[Samba] Samba 4.8 RODC not working
Gaetan SLONGO
gslongo at it-optics.com
Thu May 24 09:30:40 UTC 2018
Hi,
It's my first try to setup RODC using Samba 4.8. We have latest Samba 4.7 environnement with 2 DC and some file servers.
Joining the DC to the domain is OK using samba-tool domain join command. The domain controller appears in the DC list (MMC)
However, users cannot be authenticated. Samba is running but these ports are closed :
netbios-ssn 139/tcp # NETBIOS session service
netbios-ssn 139/udp
microsoft-ds 445/tcp
microsoft-ds 445/udp
Some other ports are available :
[root at dmzrodc ~]# netstat -tlpn
Connexions Internet actives (seulement serveurs)
Proto Recv-Q Send-Q Adresse locale Adresse distante Etat PID/Program name
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN 23622/samba
tcp 0 0 0.0.0.0:49152 0.0.0.0:* LISTEN 23619/samba
tcp 0 0 0.0.0.0:49153 0.0.0.0:* LISTEN 23619/samba
tcp 0 0 0.0.0.0:49154 0.0.0.0:* LISTEN 23619/samba
tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN 23622/samba
tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN 23622/samba
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 23622/samba
tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN 23619/samba
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN 23624/samba
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 23632/samba
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN 23624/samba
Winbind is not working :
[root at dmzrodc ~]# wbinfo -u
could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE
could not obtain winbind domain name!
Error looking up domain users
Logs are not showing something clear :
==> /var/log/samba/log.samba <==
[2018/05/24 11:29:24.038701, 0] ../source4/smbd/process_standard.c:81(sigterm_signal_handler)
sigterm_signal_handler: Exiting pid 23632 on SIGTERM
[2018/05/24 11:29:25.178372, 0] ../source4/smbd/server.c:466(binary_smbd_main)
samba version 4.8.2-SerNet-RedHat-10.el7 started.
Copyright Andrew Tridgell and the Samba Team 1992-2018
[2018/05/24 11:29:25.369162, 0] ../source4/smbd/server.c:638(binary_smbd_main)
binary_smbd_main: samba: using 'standard' process model
[2018/05/24 11:29:25.382292, 0] ../lib/util/become_daemon.c:138(daemon_ready)
daemon_ready: STATUS=daemon 'samba' finished starting up and ready to serve connections
[2018/05/24 11:29:25.520009, 0] ../file_server/file_server.c:46(file_server_smbd_done)
file_server smbd daemon died with exit status 1
[2018/05/24 11:29:25.520167, 0] ../source4/smbd/service_task.c:36(task_server_terminate)
task_server_terminate: task_server_terminate: [smbd child process exited]
[2018/05/24 11:29:25.530008, 0] ../source4/winbind/winbindd.c:47(winbindd_done)
winbindd daemon died with exit status 1
[2018/05/24 11:29:25.530169, 0] ../source4/smbd/service_task.c:36(task_server_terminate)
task_server_terminate: task_server_terminate: [winbindd child process exited]
[2018/05/24 11:29:26.029093, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: Traceback (most recent call last):
[2018/05/24 11:29:26.029286, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 917, in <module>
[2018/05/24 11:29:26.029317, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: call_rodc_update(d)
[2018/05/24 11:29:26.029344, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 714, in call_rodc_update
[2018/05/24 11:29:26.029375, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: rodc_dns_update(d, t, op)
[2018/05/24 11:29:26.029402, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 657, in rodc_dns_update
[2018/05/24 11:29:26.029428, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: w = winbind.winbind("irpc:winbind_server", lp)
[2018/05/24 11:29:26.029454, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: samba.NTSTATUSError: (3221225645, 'The named pipe is not in the connected or closing state.')
[2018/05/24 11:29:26.035872, 0] ../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done)
../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error code 1
Do you have any idea about what is causing the issue ?
Thanks !
--
More information about the samba
mailing list