If SMB over tcp is not running (port 445), then samba-tool domain backup online --server localhost --targetdir=backup will fail with an exception. It crashes when trying to backup the sysvol. My suggestion is to add a try and except block on line 278 to catch the exception. I can provide a patch file, or make a pull request. If you want.
> I can provide a patch file, or make a pull request. If you want. A patch is good. It would also be good to see the traceback.
Created attachment 18339 [details] Patch to ignore sysvol backup when smb is not running Adding a try and except when trying to connect to smb share sysvol.
Here is the exception. Note that the exception comes from another version of Samba, I think 4.13.x, but it is still the same problem in the latest version. Connecting to 192.168.10.1 at port 445 ERROR(runtime): uncaught exception - (3221226038, 'The transport-connection attempt was refused by the remote system.') File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py, line 186, in _run return self.run(*args, **kwargs) File "/usr/lib/python3/dist-packages/samba/netcmd/domain_backup.py", line 271, in run smb_conn = smb_sysvol_conn(server, lp, creds) File "/usr/lib/python3/dist-packages/samba/netcmd/domain_backup.py", line 116, in smb_sysvol_conn return libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds, sign=True)
(In reply to Thomas Karlsson from comment #3) In what situation does that happen? A Windows DC only providing QUIC? A backup without the sysvol content is useless. I think we should not silently ignore the error, an explicit --no-sysvol options would be ok if needed.
(In reply to Stefan Metzmacher from comment #4) I only use Samba AD for authentication and authorisation (group handling) and not client management, so sysvol isn't used. These options are in the smb.conf server services = rpc, ldap, cldap, kdc, drepl, kcc, dnsupdate The backup fails with these services. I think the backup still is relevant without sysvol. For example the users and dns.
(In reply to Thomas Karlsson from comment #5) Ok, then an explicit --no-sysvol would work...
Created attachment 18364 [details] Patch to enable a new option --no-sysvol for backup Made a patch to enable the new option --no-sysvol
Thomas, are you able to provide the --no-sysvol patch using a git commit and `git format-patch`? And also read https://www.samba.org/samba/devel/copyright-policy.html and send in the paperwork mentioned there? You can use something like `git commit -sm "samba-tool domain backup: add --no-sysvol option"`. Also, I am uncertain about this part of it: - # remove the default sysvol files created by the clone (we want to - # make sure we restore the sysvol.tar.gz files instead) - shutil.rmtree(paths.sysvol) [...] + # remove the default sysvol files created by the clone (we want to + # make sure we restore the sysvol.tar.gz files instead) + shutil.rmtree(paths.sysvol) if we are using --no-sysvol, do we want the sysvol files created by the clone, or do we really want no sysvol at all?
I am new to this. Do I attach the "git format-patch" output here in a comment?
(In reply to Thomas Karlsson from comment #9) Adding an attachment is best.
Created attachment 18592 [details] Patch to enable no_sysvol option Patch to enable a new option to exclude sysvol in backup.
Created attachment 18614 [details] git format-patch patch This is the patch in 'git format-patch' form. Thomas, I used your name for authorship and signed-off-by, so please check I didn't do anything wrong.
I think it looks great!
This bug was referenced in samba master: 1d39baf1e7c128d89bfa204ef83d4c61b30a58d9
This bug was referenced in samba master: a65a9e2e34cf02cd10ec9028782f7a43dc6cfebb