[Samba] Problem with AD users and groups

Ricky Nance ricky.nance at gmail.com
Fri Jun 7 08:51:03 MDT 2013


I'd double check on the samba server it self if you can connect to it using
smbclient... `smbclient //localhost/sysvol -Uadministrator` .... if that
fails try `smbclient //localhost/sysvol -d5 -Uadministrator` and paste the
output in your reply. If it succeeds then you can pretty much bet on a
connectivity issue... by the way, why isn't samba listening on port 88 in
your last mail? It might be worth it to try a `killall samba && sleep 5 &&
samba -i -M single -d3` and look for any error messages ... anyway those
are just a couple of my suggestions.

Ricky


On Thu, Jun 6, 2013 at 8:30 PM, Marcelo Ruriani <
systemadmin at helpinghandsofgreenup.org> wrote:

> On 6/6/13 5:15 PM, Marc Muehlfeld wrote:
>
>> Hello Marcelo,
>>
>> Am 06.06.2013 22:47, schrieb Marcelo Ruriani:
>>
>>> It seems I locked myself out. I have tried these steps: turn off the
>>> firewall, ntacl sysvol reset, and dis-join from domain.
>>> The ntacl sysvol reset returns errors (which I'll post if necessary) the
>>> dis-join worked fine but I cannot re-join to the domain because it
>>> doesn't detect our domain and throws up an error "domain could not be
>>> contacted" and "DNS name doesn't exist".
>>>
>>
>> * IP connection between the hosts is fine? (ping each other)
>>
>> * Do you use the internal DNS or Bind DLZ?
>>
>> * Is Samba/Bind listening on port 53? Use 'netstat -taunp', to make sure,
>> that nothing else is listening on this port and prevent the correct DNS to
>> start up.
>>
>> * Can you check: https://wiki.samba.org/index.**
>> php/Samba_AD_DC_HOWTO#Testing_**DNS<https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Testing_DNS>
>>
>>
>>
>> Regards,
>> Marc
>>
> Dear List & Mark,
>
>     Thank you for the reply. To answer your questions. I am using the
> internal DNS. The DNS testing reveals that host -t SRV _ldap (and so on)
> plus host -t SRV _kerberos (and so on) return with a "not found" error. The
> A record test works fine.
>
> Samba is listening on TCP port 53, 636, 1024, 3268, 3269, 389, 135 (and
> UDP 53)
> smbd is listening on TCP port 139, 445
>
> The clients ping the server (ip and domain name) fine and the server pings
> the clients fine.
>
> My followup question will appear after this reply.
>
> Marcelo
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>


More information about the samba mailing list