[Samba] Eventlog not viewable from Windows in domain member config

[Joe Frank]

I've configured a domain member server using version 4.4.7 on FreeBSD. I'm able to manage groups and shares from the Computer Management tool on a Windows 2008 server, but when I connect to the samba member server the following error occurs:

Event Viewer cannot connect to computer 'XXXXXX'. The error reported is : The RPC server is unavailable.

Clicking OK allows me to proceed.

To get rid of the message I've tried configuring an event log and saving a message. Accessing the log information locally using eventlogadm seems to work. Using rpcclient I can get the number of log entries. Other commands don't generate errors but don't output any information. Running rpcclient eventlog commands with debug 10 shows a lot of appropriate looking activity.

Running a packet trace while loading the event viewer on the Windows server shows registry queries but no event log specific DCERPC request.

Here's my smb.conf file:

[global]
        printcap name = /dev/null
        load printers = no
        strict sync = yes
        reset on zero vc = yes
        deadtime = 15
        hide dot files = no
        force unknown acl user = yes
        guest account = guest
        kernel oplocks = no
        log level = 1
        eventlog list = Application Security System
        logging = syslog file at 0
        vfs objects = zfsacl streams_depot
        nfs4:chown = yes
        ea support = yes
        streams_depot:delete_lost = yes
        store dos attributes = yes
        veto files = /:STREAM/
        registry shares = yes

        idmap config * : backend = autorid
        idmap config * : rangesize = 1000000
        idmap config * : range = 1000000-19999999

        create mode = 0664
        directory mode = 01775

        security = ads
        workgroup = DVTAD
        realm = DVTAD.LOCAL

Thanks in advance for any pointers you can give.