[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired

Rowland Penny rpenny at samba.org
Wed Jan 3 19:40:54 UTC 2024 

On Wed, 3 Jan 2024 15:24:02 -0300
Elias Pereira <empbilly at gmail.com> wrote:

> >
> > I am not sure what you are trying to say, but your pfsense device
> > shouldn't come into your AD domain dns.
> 
> I mean that between the DCs, pfsense won't block them because they're
> on the same vlan.
> 
> Your AD clients (and this
> > includes the DCs) should look to AD to find each other and anything
> > outside the AD dns domain should be forwarded to a dns server
> > outside the AD domain.
> 
> And yes, the configuration of the DCs is as you described. The clients
> receive the DCs'
> IPs as DNS via pfsense DHCP and bind9 forwards what doesn't belong to
> the DCs to our authoritative DNS.
> 
> root at dc2:~# netstat -plaunt | egrep "ntp|bind|named|samba|?mbd"
> https://pastebin.com/raw/NbECKVB8 (output from command netstat)
> 
> Regarding the command above, I think the ports are OK?
> 
> Can you test the command below on one of your DCs?
> 
> nmap -p 53,88,123,135,137,138,139,389,445,464,636,3268,3269 -sV <DC
> IP>
> 

nmap -p 53,88,123,135,137,138,139,389,445,464,636,3268,3269 -sV 192.168.1.2
Starting Nmap 7.93 ( https://nmap.org ) at 2024-01-03 19:35 GMT
Nmap scan report for rpidc1.samdom.example.com (192.168.1.2)
Host is up (0.011s latency).

PORT     STATE  SERVICE      VERSION
53/tcp   open   domain       (generic dns response: NOTIMP)
88/tcp   open   kerberos-sec (server time: 2024-01-03 19:35:40Z)
123/tcp  closed ntp
135/tcp  open   msrpc        Microsoft Windows RPC
137/tcp  closed netbios-ns
138/tcp  closed netbios-dgm
139/tcp  open   netbios-ssn  Samba smbd 4.6.2
389/tcp  open   ldap         (Anonymous bind OK)
445/tcp  open   netbios-ssn  Samba smbd 4.6.2
464/tcp  open   kpasswd5?
636/tcp  open   ssl/ldap     (Anonymous bind OK)
3268/tcp open   ldap         (Anonymous bind OK)
3269/tcp open   ssl/ldap     (Anonymous bind OK)
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port53-TCP:V=7.93%I=7%D=1/3%Time=6595B711%P=x86_64-pc-linux-gnu%r(DNSVe
SF:rsionBindReqTCP,20,"\0\x1e\0\x06\x81\x80\0\x01\0\0\0\0\0\0\x07version\x
SF:04bind\0\0\x10\0\x03")%r(DNSStatusRequestTCP,E,"\0\x0c\0\0\x90\x04\0\0\
SF:0\0\0\0\0\0");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port88-TCP:V=7.93%I=7%D=1/3%Time=6595B711%P=x86_64-pc-linux-gnu%r(Kerbe
SF:ros,68,"\0\0\0d~b0`\xa0\x03\x02\x01\x05\xa1\x03\x02\x01\x1e\xa4\x11\x18
SF:\x0f20240103193540Z\xa5\x05\x02\x03\x07H}\xa6\x03\x02\x01\x06\xa9\x04\x
SF:1b\x02NM\xaa\x170\x15\xa0\x03\x02\x01\0\xa1\x0e0\x0c\x1b\x06krbtgt\x1b\
SF:x02NM\xab\x16\x1b\x14No\x20client\x20in\x20request");
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 51.97 seconds

More information about the samba mailing list