[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired
Elias Pereira
empbilly at gmail.com
Wed Jan 3 18:24:02 UTC 2024
>
> I am not sure what you are trying to say, but your pfsense device
> shouldn't come into your AD domain dns.
I mean that between the DCs, pfsense won't block them because they're on
the same vlan.
Your AD clients (and this
> includes the DCs) should look to AD to find each other and anything
> outside the AD dns domain should be forwarded to a dns server outside
> the AD domain.
And yes, the configuration of the DCs is as you described. The clients
receive the DCs'
IPs as DNS via pfsense DHCP and bind9 forwards what doesn't belong to the
DCs to our authoritative DNS.
root at dc2:~# netstat -plaunt | egrep "ntp|bind|named|samba|?mbd"
https://pastebin.com/raw/NbECKVB8 (output from command netstat)
Regarding the command above, I think the ports are OK?
Can you test the command below on one of your DCs?
nmap -p 53,88,123,135,137,138,139,389,445,464,636,3268,3269 -sV <DC IP>
On Wed, Jan 3, 2024 at 2:57 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Wed, 3 Jan 2024 14:42:54 -0300
> Elias Pereira <empbilly at gmail.com> wrote:
>
> > >
> > > and not between your DCs.
> >
> > You're right. If it's on the same network/vlan, it doesn't go through
> > the gateway/firewall.
> >
>
> I am not sure what you are trying to say, but your pfsense device
> shouldn't come into your AD domain dns. Your AD clients (and this
> includes the DCs) should look to AD to find each other and anything
> outside the AD dns domain should be forwarded to a dns server outside
> the AD domain. If you are going to use a firewall, it should be a
> software type running on each DC/AD client.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Elias Pereira
More information about the samba
mailing list