without sysvol. For example the users and dns.
(In reply to Thomas Karlsson from comment #5) Ok, then an explicit --no-sysvol would work...
Created attachment 18364 [details] Patch to enable a new option --no-sysvol for backup Made a patch to enable the new option --no-sysvol