[Samba] Problem with AD users and groups

Ricky Nance ricky.nance at gmail.com
Fri Jun 7 08:51:03 MDT 2013

I'd double check on the samba server it self if you can connect to it using
smbclient... `smbclient //localhost/sysvol -Uadministrator` .... if that
fails try `smbclient //localhost/sysvol -d5 -Uadministrator` and paste the
output in your reply. If it succeeds then you can pretty much bet on a
connectivity issue... by the way, why isn't samba listening on port 88 in
your last mail? It might be worth it to try a `killall samba && sleep 5 &&
samba -i -M single -d3` and look for any error messages ... anyway those
are just a couple of my suggestions.


On Thu, Jun 6, 2013 at 8:30 PM, Marcelo Ruriani <
systemadmin at helpinghandsofgreenup.org> wrote:

> On 6/6/13 5:15 PM, Marc Muehlfeld wrote:
>> Hello Marcelo,
>> Am 06.06.2013 22:47, schrieb Marcelo Ruriani:
>>> It seems I locked myself out. I have tried these steps: turn off the
>>> firewall, ntacl sysvol reset, and dis-join from domain.
>>> The ntacl sysvol reset returns errors (which I'll post if necessary) the
>>> dis-join worked fine but I cannot re-join to the domain because it
>>> doesn't detect our domain and throws up an error "domain could not be
>>> contacted" and "DNS name doesn't exist".
>> * IP connection between the hosts is fine? (ping each other)
>> * Do you use the internal DNS or Bind DLZ?
>> * Is Samba/Bind listening on port 53? Use 'netstat -taunp', to make sure,
>> that nothing else is listening on this port and prevent the correct DNS to
>> start up.
>> * Can you check: https://wiki.samba.org/index.**
>> php/Samba_AD_DC_HOWTO#Testing_**DNS<https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Testing_DNS>
>> Regards,
>> Marc
> Dear List & Mark,
>     Thank you for the reply. To answer your questions. I am using the
> internal DNS. The DNS testing reveals that host -t SRV _ldap (and so on)
> plus host -t SRV _kerberos (and so on) return with a "not found" error. The
> A record test works fine.
> Samba is listening on TCP port 53, 636, 1024, 3268, 3269, 389, 135 (and
> UDP 53)
> smbd is listening on TCP port 139, 445
> The clients ping the server (ip and domain name) fine and the server pings
> the clients fine.
> My followup question will appear after this reply.
> Marcelo
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>

More information about the samba mailing list