Perhaps it can help you: http://lists.samba.org/archive/samba/2010-October/158629.html
----------------------------------------------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: [email protected] Internet: www.tropenklinik.de ----------------------------------------------- -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Scott Carradice Gesendet: Mittwoch, 26. Januar 2011 16:25 An: [email protected] Betreff: [Samba] The RPC server is unavailable I have used the Samba4 Howto as a guide. I am using OpenSuse 11.3 and the Samba version is: 4.0.0alpha15-GIT-61f7d7c. Everything was working as intended after installation. I did a fresh install on another computer of Windows 7. Joined my freshly made domain. Installed the remote administration tools. Created three users for testing with the remote admin tool - "Active Directory Users and Computers" All users log in fine. I install OpenSuse 11.3 on another computer and during install I select the Windows Active Directory for user information. This works and my three users can sign in on the OpenSuse machine. I noticed that the computer was not set up in Bind like my Windows 7 machine was automatically. First Question: Is the best way to correct this to Stop bind, enter machine into zone file and start bind? Or is this something that is expected to work like the Windows 7 machine? I then went back to the Windows 7 machine and tried to change one of the users passwords. No matter what I tried, I can not get passed the message that the password is unable to change due to the strength ( The value provided does not meet the length, complexity ... etc ). I am pretty sure this is due to the minimum duration of a password. After I waited a day I was able to change the password once and then not again ( need another day ). The first time I could not change my password I decided to see if I could change the minimum duration with the remote tool "Active Directory Users and Computers". But now when I run this I get the error: "Naming information cannot be located because: The RPC server is unavailable. Contact you system administrator ... " Running using the command: samba -i -M single -d 3 Gives this error when trying to use the remote admin tool: using SPNEGO Selected protocol [5][NT LM 0.12] Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_ DISCONNECTED' single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] Question 2: What is the cause of this? Is the domain corrupt or is there a fix other than reinstall? Any other debug information I can provide that would be useful? >From the Windows 7 machine running: dcdiag /v /s: ... results are below. Thank you for any help, Scott Directory Server Diagnosis Performing initial setup: * Connecting to directory service on server base.mytestdomain.ca. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mytestdomain,DC=ca,LD AP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mytestdomai n,DC=ca Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mytestdomain,DC=ca,LD AP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. Got error while checking if the DC is using FRS or DFSR. Error: There is no such object on the server.The VerifyReferences, FrsEvent and DfsrEvent tests might fail because of this error. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\BASE Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity * Active Directory RPC Services Check ......................... BASE passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\BASE Starting test: Advertising Fatal Error:DsGetDcName (BASE) call failed, error 1722 The Locator could not find the server. Printing RPC Extended Error Info: Error Record 1, ProcessID is 1996 (DcDiag) System Time is: 1/24/2011 14:58:43:619 Generating component is 2 (RPC runtime) Status is 1722 The RPC server is unavailable. Detection location is 193 Error Record 2, ProcessID is 1996 (DcDiag) System Time is: 1/24/2011 14:58:43:619 Generating component is 5 (redirector) Status is 1359 An internal error occurred. Detection location is 190 NumberOfParameters is 2 Long val: 1441792 Unicode string: \\BASE\PIPE\NETLOGON ......................... BASE failed test Advertising Test omitted by user request: CheckSecurityError Test omitted by user request: CutoffServers Starting test: FrsEvent * The File Replication Service Event log test ......................... BASE passed test FrsEvent Starting test: DFSREvent The DFS Replication Event Log. Skip the test because the server is running FRS. ......................... BASE passed test DFSREvent Starting test: SysVolCheck * The File Replication Service SYSVOL ready test The SysVol is not ready. This can cause the DC to not advertise itself as a DC for netlogon after dcpromo. Also trouble with FRS SysVol replication can cause Group Policy problems. Check the FRS event log on this DC. ......................... BASE failed test SysVolCheck Starting test: KccEvent * The KCC Event log test Found no KCC errors in "Directory Service" Event log in the last 15 minutes. ......................... BASE passed test KccEvent Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca Role Domain Owner = CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca Role PDC Owner = CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca Role Rid Owner = CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca Role Infrastructure Update Owner = CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca ......................... BASE passed test KnowsOfRoleHolders Starting test: MachineAccount Checking machine account for DC BASE on DC BASE. Could not open Lsa Policy Could not get NetBIOSDomainName Failed