Okay, I'm not sure, but I don't *think* it's that bug. First, I don't
know much about winbind, and never meant to set it up (although it's
possible I did by accident) but I'm not using NetBIOS, if that makes a
difference. Second, wbinfo still worked after \\newdc ceased to be
browsable.
Some more detail from log.samba.
I was not here for this and I'm not sure when browsability ceased, but
it's the only other entry:
../source4/dsdb/repl/drepl_out_helpers.c:833(dreplsrv_update_refs_done)
UpdateRefs failed with WERR_DS_DRA_BUSY/NT code 0xc00020f6 for
fb9ec5fd-28a7-44a0-a784-933a41dd830a._msdcs.mydomain.lan
CN=Configuration,DC=mydomain,DC=lan
After I logged in and tried to browse \\newdc -- it does this every time
I try to browse right now:
../source4/smb_server/smb/service.c:127(make_connection)
make_connection: couldn't find service *.:
NT_STATUS_OBJECT_NAME_NOT_FOUND
../source4/smb_server/smb/service.c:127(make_connection)
make_connection: couldn't find service DESKTOP.INI:
NT_STATUS_OBJECT_NAME_NOT_FOUND
The bug linked to doesn't mention either of these error codes, so I
think it might not be related.
I also found that whenever I run the AD Replication Status Tool on the
Windows server, everything succeeds even right now while browsability is
broken, but the log says this (also from times when browsability wasn't
broken and I ran it):
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
../source4/dsdb/common/util.c:3118(dsdb_forest_functional_level)
../source4/dsdb/common/util.c:3118: WARNING: forestFunctionality not
setup
I guess the errors are fine. It's strange the status tool says
replication is fine even though the log says it had problems. But maybe
it just had one problem, and now replication is working again but
whatever that problem was somehow put Samba in a state where browsing
\\newdc would not work.
Kev
On 2013-08-20 11:40 AM, Kristofer Pettijohn wrote:
You may want to see if it is this bug, which is fixed in 4.0.9:
https://bugzilla.samba.org/show_bug.cgi?id=9820
------------------------------------------------------------------------
*From: *"Kevin Field" <k...@mydomain.com>
*To: *samba@lists.samba.org
*Sent: *Tuesday, August 20, 2013 9:38:32 AM
*Subject: *[Samba] AD DC eventually not browsable without restart
I have a SerNet Samba 4.0.8 AD DC running on CentOS 6.4 (newdc)
replicating from a W2K3 DC (olddc). When I first launch Samba using
`sudo samba`, I can go to the Windows server and browse to \\newdc in
Explorer, and I see mytestshare, netlogon, printers, sysvol, and
"Printers and Faxes".
After a while (I'm not sure how long precisely, but under 24 hours) I
could not navigate to \\newdc without the following error:
---------------------------
\\newdc
---------------------------
\\newdc is not accessible. You might not have permission to use this
network resource. Contact the administrator of this server to find out
if you have access permissions.
The Server service is not started.
---------------------------
OK
---------------------------
But in the interim, I had not been doing anything in the system, so I'm
not sure what might have caused it. One time it even happened on a
weekend when no backup or anything particularly special is scheduled
while I was away.
Anyway, running `sudo killall samba` and then `sudo samba` makes it
suddenly browsable again.
This is happening every day. I guess it would be best to figure this
problem out before we make Samba the only DC.
Here's my smb.conf, mostly set up by samba-tool, and now a work in
progress to add the extras we will use:
# Global parameters
[global]
workgroup = MYDOMAIN
realm = mydomain.lan
netbios name = NEWDC
server role = active directory domain controller
server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc, dnsupdate, smb, dns
allow dns updates = true
dns forwarder = 192.168.1.1
# dns recursive queries = yes
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
eventlog6, backupkey, dnsserver, winreg, srvsvc
# dcerpc endpoint servers = winreg srvsvc
load printers = yes
printing = cups
[netlogon]
path = /var/lib/samba/sysvol/mydomain.lan/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[printers]
comment = All Printers
path = /var/spool/samba
browseable = Yes
read only = No
printable = Yes
[print$]
comment = Point and Print Printer Drivers
path = /var/lib/samba/printing
read only = No
[mytestshare]
path = /srv/mytestshare/
read only = No
Any ideas?
Thanks,
Kev
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
