[Samba] net ads testjoin OK, net rpc testjoin fails

Russell Ault russell at auksnest.ca
Thu Aug 11 21:07:59 UTC 2016


Hello (again) all!

After successfully joining my Debian Jessie box to my Server 2012R2-based domain as a domain member, I've run into another snag. The installation worked successful for a couple days as a file server, and then after a while I stopped being able to access the file server. After trying various trouble-shooting steps (including nuking the samba and winbind installations and reinstalling) I'm left in the following scenario:

root at domain-member:~# net ads testjoin
Join is OK
root at domain-member:~# net ads info
LDAP server: 192.168.0.34
LDAP server name: ad-domain-controller.domain.local
Realm: DOMAIN.LOCAL
Bind Path: dc=DOMAIN,dc=LOCAL
LDAP port: 389
Server time: Thu, 11 Aug 2016 14:57:38 MDT
KDC server: 192.168.0.34
Server time offset: 0
root at domain-member:~# net rpc testjoin -d10
INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
  scavenger: 10
  dns: 10
  ldb: 10
lp_load_ex: refreshing parameters
Initialising global parameters
INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
  scavenger: 10
  dns: 10
  ldb: 10
Processing section "[global]"
doing parameter netbios name = DOMAIN-MEMBER
doing parameter security = ADS
doing parameter workgroup = DOMAIN
doing parameter realm = DOMAIN.LOCAL
doing parameter idmap config *:backend = tdb
doing parameter idmap config *:range = 2000-9999
doing parameter idmap config DOMAIN:backend = ad
doing parameter idmap config DOMAIN:schema_mode = rfc2307
doing parameter idmap config DOMAIN:range = 10000-99999
doing parameter winbind enum users = yes
doing parameter winbind enum groups = yes
doing parameter winbind use default domain = yes
doing parameter winbind nss info = template
doing parameter template shell = /bin/bash
doing parameter template homedir = /home/%U
doing parameter vfs objects = acl_xattr
doing parameter map acl inherit = yes
doing parameter store dos attributes = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
Netbios name list:-
my_netbios_names[0]="DOMAIN-MEMBER"
added interface eth0 ip=192.168.0.37 bcast=192.168.0.255 netmask=255.255.255.0
Registering messaging pointer for type 2 - private_data=(nil)
Registering messaging pointer for type 9 - private_data=(nil)
Registered MSG_REQ_POOL_USAGE
Registering messaging pointer for type 11 - private_data=(nil)
Registering messaging pointer for type 12 - private_data=(nil)
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Registering messaging pointer for type 1 - private_data=(nil)
Registering messaging pointer for type 5 - private_data=(nil)
Opening cache file at /var/cache/samba/gencache.tdb
Opening cache file at /var/run/samba/gencache_notrans.tdb
sitename_fetch: Returning sitename for DOMAIN: "Default-First-Site-Name"
dsgetdcname_internal: domain_name: DOMAIN, domain_guid: (null), site_name: Default-First-Site-Name, flags: 0x40000000
debug_dsdcinfo_flags: 0x40000000
        DS_RETURN_DNS_NAME
dsgetdcname_internal: domain_name: DOMAIN, domain_guid: (null), site_name: Default-First-Site-Name, flags: 0x40000001
debug_dsdcinfo_flags: 0x40000001
        DS_FORCE_REDISCOVERY DS_RETURN_DNS_NAME
dsgetdcname_rediscover
dns_send_req: Failed to resolve _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.DOMAIN (Success)
ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL)
dns_send_req: Failed to resolve _ldap._tcp.dc._msdcs.DOMAIN (Success)
ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL)
internal_resolve_name: looking up DOMAIN#1c (sitename (null))
no entry for DOMAIN#1C found.
resolve_lmhosts: Attempting lmhosts lookup for name DOMAIN<0x1c>
resolve_lmhosts: Attempting lmhosts lookup for name DOMAIN<0x1c>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
resolve_wins: WINS server resolution selected and no WINS servers listed.
name_resolve_bcast: Attempting broadcast lookup for name DOMAIN<0x1c>
discover_dc_netbios: failed to find DC
dsgetdcname_rediscover
dns_send_req: Failed to resolve _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.DOMAIN (Success)
ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL)
dns_send_req: Failed to resolve _ldap._tcp.dc._msdcs.DOMAIN (Success)
ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL)
internal_resolve_name: looking up DOMAIN#1c (sitename (null))
no entry for DOMAIN#1C found.
resolve_lmhosts: Attempting lmhosts lookup for name DOMAIN<0x1c>
resolve_lmhosts: Attempting lmhosts lookup for name DOMAIN<0x1c>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
resolve_wins: WINS server resolution selected and no WINS servers listed.
name_resolve_bcast: Attempting broadcast lookup for name DOMAIN<0x1c>
discover_dc_netbios: failed to find DC
return code = -1
Freeing parametrics:
root at domain-member:~# cat /etc/samba/smb.conf
[global]
  netbios name = DOMAIN-MEMBER
  security  = ADS
  workgroup = DOMAIN
  realm = DOMAIN.LOCAL

  idmap config *:backend = tdb
  idmap config *:range = 2000-9999

  idmap config DOMAIN:backend = ad
  idmap config DOMAIN:schema_mode = rfc2307
  idmap config DOMAIN:range = 10000-99999

  winbind enum users = yes
  winbind enum groups = yes
  winbind use default domain = yes
  winbind nss info = template
  template shell = /bin/bash
  template homedir = /home/%U

  vfs objects = acl_xattr
  map acl inherit = yes
  store dos attributes = yes

[upload]
  path = /var/www/upload
  read only = no
  admin users = "@DOMAIN\Domain Admins"



More information about the samba mailing list