[Samba] SOLVED Re: NT_STATUS_CONNECTION_REFUSED
Bob of Donelson Trophy
bob at donelsontrophy.net
Wed Feb 25 20:03:20 MST 2015
Rowland,
It appears that you were "right on."
I removed the "service bind9 stop &&" from line 449 (as bind9 was
already stopped, why stop it again) and ran the script on my VM. All the
"NT_STATUS_CONNECTION_REFUSED" warnings were gone.
Thanks!!
---
-------------------------
Bob Wooden of Donelson Trophy
615.885.2846 (main)
www.donelsontrophy.com [1]
"Everyone deserves an award!!"
On 2015-02-25 16:04, Rowland Penny wrote:
> On 25/02/15 21:38, Bob of Donelson Trophy wrote:
>
>> I had to go do something else and have returned. I discovered that I hadn't gone back far enough. This complaint first appears here: ==========Enable bind gssapi and bind9_DLZ =============================== [....] Stopping domain name service...: bind9rndc: connect failed: 127.0.0.1#953: connection refused . ok [ ok ] Starting domain name service...: bind9. Notice the "refused" appearance. As there is no firewall on this machine, yet, port 953 is not blocked. This DC appears to operating correctly despite this. This may be a 'bind9' issue? Or?
>
> Hi Bob, That is a bug in Louis's script (sorry Louis, but it is )
>
> If you look at line 294:
>
> service bind9 stop
>
> Then at line 449:
>
> service bind9 stop && service bind9 start
>
> There is nothing between those lines that starts Bind, so when the second line tries to stop bind9, there is is nothing to stop, so of course it gets refused :-)
>
> If you look a bit further, where resolv.conf gets set, there is this:
>
> cat << EOF > /etc/resolv.conf
> search ${SETDNSDOMAIN}
> domain ${SETDNSDOMAIN}
> nameserver ${SETIPDC1}
> EOF
>
> Now, if you use both 'search' & 'domain' in resolv.conf, which ever is second wins, as they are mutually exclusive (see 'man resolv.conf)
>
> Remove the domain line
>
> Have you tried running the line that failed manually ?
>
> echo ${SETNTPASSWD}| net rpc rights grant ${SETNTDOM}\"Domain Admins" SeDiskOperatorPrivilege -UAdministrator
>
> Rowland
Links:
------
[1] http://www.donelsontrophy.com
More information about the samba
mailing list