Samba 4.0.3 on CentOS 6.3 as PDC.
Mike Stroven
mike.stroven at visole-energy.com
Tue Feb 26 06:27:13 MST 2013
Hi Thomas,
Thanks for the reply. I have included all of the output of the suggested diags that you requested, but I admit that I'm not sure what I'm looking for, as I'm not familiar with RPC functionality on Linux. (FWIW, it doesn't work with IPTables stopped either.) I have also posted to the samba list server.
> On Mon, Feb 25, 2013 at 2:21 PM, Mike Stroven wrote:
>
> > I finally have everything working that can be verified from the server command line. Running Bind9.8 with DLZ support.
> > Verified Kerberos 5 running. Now attempting to join Windows XP machines to the domain, and am getting an error:
> > "The RPC server is unavailable". Any pointers?
> >
On Mon, Feb 25, 2013 at 6:55 PM, Thomas Simmons wrote:
> You're likely to get more support on the user's list (samba at lists.samba.org).
>
> If you're certain everything is working on the server and the client
> network config is correct (you have the DC's IP as the primary DNS server),
> then my first guess would be iptables or selinux. If you need further
> assistance, output from the following commands would be useful:
>
> # test samba
[root at grumpy ~]# /usr/local/samba/bin/smbclient //grumpy/netlogon -UAdministrator%'**********' -c ls
Domain=[TROY] OS=[Unix] Server=[Samba 4.0.3]
. D 0 Mon Feb 25 09:53:33 2013
.. D 0 Fri Feb 22 17:09:24 2013
40757 blocks of size 131072. 20332 blocks available
> # test kerberos
[root at grumpy ~]# kinit Administrator at VISOLE-ENERGY.COM
Password for Administrator at VISOLE-ENERGY.COM:
Warning: Your password will expire in 41 days on Mon Apr 8 18:14:03 2013
> # check iptables
[root at grumpy ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 /* SSH */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53 /* DNS */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53 /* DNS UDP */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 /* HTTP */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:88 /* Kerberos */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123 /* NTP */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:135 /* RPC UDP */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:135 /* RPC TCP */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138 /* NetBIOS Netlogon and Browsing */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139 /* NetBIOS Session */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:389 /* LDAP UDP */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 /* HTTPS */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445 /* SMB CIFS */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:445 /* SMB CIFS UDP */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:464 /* Kerberos Password Management */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:464 /* Kerberos Password Management UDP */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:636 /* LDAP SSL */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3268 /* LDAP Global Catalog */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3269 /* LDAP Global Catalog SSL */
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10000 /* Webmin */
