On 6/7/13 10:51 AM, Ricky Nance wrote:
I'd double check on the samba server it self if you can connect to it
using smbclient... `smbclient //localhost/sysvol -Uadministrator` ....
if that fails try `smbclient //localhost/sysvol -d5 -Uadministrator`
and paste the output in your reply. If it succeeds then you can pretty
much bet on a connectivity issue... by the way, why isn't samba
listening on port 88 in your last mail? It might be worth it to try a
`killall samba && sleep 5 && samba -i -M single -d3` and look for any
error messages ... anyway those are just a couple of my suggestions.
Ricky
On Thu, Jun 6, 2013 at 8:30 PM, Marcelo Ruriani
<systemad...@helpinghandsofgreenup.org
<mailto:systemad...@helpinghandsofgreenup.org>> wrote:
On 6/6/13 5:15 PM, Marc Muehlfeld wrote:
Hello Marcelo,
Am 06.06.2013 22:47, schrieb Marcelo Ruriani:
It seems I locked myself out. I have tried these steps:
turn off the
firewall, ntacl sysvol reset, and dis-join from domain.
The ntacl sysvol reset returns errors (which I'll post if
necessary) the
dis-join worked fine but I cannot re-join to the domain
because it
doesn't detect our domain and throws up an error "domain
could not be
contacted" and "DNS name doesn't exist".
* IP connection between the hosts is fine? (ping each other)
* Do you use the internal DNS or Bind DLZ?
* Is Samba/Bind listening on port 53? Use 'netstat -taunp', to
make sure, that nothing else is listening on this port and
prevent the correct DNS to start up.
* Can you check:
https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Testing_DNS
Regards,
Marc
Dear List & Mark,
Thank you for the reply. To answer your questions. I am using
the internal DNS. The DNS testing reveals that host -t SRV _ldap
(and so on) plus host -t SRV _kerberos (and so on) return with a
"not found" error. The A record test works fine.
Samba is listening on TCP port 53, 636, 1024, 3268, 3269, 389, 135
(and UDP 53)
smbd is listening on TCP port 139, 445
The clients ping the server (ip and domain name) fine and the
server pings the clients fine.
My followup question will appear after this reply.
Marcelo
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
To list, Mark, Ricky,
I must admit I am unsure why it isn't listening on port 88! I will
do that "kill all samba" thing later and reply if that does the trick.
On the tests you asked me to do, this is my output of terminal: (I
apologize for formatting)
root@ad:/# /usr/local/samba/bin/smbclient //localhost/sysvol
-U%administrator
Domain=[AD.HHG.COM] OS=[Unix] Server=[Samba 4.1.0pre1-GIT-94f11e9]
tree connect failed: NT_STATUS_ACCESS_DENIED
root@ad:/# /usr/local/samba/bin/smbclient //localhost/sysvol -d5
-U%administrator
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
params.c:pm_process() - Processing configuration file
"/usr/local/samba/etc/smb.conf"
Processing section "[global]"
doing parameter workgroup = AD.HHG.COM
doing parameter realm = HHG.COM
doing parameter netbios name = AD
doing parameter server role = active directory domain controller
doing parameter dns forwarder = 192.168.1.1
pm_process() returned Yes
added interface eth0 ip=fe80::222:19ff:fe95:7f31%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.1.10 bcast=192.168.1.255
netmask=255.255.255.0
Netbios name list:-
my_netbios_names[0]="AD"
Client started (version 4.1.0pre1-GIT-94f11e9).
Opening cache file at /usr/local/samba/var/lock/gencache.tdb
Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb
sitename_fetch: No stored sitename for HHG.COM
name localhost#20 found.
Connecting to ::1 at port 445
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 173200
SO_RCVBUF = 87380
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
session request ok
Domain=[AD.HHG.COM] OS=[Unix] Server=[Samba 4.1.0pre1-GIT-94f11e9]
session setup ok
tree connect failed: NT_STATUS_ACCESS_DENIED
My questions are if the worst were if I had to re-provision, would the
re-provision be enough? OR Woul d I have to do the entire compile, make,
install procedure? Thanks.
Marcelo
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
