Cannot see the domain controller
admin at blackpenguin.org
admin at blackpenguin.org
Thu May 16 21:22:11 MDT 2013
I got the multicast dns open previously and the issue is happening with
all the ports open:
<port protocol="tcp" port="5353"/>
<port protocol="udp" port="5353"/>
On , C.J. Adams-Collier wrote:
> Open the ports for multicast dns
> On May 16, 2013 7:35 PM, "BlackPenguin ADMIN" <admin at blackpenguin.org>
> wrote:
>
>> I have samba-ad in the services list in the work zone:
>>
>> [root at pdc zones]# firewall-cmd --get-services
>> cluster-suite pop3s bacula-client smtp ipp radius bacula ftp mdns
>> samba dhcpv6-client https openvpn imaps samba-client http dns ntp
>> vnc-server telnet libvirt ssh samba-ad ipsec ipp-client amanda-client
>> tftp-client nfs tftp libvirt-tls
>>
>> The work zone looks like this:
>>
>> <?xml version="1.0" encoding="utf-8"?>
>> <zone>
>> <short>Work</short>
>> <description>For use in work areas. You mostly trust the other
>> computers on networks to not harm your computer. Only selected
>> incoming connections are accepted.</description>
>> <service name="ssh"/>
>> <service name="samba-ad"/>
>> <service name="mdns"/>
>> <service name="ipp-client"/>
>> <service name="dhcpv6-client"/>
>> </zone>
>>
>> The samba-ad.xml looks like this:
>>
>> <?xml version="1.0" encoding="utf-8"?>
>> <service>
>> <short>Samba</short>
>> <description>This option allows you to access and participate in
>> Windows file and printer sharing networks. You need the samba package
>> installed for this option to be useful.</description>
>> <port protocol="tcp" port="1024"/>
>> <port protocol="tcp" port="88"/>
>> <port protocol="udp" port="88"/>
>> <port protocol="tcp" port="464"/>
>> <port protocol="udp" port="464"/>
>> <port protocol="tcp" port="389"/>
>> <port protocol="tcp" port="636"/>
>> <port protocol="tcp" port="135"/>
>> <port protocol="tcp" port="5353"/>
>> <port protocol="udp" port="5353"/>
>> <port protocol="tcp" port="53"/>
>> <port protocol="udp" port="53"/>
>> <port protocol="udp" port="137"/>
>> <port protocol="udp" port="138"/>
>> <port protocol="tcp" port="139"/>
>> <port protocol="tcp" port="445"/>
>> <module name="nf_conntrack_netbios_ns"/>
>> </service>
>>
>> I still cannot find the domain controller in the machine list. Unless
>> I specifically type \PDC, or \PDC.BLACKPENGUIN.ORG [7]. Fedora 18 does
>> not even see it - same as before.
>>
>> On 05/16/2013 09:29 AM, Alexander Bokovoy wrote:
>>
>>> FirewallD documentation:
>>> http://fedoraproject.org/wiki/FirewallD#Runtime_zone_handling [1]
>>>
>>> Now, you need to create a service definition since existing
>>> /usr/lib/firewalld/services/samba.xml does not include LDAP ports
>>> (and DNS, ...).
>>> Copy samba.xml to, say, samba-ad.xml. Add needed ports inside and
>>> use firewall-cmd to enable service in needed zone. Use --permanent
>>> option to firewall-cmd to save the zone changes.
>>>
>>> On Thu, May 16, 2013 at 5:50 PM, Bogdan Bartos
>>> <admin at blackpenguin.org <mailto:admin at blackpenguin.org>> wrote:
>>>
>>> I have firewalld running. What rule do I need to put in, so I
>>> make
>>> the browsing work?
>>> -----------------------
>>> BlackPenguin.Org Admin | Linux administration
>>> h. 1.403.266.1513 [2] | c. 1.403.919.5699 [3]
>>> admin at blackpenguin.org <mailto:admin at blackpenguin.org> |
>>> http://www.blackpenguin.org [4]
>>>
>>> ------------------------------------------------------------------------
>>> *From: * Alexander Bokovoy <ab at altlinux.org
>>> <mailto:ab at altlinux.org>>
>>> *Sender: * ab at 7ia.org <mailto:ab at 7ia.org>
>>> *Date: *Thu, 16 May 2013 17:47:34 +0300
>>> *To: *BlackPenguin ADMIN<admin at blackpenguin.org
>>> <mailto:admin at blackpenguin.org>>
>>> *ReplyTo: * ab at altlinux.org <mailto:ab at altlinux.org>
>>> *Cc: *samba-technical<samba-technical at lists.samba.org
>>> <mailto:samba-technical at lists.samba.org>>
>>> *Subject: *Re: Cannot see the domain controller
>>>
>>> Make sure you have manual firewall or amended firewalld
>>> configuration properly. Firewalld will otherwise conflict with
>>> your setup in F18.
>>>
>>> -- / Alexander Bokovoy
>>>
>>> 16.05.2013 16:34 пользователь "bogdan_bartos"
>>> <admin at blackpenguin.org <mailto:admin at blackpenguin.org>>
>>> написал:
>>>
>>> I opened the ports specified for Windows 2008 server except
>>> the dynamic ones
>>> that I cannot predict:
>>>
>>> http://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
>>> [5]
>>>
>>> Like you noticed, the issue seems to be with a Samba 4.0.5
>>> running on Fedora
>>> 18 x64. Is samba 4 normally presenting itself for browsing?
>>> Is
>>> there a
>>> configuration that I have to do, so the server becomes
>>> visible
>>> for browsing?
>>> Thanks.
>>>
>>> --
>>> View this message in context:
>>>
>>> http://samba.2283325.n4.nabble.com/Cannot-see-the-domain-controller-tp4648145p4648203.html
>>> [6]
>>> Sent from the Samba - samba-technical mailing list archive
>>> at
>>> Nabble.com.
>>>
>>> --
>>> / Alexander Bokovoy
>>
>> --
>> *BlackPenguin ADMIN | Linux administration*
>> admin at blackpenguin.org | http://www.blackpenguin.org [4]
>> h. 001.403.266.1513 | c. 001.403.919.5699
>
>
> Links:
> ------
> [1] http://fedoraproject.org/wiki/FirewallD#Runtime_zone_handling
> [2] tel:1.403.266.1513
> [3] tel:1.403.919.5699
> [4] http://www.blackpenguin.org
> [5]
> http://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
> [6]
> http://samba.2283325.n4.nabble.com/Cannot-see-the-domain-controller-tp4648145p4648203.html
> [7] http://PDC.BLACKPENGUIN.ORG
More information about the samba-technical
mailing list