[Samba] Samba 4.0.3 on CentOS 6.3 as PDC.
Mike Stroven
mike.stroven at visole-energy.com
Mon Mar 18 08:08:11 MDT 2013
Hi Daniel,
Thanks for the reply. I have disabled portreserve service, and unfortunately did not see a change in behavior.
Mike Stroven, IT Manager
ViSole Energy, Inc.
5750 New King St., Suite 330
Troy, MI 48098
Office: 248 852-1300 x2115
Skype: mstroven
This email communication is confidential and is intended only for the individual(s) or entity named above and others who have been specifically authorized to receive it. It may contain confidential, proprietary or legally privileged information or may otherwise be protected by work product immunity or other legal rules. No confidentiality or privilege is waived or lost by any mis-transmission. If you are not the intended recipient, please do not read, copy, use or disclose the contents of this communication to others. Please notify the sender that you have received this email in error by replying to the email. Please then delete the email and any copies of it. Thank you.
Save a tree! Please don't print this e-mail unnecessarily.
----- Original Message -----
From: "Daniel Müller" <mueller at tropenklinik.de>
To: "Thomas Simmons" <twsnnva at gmail.com>, "Mike Stroven" <mike.stroven at visole-energy.com>
Cc: samba at lists.samba.org
Sent: Monday, March 18, 2013 3:52:02 AM
Subject: AW: [Samba] Samba 4.0.3 on CentOS 6.3 as PDC.
I had an issue with portreserve running. After shutdown the service samba4
on Centos 6.3 did run.
-----------------------------------------------
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Thomas Simmons
Gesendet: Samstag, 16. März 2013 18:26
An: Mike Stroven
Cc: samba at lists.samba.org
Betreff: Re: [Samba] Samba 4.0.3 on CentOS 6.3 as PDC.
On Tue, Feb 26, 2013 at 8:23 AM, Mike Stroven <
mike.stroven at visole-energy.com> wrote:
> Any help here? I have included all of the output of the suggested
> diags that Thomas said I should run, but I admit that I'm not sure
> what I'm looking for, as I'm not familiar with RPC functionality on Linux.
> Something is not working with RPC on my Samba 4.0.3 server. (FWIW,
> it doesn't work with IPTables stopped either.)
>
> > On Mon, Feb 25, 2013 at 2:21 PM, Mike Stroven wrote:
> >
> > > I finally have everything working that can be verified from the
> > > server
> command line. Running Bind9.8 with DLZ support.
> > > Verified Kerberos 5 running. Now attempting to join Windows XP
> machines to the domain, and am getting an error:
> > > "The RPC server is unavailable". Any pointers?
> > >
>
> On Mon, Feb 25, 2013 at 6:55 PM, Thomas Simmons wrote:
> > You're likely to get more support on the user's list (
> samba at lists.samba.org).
> >
> > If you're certain everything is working on the server and the client
> > network config is correct (you have the DC's IP as the primary DNS
> server),
> > then my first guess would be iptables or selinux. If you need
> > further assistance, output from the following commands would be useful:
> >
>
>
> > # test samba
>
> [root at grumpy ~]# /usr/local/samba/bin/smbclient //grumpy/netlogon
> -UAdministrator%'**********' -c ls Domain=[TROY] OS=[Unix]
> Server=[Samba 4.0.3]
> . D 0 Mon Feb 25 09:53:33 2013
> .. D 0 Fri Feb 22 17:09:24 2013
>
> 40757 blocks of size 131072. 20332 blocks available
>
>
> > # test kerberos
>
> [root at grumpy ~]# kinit Administrator at VISOLE-ENERGY.COM Password for
> Administrator at VISOLE-ENERGY.COM:
> Warning: Your password will expire in 41 days on Mon Apr 8 18:14:03
> 2013
>
>
> > # check iptables
>
> [root at grumpy ~]# iptables -nL