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
> # check selinux
root at grumpy ~]# sestatus
SELinux status: disabled
> # netstat output
[root at grumpy ~]# netstat -anp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN 1114/samba
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 1114/samba
tcp 0 0 0.0.0.0:39689 0.0.0.0:* LISTEN 922/rpc.statd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 1111/smbd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 904/rpcbind
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1150/perl
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN 1116/samba
tcp 0 0 192.168.60.200:53 0.0.0.0:* LISTEN 882/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 882/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1091/sshd
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN 1116/samba
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 882/named
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN 1114/samba
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 1111/smbd
tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1110/samba
tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN 1114/samba
tcp 0 48 192.168.60.200:22 192.168.63.102:51832 ESTABLISHED 4081/sshd
tcp 0 0 :::3269 :::* LISTEN 1114/samba
tcp 0 0 :::389 :::* LISTEN 1114/samba
tcp 0 0 :::139 :::* LISTEN 1111/smbd
tcp 0 0 :::111 :::* LISTEN 904/rpcbind
tcp 0 0 :::464 :::* LISTEN 1116/samba
tcp 0 0 :::53012 :::* LISTEN 922/rpc.statd
tcp 0 0 :::22 :::* LISTEN 1091/sshd
tcp 0 0 :::88 :::* LISTEN 1116/samba
tcp 0 0 ::1:953 :::* LISTEN 882/named
tcp 0 0 :::636 :::* LISTEN 1114/samba
tcp 0 0 :::445 :::* LISTEN 1111/smbd
tcp 0 0 :::1024 :::* LISTEN 1110/samba
tcp 0 0 :::3268 :::* LISTEN 1114/samba
udp 0 0 192.168.60.200:464 0.0.0.0:* 1116/samba
udp 0 0 0.0.0.0:464 0.0.0.0:* 1116/samba
udp 0 0 192.168.60.200:88 0.0.0.0:* 1116/samba
udp 0 0 0.0.0.0:88 0.0.0.0:* 1116/samba
udp 0 0 0.0.0.0:750 0.0.0.0:* 861/portreserve
udp 0 0 0.0.0.0:111 0.0.0.0:* 904/rpcbind
udp 0 0 192.168.60.200:123 0.0.0.0:* 1138/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1138/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1138/ntpd
udp 0 0 192.168.60.200:389 0.0.0.0:* 1115/samba
udp 0 0 0.0.0.0:389 0.0.0.0:* 1115/samba
udp 0 0 192.168.60.200:137 0.0.0.0:* 1112/samba
udp 0 0 192.168.63.255:137 0.0.0.0:* 1112/samba
udp 0 0 0.0.0.0:137 0.0.0.0:* 1112/samba
udp 0 0 192.168.60.200:138 0.0.0.0:* 1112/samba
udp 0 0 192.168.63.255:138 0.0.0.0:* 1112/samba
udp 0 0 0.0.0.0:138 0.0.0.0:* 1112/samba
udp 0 0 0.0.0.0:655 0.0.0.0:* 904/rpcbind
udp 0 0 0.0.0.0:10000 0.0.0.0:* 1150/perl
udp 0 0 0.0.0.0:44959 0.0.0.0:* 922/rpc.statd
udp 0 0 0.0.0.0:674 0.0.0.0:* 922/rpc.statd
udp 0 0 192.168.60.200:53 0.0.0.0:* 882/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 882/named
udp 0 0 fe80::389a:99ff:febe:379:464 :::* 1116/samba
udp 0 0 :::464 :::* 1116/samba
udp 0 0 fe80::389a:99ff:febe:3797:88 :::* 1116/samba
udp 0 0 :::88 :::* 1116/samba
udp 0 0 :::111 :::* 904/rpcbind
udp 0 0 fe80::389a:99ff:febe:379:123 :::* 1138/ntpd
udp 0 0 ::1:123 :::* 1138/ntpd
udp 0 0 :::123 :::* 1138/ntpd
udp 0 0 fe80::389a:99ff:febe:379:389 :::* 1115/samba
udp 0 0 :::389 :::* 1115/samba
udp 0 0 :::655 :::* 904/rpcbind
