[Samba] RPC, DCOM, 1745 and Other Errors
Thomas Mulkey
tmulkey at incentafcu.org
Mon Sep 29 07:32:52 MDT 2014
I am evaluating Samba 4 as a replacement for our existing Windows 2003 servers, as the cost to license 2008 and CALS is not going to be in my companies budget. Bear with me, as I have some basic experience with Linux and know a few things, I am by no means a fully trained Linux or Samba Jedi.
My test environment goal is to have two Active Directory Domain Controllers and one Member Server with File Shares all running on Samba
So far I have setup one AD Domain Controller (AD1) I downloaded and compiled the latest source code doing the git mirror thing, and am running Samba 4.2.0prel-GIT-043585F on CentOS 6.5. I used this HOWTO to configure the AD DC: http://www.alexwyn.com/computer-tips/centos-samba4-active-directory-domain-controller
This process all went smooth, and I was able to join my Windows 7 test machines to the domain and login successfully and use the RSAT tools successfully.
I then setup the File server and made it a member server and joined it successfully to the domain, using these instructions here: https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
This went as expected
I then setup my test share on the file server using the directions here: https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs
I actually partitioned/formatted a second disk with ext4 and put it in /etc/fstab with the user_xattr,acl support
When I then go to remotely manage the share via a Win7 workstation and I go to computer manager and open the test file server (FS1) at first it looks good. I then click on the "System Tools" section to expand it and I get "Event Viewer cannot connect to the computer FS1: The error reported is the RPC Server is unavailable" I click OK on the error and it then say again it is connecting to FS1 and expand the section where I can see the Shared Folders. As soon as I expand shared folders and click on shared I get the following "You do not have permissions to see the list of shares for Windows clients" and I will not let me see the shares.
I then decided to make a share right on the Domain Controller itself, to see if it was something on the file server or something on the workstation. When I go to computer management and connect to the DC (AD1)it connects, but when I expand System Tools, I get the following error "The Procedure Number is out of Range(1745)" However after clicking "OK" on this error I am able to see and manage the Share and permissions as expected
I have been scouring the net for 2 days to try to find and answer and I am at a standstill as to what to do next to fix or further troubleshoot the issue. Any help or ideas would be greatly appreciated.
Here is the smb.conf on my Domain Controller
#Global parameters
[global]
workgroup = INCENTA
realm = INCENTA.LOCAL
netbios name = AD1
server role = active directory domain controller
dns forwarder = 8.8.8.8
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
[netlogon]
path = /usr/local/samba/var/locks/sysvol/incenta.local/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[Demo]
path = /DATA/Demo
read only = no
Here is the smb.conf on my file server
[global]
netbios name = FS1
workgroup = INCENTA
security = ADS
realm = INCENTA.LOCAL
encrypt passwords = yes
idmap config *:backend = tdb
idmap config *:range = 70001=80000
idmap config INCENTA:backend = ad
idmap config INCENTA:schema_mode = rfc2307
idmap config INCENTA:range = 500-40000
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
[Demo]
path = /DATA/Demo
read only = no
More information about the samba
mailing list