[Samba] Error while contacting ADS from Samba server

Doug VanLeuven roamdad at sonic.net
Sat Jul 28 07:20:13 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rahul wrote:
> Hi List,
>         We have a problem in connecting ADS server from SAMBA. Whenever we
> try to contact the
> ADS server from the Samba its giving error as LDAP_NO_RESULTS_RETURNED.
<snip>
>   doing parameter write cache size = 262144
> [2007/07/26 23:56:48, 1] param/loadparm.c:lp_do_parameter(3283)
>   WARNING: The "write cache size" option is deprecated
>   doing parameter read size = 65536
> [2007/07/26 23:56:48, 0] param/loadparm.c:map_parameter(2536)
>   Unknown parameter encountered: "read size"

You really should run "testparm -sv 2>&1|less" and resolve any errors
first off.

<snip>
>   Probing module 'ANSI_X3.4-1968'
> [2007/07/26 23:56:48, 5] lib/module.c:smb_probe_module(115)
>   Probing module 'ANSI_X3.4-1968': Trying to load from
> /usr/local/arm/samba/lib/charset/ANSI_X3.4-1968.so
> [2007/07/26 23:56:48, 3] lib/module.c:do_smb_load_module(49)
>   Error loading module '/usr/local/arm/samba/lib/charset/ANSI_X3.4-1968.so':
> /usr/local/arm/samba/lib/charset/ANSI_X3.4-1968.so: cannot open shared
> object file: No such file or directory
> [2007/07/26 23:56:48, 5] lib/charcnv.c:charset_name(78)
>   Locale charset 'ANSI_X3.4-1968' unsupported, using ASCII instead

The code is doing what it can to let you know there are problems with
the basic configuration file, and possibly the installation.

<snip>
> [2007/07/26 23:56:50, 4] libsmb/namequery.c:get_dc_list(1406)
>   get_dc_list: returning 2 ip addresses in an unordered list
> [2007/07/26 23:56:50, 4] libsmb/namequery.c:get_dc_list(1407)
>   get_dc_list: 172.16.64.21:389 172.16.64.27:389
> [2007/07/26 23:56:50, 5] libads/ldap.c:ads_try_connect(123)
>   ads_try_connect: trying ldap server '172.16.64.21' port 389
> [2007/07/26 23:56:50, 3] libads/ldap.c:ads_connect(285)
>   Connected to LDAP server 172.16.64.21
> [2007/07/26 23:56:50, 1] libads/ldap.c:ads_connect(289)
>   Failed to get ldap server info
> [2007/07/26 23:56:50, 0] utils/net_ads.c:ads_startup(191)
>   ads_connect: No results returned
> [2007/07/26 23:56:50, 2] utils/net.c:main(873)
>   return code = -1

There are 2 DC's being found, but the connection is being refused like
you describe.

I thought (until samba4) that domain controller policy had to allow
anonymous connections, but I've found a messages that suggest this just
masks an underlying problem.

Security settings/local policy/security options/
  Allow anonymous SID/Name translation (enabled)
  Do not allow anonymous enumeration of SAM accounts (disabled)
  Do not allow anonymous enumeration of SAM accounts
                                          and shares (disabled)

See how they're set and maybe experiment with one or more settings.

Make sure the domain join is OK.

Try and fix the config files (obsolete & unknown values) and
installation (missing objects).  Over the years I've learned errors in
the config can have unpredictable impacts on performance.  Start
troubleshooting with a clean slate.

Regards, Doug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGqu4tFqWysr/jOHMRAiSKAJ9eN8hUx64DX6+CmsdkttYy2mmQbwCgvZ4S
y5rGYNTdkqSrOr09PW+npAM=
=OsgQ
-----END PGP SIGNATURE-----


More information about the samba mailing list