udp 0 0 :::53046 :::* 922/rpc.statd
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 8689 1110/samba /usr/local/samba/var/run/ncalrpc/np/winreg
unix 2 [ ] DGRAM 8672 1113/samba /usr/local/samba/private/smbd.tmp/msg/msg.1113
unix 2 [ ] DGRAM 8674 1114/samba /usr/local/samba/private/smbd.tmp/msg/msg.1114
unix 2 [ ] DGRAM 8691 1115/samba /usr/local/samba/private/smbd.tmp/msg/msg.1115
unix 2 [ ] DGRAM 8710 1116/samba /usr/local/samba/private/smbd.tmp/msg/msg.1116
unix 2 [ ] DGRAM 8717 1117/samba /usr/local/samba/private/smbd.tmp/msg/msg.1117
unix 2 [ ACC ] STREAM LISTENING 8878 1114/samba /usr/local/samba/private/ldapi
unix 2 [ ACC ] STREAM LISTENING 8880 1114/samba /usr/local/samba/private/ldap_priv/ldapi
unix 2 [ ] DGRAM 8719 1118/samba /usr/local/samba/private/smbd.tmp/msg/msg.1118
unix 2 [ ACC ] STREAM LISTENING 8756 1118/samba /usr/local/samba/var/run/winbindd/pipe
unix 2 [ ACC ] STREAM LISTENING 8758 1118/samba /usr/local/samba/var/lib/winbindd_privileged/pipe
unix 2 [ ] DGRAM 8652 1109/samba /usr/local/samba/private/smbd.tmp/msg/msg.1109
unix 2 [ ] DGRAM 8752 1119/samba /usr/local/samba/private/smbd.tmp/msg/msg.1119
unix 2 [ ACC ] STREAM LISTENING 8509 1059/dbus-daemon /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 8754 1119/samba /usr/local/samba/var/lib/ntp_signd/socket
unix 2 [ ] DGRAM 8760 1120/samba /usr/local/samba/private/smbd.tmp/msg/msg.1120
unix 2 [ ] DGRAM 8763 1121/samba /usr/local/samba/private/smbd.tmp/msg/msg.1121
unix 2 [ ] DGRAM 9055 1118/samba /usr/local/samba/private/smbd.tmp/msg/msg.1118.28
unix 2 [ ACC ] STREAM LISTENING 8676 1110/samba /usr/local/samba/var/run/ncalrpc/np/srvsvc
unix 2 [ ACC ] STREAM LISTENING 8678 1110/samba /usr/local/samba/var/run/ncalrpc/DEFAULT
unix 2 [ ] DGRAM 8657 1110/samba /usr/local/samba/private/smbd.tmp/msg/msg.1110
unix 2 [ ] DGRAM 7754 861/portreserve /var/run/portreserve/socket
unix 2 [ ACC ] STREAM LISTENING 6569 1/init @/com/ubuntu/upstart
unix 9 [ ] DGRAM 7785 868/rsyslogd /dev/log
unix 2 [ ] DGRAM 6706 319/udevd @/org/kernel/udev/udevd
unix 2 [ ] DGRAM 8648 1107/samba /usr/local/samba/private/smbd.tmp/msg/msg.0
unix 2 [ ] DGRAM 8659 1112/samba /usr/local/samba/private/smbd.tmp/msg/msg.1112
unix 2 [ ACC ] STREAM LISTENING 7969 904/rpcbind /var/run/rpcbind.sock
unix 2 [ ] DGRAM 63732 4081/sshd
unix 2 [ ] DGRAM 9193 1150/perl
unix 3 [ ] STREAM CONNECTED 9054 1118/samba /usr/local/samba/var/lib/winbindd_privileged/pipe
unix 3 [ ] STREAM CONNECTED 9053 1111/smbd
unix 2 [ ] DGRAM 9012 1138/ntpd
unix 2 [ ] DGRAM 8771 1111/smbd
unix 2 [ ] DGRAM 8625 1099/crond
unix 3 [ ] STREAM CONNECTED 8521 1059/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 8520 1/init
unix 3 [ ] STREAM CONNECTED 8514 1059/dbus-daemon
unix 3 [ ] STREAM CONNECTED 8513 1059/dbus-daemon
unix 3 [ ] STREAM CONNECTED 8419 1031/rpc.idmapd
unix 3 [ ] STREAM CONNECTED 8418 1031/rpc.idmapd
unix 2 [ ] DGRAM 8056 922/rpc.statd
unix 2 [ ] DGRAM 7811 882/named
unix 3 [ ] STREAM CONNECTED 7722 842/audispd
unix 3 [ ] STREAM CONNECTED 7721 843/sedispatch
unix 3 [ ] STREAM CONNECTED 7712 840/auditd
unix 3 [ ] STREAM CONNECTED 7711 842/audispd
unix 3 [ ] DGRAM 6724 319/udevd
unix 3 [ ] DGRAM 6723 319/udevd
>
More information about the samba-technical
mailing list