[Samba] RPC, DCOM, 1745 and Other Errors

James lingpanda101 at gmail.com
Mon Sep 29 08:59:26 MDT 2014 

Hello Thomas,

     I've only been able to get shares working correctly if I gave the 
file share read,write, execute for all permissions(chmod 777). I then 
use Windows to set the ACL's. Based on the Wiki it's not needed but I've 
never had any luck without using it.

On 9/29/2014 9:32 AM, Thomas Mulkey wrote:
> I am evaluating Samba 4 as a replacement for our existing Windows 2003 servers, as the cost to license 2008 and CALS is not going to be in my companies budget.  Bear with me, as I have some basic experience with Linux and know a few things, I am by no means a fully trained Linux or Samba Jedi.
>
> My test environment goal is to have two Active Directory Domain Controllers and one Member Server with File Shares all running on Samba
>
> So far I have setup one AD Domain Controller (AD1)  I downloaded and compiled the latest source code doing the git mirror thing, and am running Samba 4.2.0prel-GIT-043585F on CentOS  6.5.  I used this HOWTO to configure the AD DC:  http://www.alexwyn.com/computer-tips/centos-samba4-active-directory-domain-controller
>
> This process all went smooth, and I was able to join my Windows 7 test machines to the domain and login successfully and use the RSAT tools successfully.
>
> I then setup the File server and made it a member server and joined it successfully to the domain, using these instructions here:  https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
>
> This went as expected
>
> I then setup my test share on the file server using the directions here: https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs
>
> I actually partitioned/formatted a second disk with ext4 and put it in /etc/fstab with the user_xattr,acl support
>
> When I then go to remotely manage the share via a Win7 workstation and I go to computer manager and open the test file server (FS1) at first it looks good.  I then click on the "System Tools" section to expand it and I get "Event Viewer cannot connect to the computer FS1: The error reported is the RPC Server is unavailable"  I click OK on the error and it then say again it is connecting to FS1 and expand the section where I can see the Shared Folders.  As soon as I expand shared folders and click on shared I get the following "You do not have permissions to see the list of shares for Windows clients" and I will not let me see the shares.
>
> I then decided to make a share right on the Domain Controller itself, to see if it was something on the file server or something on the workstation.  When I go to computer management and connect to the DC (AD1)it connects, but when I expand System Tools, I get the following error "The Procedure Number is out of Range(1745)"  However after clicking "OK" on this error I am able to see and manage the Share and permissions as expected
>
> I have been scouring the net for 2 days to try to find and answer and I am at a standstill as to what to do next to fix or further troubleshoot the issue.  Any help or ideas would be greatly appreciated.
>
> Here is the smb.conf on my Domain Controller
>
> #Global parameters
> [global]
>          workgroup = INCENTA
>          realm = INCENTA.LOCAL
>          netbios name = AD1
>          server role = active directory domain controller
>          dns forwarder = 8.8.8.8
>          vfs objects = acl_xattr
>          map acl inherit = Yes
>          store dos attributes = Yes
>
> [netlogon]
>          path = /usr/local/samba/var/locks/sysvol/incenta.local/scripts
>          read only = No
>
> [sysvol]
>          path = /usr/local/samba/var/locks/sysvol
>          read only = No
>
> [Demo]
> path = /DATA/Demo
> read only = no
>
>
>
> Here is the smb.conf on my file server
>
> [global]
>
>     netbios name = FS1
>     workgroup = INCENTA
>     security = ADS
>     realm = INCENTA.LOCAL
>     encrypt passwords = yes
>
>     idmap config *:backend = tdb
>     idmap config *:range = 70001=80000
>     idmap config INCENTA:backend = ad
>     idmap config INCENTA:schema_mode = rfc2307
>     idmap config INCENTA:range = 500-40000
>
>     winbind nss info = rfc2307
>     winbind trusted domains only = no
>     winbind use default domain = yes
>     winbind enum users = yes
>     winbind enum groups = yes
>
>     vfs objects = acl_xattr
>     map acl inherit = Yes
>     store dos attributes = Yes
>
>
> [Demo]
> path = /DATA/Demo
> read only = no
>
>
>
>
>
>
>
>

-- 
-James

More information about the samba mailing list