can not test for HOST SPN Failed can not test for HOST SPN * SPN found :LDAP/base.mytestdomain.ca/mytestdomain.ca * SPN found :LDAP/base.mytestdomain.ca * SPN found :LDAP/BASE * SPN found :LDAP/d6256e29-5015-4918-b9fa-fee0c94503ea._ msdcs.mytestdomain.ca * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/d6256e29-5015-4918-b9fa-fee0c94503ea/ mytestdomain.ca * SPN found :HOST/base.mytestdomain.ca/mytestdomain.ca * SPN found :HOST/base.mytestdomain.ca * SPN found :HOST/BASE * SPN found :GC/base.mytestdomain.ca/mytestdomain.ca ......................... BASE passed test MachineAccount Starting test: NCSecDesc * Security Permissions check for all NC's on DC BASE. * Security Permissions Check for CN=Configuration,DC=mytestdomain,DC=ca (Configuration,Version 3) * Security Permissions Check for CN=Schema,CN=Configuration,DC=mytestdomain,DC=ca (Schema,Version 3) * Security Permissions Check for DC=mytestdomain,DC=ca (Domain,Version 3) ......................... BASE passed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Unable to connect to the NETLOGON share! (\\BASE\netlogon) [BASE] An net use or LsaPolicy operation failed with error 67, The network name cannot be found.. ......................... BASE failed test NetLogons Starting test: ObjectsReplicated BASE is in domain DC=mytestdomain,DC=ca Checking for CN=BASE,OU=Domain Controllers,DC=mytestdomain,DC=ca in domain DC=mytestdomain,DC=ca on 1 servers Failed to read object metadata on BASE, error The system call level is not correct. Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca in domain CN=Configuration,DC=mytestdomain,DC=ca on 1 servers Failed to read object metadata on BASE, error The system call level is not correct. Object is up-to-date on all servers. ......................... BASE passed test ObjectsReplicated Test omitted by user request: OutboundSecureChannels Starting test: Replications * Replications Check * Replication Latency Check ......................... BASE passed test Replications Starting test: RidManager * Available RID Pool for the Domain is 1600 to 1073741823 * base.mytestdomain.ca is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 1100 to 1599 * rIDPreviousAllocationPool is 1100 to 1599 * rIDNextRID: 1109 ......................... BASE passed test RidManager Starting test: Services Could not open Service Control Manager on base.mytestdomain.ca, error 0x6ba "The RPC server is unavailable." Printing RPC Extended Error Info: Error Record 1, ProcessID is 1996 (DcDiag) System Time is: 1/24/2011 14:58:44:760 Generating component is 2 (RPC runtime) Status is 1722 The RPC server is unavailable. Detection location is 193 Error Record 2, ProcessID is 1996 (DcDiag) System Time is: 1/24/2011 14:58:44:760 Generating component is 5 (redirector) Status is 1359 An internal error occurred. Detection location is 190 NumberOfParameters is 2 Long val: 1441792 Unicode string: \\base.mytestdomain.ca\pipe\svcctl ......................... BASE failed test Services Starting test: SystemLog * The System Event log test Found no errors in "System" Event log in the last 60 minutes. ......................... BASE passed test SystemLog Test omitted by user request: Topology Test omitted by user request: VerifyEnterpriseReferences Starting test: VerifyReferences The system object reference (serverReference) CN=BASE,OU=Domain Controllers,DC=mytestdomain,DC=ca and backlink on CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=m ytestdomain,DC=ca are correct. Some objects relating to the DC BASE have problems: [1] Problem: Missing Expected Value Base Object: CN=NTDS Settings,CN=BASE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configura tion,DC=mytestdomain,DC=ca Base Object Description: "DSA Object" Value Object Attribute Name: serverReferenceBL Value Object Description: "SYSVOL FRS Member Object" Recommended Action: See Knowledge Base Article: Q312862 [1] Problem: Missing Expected Value Base Object: CN=BASE,OU=Domain Controllers,DC=mytestdomain,DC=ca Base Object Description: "DC Account Object" Value Object Attribute Name: frsComputerReferenceBL Value Object Description: "SYSVOL FRS Member Object" Recommended Action: See Knowledge Base Article: Q312862 ......................... BASE failed test VerifyReferences Test omitted by user request: VerifyReplicas Test omitted by user request: DNS Test omitted by user request: DNS Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : mytestdomain Starting test: CheckSDRefDom ......................... mytestdomain passed test CheckSDRefDom Starting test: CrossRefValidation ......................... mytestdomain passed test CrossRefValidation Running enterprise tests on : mytestdomain.ca Test omitted by user request: DNS Test omitted by user request: DNS Starting test: LocatorCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722 A Global Catalog Server could not be located - All GC's are down. Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722 A Primary Domain Controller could not be located. The server holding the PDC role is down. Warning: DcGetDcName(TIME_SERVER) call failed, error 1722 A Time Server could not be located. The server holding the PDC role is down. Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1722 A Good Time Server could not be located. Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722 A KDC could not be located - All the KDCs are down. ......................... mytestdomain.ca failed test LocatorCheck Starting test: Intersite Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided. ......................... mytestdomain.ca passed test Intersite -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