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:22 /* SSH */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:53 /* DNS */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:53 /* DNS UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:80 /* HTTP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:88 /* Kerberos */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:123 /* NTP */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:135 /* RPC UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:135 /* RPC TCP */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:138 /* NetBIOS Netlogon and Browsing */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:139 /* NetBIOS Session */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:389 /* LDAP UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:443 /* HTTPS */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:445 /* SMB CIFS */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:445 /* SMB CIFS UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:464 /* Kerberos Password Management */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:464 /* Kerberos Password Management UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:636 /* LDAP SSL */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:3268 /* LDAP Global Catalog */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:3269 /* LDAP Global Catalog SSL */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:10000 /* Webmin */
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
>
> > # check selinux
>
> root at grumpy ~]# sestatus
> SELinux status: disabled
>
>
> > # netstat output
>
> [root at grumpy ~]# netstat -anp
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State PID/Program name
> tcp 0 0 0.0.0.0:3269 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 0 0.0.0.0:389 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 0 0.0.0.0:39689 0.0.0.0:*
> LISTEN 922/rpc.statd
> tcp 0 0 0.0.0.0:139 0.0.0.0:*
> LISTEN 1111/smbd
> tcp 0 0 0.0.0.0:111 0.0.0.0:*
> LISTEN 904/rpcbind
> tcp 0 0 0.0.0.0:10000 0.0.0.0:*
> LISTEN 1150/perl
> tcp 0 0 0.0.0.0:464 0.0.0.0:*
> LISTEN 1116/samba
> tcp 0 0 192.168.60.200:53 0.0.0.0:*
> LISTEN 882/named
> tcp 0 0 127.0.0.1:53 0.0.0.0:*
> LISTEN 882/named
> tcp 0 0 0.0.0.0:22 0.0.0.0:*
> LISTEN 1091/sshd
> tcp 0 0 0.0.0.0:88 0.0.0.0:*
> LISTEN 1116/samba
> tcp 0 0 127.0.0.1:953 0.0.0.0:*
> LISTEN 882/named
> tcp 0 0 0.0.0.0:636 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 0 0.0.0.0:445 0.0.0.0:*
> LISTEN 1111/smbd
> tcp 0 0 0.0.0.0:1024 0.0.0.0:*
> LISTEN 1110/samba
> tcp 0 0 0.0.0.0:3268 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 48 192.168.60.200:22 192.168.63.102:51832
> ESTABLISHED 4081/sshd
> tcp 0 0 :::3269 :::*
> LISTEN 1114/samba
> tcp 0 0 :::389 :::*
> LISTEN 1114/samba
> tcp 0 0 :::139 :::*
> LISTEN 1111/smbd
> tcp 0 0 :::111 :::*
> LISTEN 904/rpcbind
> tcp 0 0 :::464 :::*
> LISTEN 1116/samba
> tcp 0 0 :::53012 :::*
> LISTEN 922/rpc.statd
> tcp 0 0 :::22 :::*
> LISTEN 1091/sshd
> tcp 0 0 :::88 :::*
> LISTEN 1116/samba
> tcp 0 0 ::1:953 :::*
> LISTEN 882/named
> tcp 0 0 :::636 :::*
> LISTEN 1114/samba
> tcp 0 0 :::445 :::*
> LISTEN 1111/smbd
> tcp 0 0 :::1024 :::*
> LISTEN 1110/samba
> tcp 0 0 :::3268 :::*
> LISTEN 1114/samba
> udp 0 0 192.168.60.200:464 0.0.0.0:*
> 1116/samba
> udp 0 0 0.0.0.0:464 0.0.0.0:*
> 1116/samba
> udp 0 0 192.168.60.200:88 0.0.0.0:*
> 1116/samba
> udp 0 0 0.0.0.0:88 0.0.0.0:*
> 1116/samba
> udp 0 0 0.0.0.0:750 0.0.0.0:*
> 861/portreserve
> udp 0 0 0.0.0.0:111 0.0.0.0:*
> 904/rpcbind
> udp 0 0 192.168.60.200:123 0.0.0.0:*
> 1138/ntpd
> udp 0 0 127.0.0.1:123 0.0.0.0:*
> 1138/ntpd
> udp 0 0 0.0.0.0:123 0.0.0.0:*
> 1138/ntpd
> udp 0 0 192.168.60.200:389 0.0.0.0:*
> 1115/samba
> udp 0 0 0.0.0.0:389 0.0.0.0:*
> 1115/samba
> udp 0 0 192.168.60.200:137 0.0.0.0:*
> 1112/samba
> udp 0 0 192.168.63.255:137 0.0.0.0:*
> 1112/samba
> udp 0 0 0.0.0.0:137 0.0.0.0:*
> 1112/samba
> udp 0 0 192.168.60.200:138 0.0.0.0:*
> 1112/samba
> udp 0 0 192.168.63.255:138 0.0.0.0:*
> 1112/samba
> udp 0 0 0.0.0.0:138 0.0.0.0:*
> 1112/samba
> udp 0 0 0.0.0.0:655 0.0.0.0:*
> 904/rpcbind
> udp 0 0 0.0.0.0:10000 0.0.0.0:*
> 1150/perl
> udp 0 0 0.0.0.0:44959 0.0.0.0:*
> 922/rpc.statd
> udp 0 0 0.0.0.0:674 0.0.0.0:*
> 922/rpc.statd
> udp 0 0 192.168.60.200:53 0.0.0.0:*
> 882/named
> udp 0 0 127.0.0.1:53 0.0.0.0:*
> 882/named
> udp 0 0 fe80::389a:99ff:febe:379:464 :::*
> 1116/samba
> udp 0 0 :::464 :::*
> 1116/samba
> udp 0 0 fe80::389a:99ff:febe:3797:88 :::*
> 1116/samba
> udp 0 0 :::88 :::*
> 1116/samba
> udp 0 0 :::111 :::*
> 904/rpcbind
> udp 0 0 fe80::389a:99ff:febe:379:123 :::*
> 1138/ntpd
> udp 0 0 ::1:123 :::*
