[Samba] Error NT_STATUS_CONNECTION_REFUSED (was :Classicupgrade loses shares ?)

Koenraad Lelong samba.k.lelong at ace-electronics.be
Tue Feb 25 08:56:07 MST 2014 

op 25-02-14 15:53, L.P.H. van Belle schreef:
> Try the following.
>
> dig a samba1.ad01.ace-electronics.be @localhost
>
> whats the output, if error, then your dns missing the A record of the server.
>
> add the server A record
> samba-tool dns add ad01.ace-electronics.be samba1 A 192.168.200.10
>
> and add the PTR for the server.
> samba-tool dns add 200.168.192.in-addr.arpa 10 PTR samba1.ad01.ace-electronics.be
                     ^ server address needed
>
> and test again.
>
> Greetz,
>
> Louis
> 	
It seems there is no PTR record. But I can't add one (loglevel = 3 !).

First try is with the "new root" password (i.e. ubuntu's main user, with 
sudo su to be root) :
samba-tool dns add 127.0.0.1 200.168.192.in-addr.arpa 10 PTR 
samba1.ad01.ace-electronics.be
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'sasl-DIGEST-MD5' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:127.0.0.1[,sign]
Cannot do GSSAPI to an IP address
Got challenge flags:
Got NTLMSSP neg_flags=0x60898215
Password for [ACE_DOMAIN\root]: <password of "root">
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for 
50abc2a4-574d-40b3-9d66-ee4fd5fba076 at ncacn_ip_tcp:127.0.0.1[1024,sign] 
NT_STATUS_NET_WRITE_FAULT
ERROR(runtime): uncaught exception - (-1073741614, 
'NT_STATUS_NET_WRITE_FAULT')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 175, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 
1054, in run
     dns_conn = dns_connect(server, self.lp, self.creds)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 37, 
in dns_connect
     dns_conn = dnsserver.dnsserver(binding_str, lp, creds)

Second try with the password of an domain-admin of the old PDC.

samba-tool dns add 127.0.0.1 200.168.192.in-addr.arpa 10 PTR 
samba1.ad01.ace-electronics.be -U admikoen
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'sasl-DIGEST-MD5' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:127.0.0.1[,sign]
Cannot do GSSAPI to an IP address
Got challenge flags:
Got NTLMSSP neg_flags=0x60898215
Password for [ACE_DOMAIN\admikoen]: <password of domain-admin from old PDC>
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
ERROR(runtime): uncaught exception - (9714, 
'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 175, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 
1065, in run
     0, server, zone, name, add_rec_buf, None)

Is there a PTR-zone ? Seems not :

samba-tool dns zonelist localhost -U admikoen
<loglevel 3 info removed>
Password for [ACE_DOMAIN\admikoen]:
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
   2 zone(s) found

   pszZoneName                 : ad01.ace-electronics.be
   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
   Version                     : 50
   dwDpFlags                   : DNS_DP_AUTOCREATED 
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
   pszDpFqdn                   : DomainDnsZones.ad01.ace-electronics.be

   pszZoneName                 : _msdcs.ad01.ace-electronics.be
   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
   Version                     : 50
   dwDpFlags                   : DNS_DP_AUTOCREATED 
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED

But I can't add one :

samba-tool dns zonecreate 127.0.0.1 200.168.192.in-addr.arpa -U admikoen
<loglevel 3 info removed>
Password for [ACE_DOMAIN\admikoen]:
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 175, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 
879, in run
     zone_create_info)

Are my conclusions right ?

Koenraad

More information about the samba mailing list