> 1138/ntpd
> udp 0 0 :::123 :::*
> 1138/ntpd
> udp 0 0 fe80::389a:99ff:febe:379:389 :::*
> 1115/samba
> udp 0 0 :::389 :::*
> 1115/samba
> udp 0 0 :::655 :::*
> 904/rpcbind
> udp 0 0 :::53046 :::*
> 922/rpc.statd
> Active UNIX domain sockets (servers and established)
> Proto RefCnt Flags Type State I-Node PID/Program name
> Path
> unix 2 [ ACC ] STREAM LISTENING 8689 1110/samba
> /usr/local/samba/var/run/ncalrpc/np/winreg
> unix 2 [ ] DGRAM 8672 1113/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1113
> unix 2 [ ] DGRAM 8674 1114/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1114
> unix 2 [ ] DGRAM 8691 1115/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1115
> unix 2 [ ] DGRAM 8710 1116/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1116
> unix 2 [ ] DGRAM 8717 1117/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1117
> unix 2 [ ACC ] STREAM LISTENING 8878 1114/samba
> /usr/local/samba/private/ldapi
> unix 2 [ ACC ] STREAM LISTENING 8880 1114/samba
> /usr/local/samba/private/ldap_priv/ldapi
> unix 2 [ ] DGRAM 8719 1118/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1118
> unix 2 [ ACC ] STREAM LISTENING 8756 1118/samba
> /usr/local/samba/var/run/winbindd/pipe
> unix 2 [ ACC ] STREAM LISTENING 8758 1118/samba
> /usr/local/samba/var/lib/winbindd_privileged/pipe
> unix 2 [ ] DGRAM 8652 1109/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1109
> unix 2 [ ] DGRAM 8752 1119/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1119
> unix 2 [ ACC ] STREAM LISTENING 8509 1059/dbus-daemon
> /var/run/dbus/system_bus_socket
> unix 2 [ ACC ] STREAM LISTENING 8754 1119/samba
> /usr/local/samba/var/lib/ntp_signd/socket
> unix 2 [ ] DGRAM 8760 1120/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1120
> unix 2 [ ] DGRAM 8763 1121/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1121
> unix 2 [ ] DGRAM 9055 1118/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1118.28
> unix 2 [ ACC ] STREAM LISTENING 8676 1110/samba
> /usr/local/samba/var/run/ncalrpc/np/srvsvc
> unix 2 [ ACC ] STREAM LISTENING 8678 1110/samba
> /usr/local/samba/var/run/ncalrpc/DEFAULT
> unix 2 [ ] DGRAM 8657 1110/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1110
> unix 2 [ ] DGRAM 7754 861/portreserve
> /var/run/portreserve/socket
> unix 2 [ ACC ] STREAM LISTENING 6569 1/init
> @/com/ubuntu/upstart
> unix 9 [ ] DGRAM 7785 868/rsyslogd
> /dev/log
> unix 2 [ ] DGRAM 6706 319/udevd
> @/org/kernel/udev/udevd
> unix 2 [ ] DGRAM 8648 1107/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.0
> unix 2 [ ] DGRAM 8659 1112/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1112
> unix 2 [ ACC ] STREAM LISTENING 7969 904/rpcbind
> /var/run/rpcbind.sock
> unix 2 [ ] DGRAM 63732 4081/sshd
> unix 2 [ ] DGRAM 9193 1150/perl
> unix 3 [ ] STREAM CONNECTED 9054 1118/samba
> /usr/local/samba/var/lib/winbindd_privileged/pipe
> unix 3 [ ] STREAM CONNECTED 9053 1111/smbd
> unix 2 [ ] DGRAM 9012 1138/ntpd
> unix 2 [ ] DGRAM 8771 1111/smbd
> unix 2 [ ] DGRAM 8625 1099/crond
> unix 3 [ ] STREAM CONNECTED 8521 1059/dbus-daemon
> /var/run/dbus/system_bus_socket
> unix 3 [ ] STREAM CONNECTED 8520 1/init
> unix 3 [ ] STREAM CONNECTED 8514 1059/dbus-daemon
> unix 3 [ ] STREAM CONNECTED 8513 1059/dbus-daemon
> unix 3 [ ] STREAM CONNECTED 8419 1031/rpc.idmapd
> unix 3 [ ] STREAM CONNECTED 8418 1031/rpc.idmapd
> unix 2 [ ] DGRAM 8056 922/rpc.statd
> unix 2 [ ] DGRAM 7811 882/named
> unix 3 [ ] STREAM CONNECTED 7722 842/audispd
> unix 3 [ ] STREAM CONNECTED 7721 843/sedispatch
> unix 3 [ ] STREAM CONNECTED 7712 840/auditd
> unix 3 [ ] STREAM CONNECTED 7711 842/audispd
> unix 3 [ ] DGRAM 6724 319/udevd
> unix 3 [ ] DGRAM 6723 319/udevd
> >
>
Your server does not appear to be listening for RPC (TCP/135). Your netstat
output should show something like this:
[root at ADC1 ~]# netstat -anp|grep 135
tcp 0 0 0.0.0.0:135 0.0.0.0:*
LISTEN 20738/samba
tcp 0 0 :::135 :::*
LISTEN 20738/samba
Was this a standard S4 install following the Samba wiki? Do you have a
"server services" line in your smb.conf? Does it include "rpc"?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list