[Samba] Failed to join domain: failed to lookup DC info for domain '<EXAMPLE.COM>' over rpc: The object name is not found.

Miso Rapajić misorapajic at gmail.com
Thu May 26 10:19:27 UTC 2016


Try to ping from client to server with its hostname. Sounds like dns
problem.

ping server

Then try to ping its ip address.

Then try to add server address to host file.

Ex

192.168.8.30  server.example.com server

Best

M
On May 26, 2016 12:02, "Nico Speelman" <nico at speelmanrobben.nl> wrote:

> Hello,
>
> I've been trying to add a new server to my Samba 4 Active directory, but
> I've been failing so far. I'm running the command "net ads join -k" and it
> fails with "Failed to join domain: failed to lookup DC info for domain '<
> EXAMPLE.COM>' over rpc: The object name is not found." The answers I
> found so far imply a problem with the RPC service, but this seems to be
> running as the output of "netstat -plane | grep 135" suggests. I was unable
> to find any hint to the problems origin in my samba logs, but the output of
> "net ads join -k -d10" shows a lot more information. Unfortunately I am
> unable to filter through this all. I hope anyone is able to point me in the
> direction of a solution.
>
> My domain controller and client are running Debian testing with samba
> 4.4.3.
>
> Thank in advance,
> Nico Speelman
>
> output of "netstat -plane | grep 135" on the domain controllers:
> tcp        0      0 10.0.0.2:135            0.0.0.0:*
>  LISTEN      0          96682      8639/samba
> tcp        0      0 127.0.0.1:135           0.0.0.0:*
>  LISTEN      0          96679      8639/samba
> tcp6       0      0 2001:980:7912:1::2:135  :::*
> LISTEN      0          96681      8639/samba
> tcp6       0      0 ::1:135                 :::*
> LISTEN      0          96680      8639/samba
>
> output of "net ads join -k -d10" on the client:
> Failed to join domain: failed to lookup DC info for domain '<EXAMPLE.COM>'
> over rpc: The object name is not found.
>
>   rpc_cli: 10
>   passdb: 10
>   sam: 10
>   auth: 10
>   winbind: 10
>   vfs: 10
>   idmap: 10
>   quota: 10
>   acls: 10
>   locking: 10
>   msdfs: 10
>   dmapi: 10
>   registry: 10
>   scavenger: 10
>   dns: 10
>   ldb: 10
>   tevent: 10
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> INFO: Current debug levels:
>   all: 10
>   tdb: 10
>   printdrivers: 10
>   lanman: 10
>   smb: 10
>   rpc_parse: 10
>   rpc_srv: 10
>   rpc_cli: 10
>   passdb: 10
>   sam: 10
>   auth: 10
>   winbind: 10
>   vfs: 10
>   idmap: 10
>   quota: 10
>   acls: 10
>   locking: 10
>   msdfs: 10
>   dmapi: 10
>   registry: 10
>   scavenger: 10
>   dns: 10
>   ldb: 10
>   tevent: 10
> Processing section "[global]"
> doing parameter security = ADS
> doing parameter workgroup = <EXAMPLE>
> doing parameter realm = <example.com>
> doing parameter log file = /var/log/samba/%m.log
> doing parameter kerberos method = secrets and keytab
> doing parameter client signing = yes
> doing parameter client use spnego = yes
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> messaging_dgm_ref: messaging_dgm_init returned Success
> messaging_dgm_ref: unique = 18102182485556212140
> Registering messaging pointer for type 2 - private_data=(nil)
> Registering messaging pointer for type 9 - private_data=(nil)
> Registered MSG_REQ_POOL_USAGE
> Registering messaging pointer for type 11 - private_data=(nil)
> Registering messaging pointer for type 12 - private_data=(nil)
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> Registering messaging pointer for type 1 - private_data=(nil)
> Registering messaging pointer for type 5 - private_data=(nil)
> lp_load_ex: refreshing parameters
> Freeing parametrics:
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> INFO: Current debug levels:
>   all: 10
>   tdb: 10
>   printdrivers: 10
>   lanman: 10
>   smb: 10
>   rpc_parse: 10
>   rpc_srv: 10
>   rpc_cli: 10
>   passdb: 10
>   sam: 10
>   auth: 10
>   winbind: 10
>   vfs: 10
>   idmap: 10
>   quota: 10
>   acls: 10
>   locking: 10
>   msdfs: 10
>   dmapi: 10
>   registry: 10
>   scavenger: 10
>   dns: 10
>   ldb: 10
>   tevent: 10
> Processing section "[global]"
> doing parameter security = ADS
> doing parameter workgroup = <EXAMPLE>
> doing parameter realm = <example.com>
> doing parameter log file = /var/log/samba/%m.log
> doing parameter kerberos method = secrets and keytab
> doing parameter client signing = yes
> doing parameter client use spnego = yes
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> Netbios name list:-
> my_netbios_names[0]="HESTIA"
> added interface eth0 ip=<client_ipv6> bcast= netmask=ffff:ffff:ffff::
> added interface eth0 ip=10.0.0.8 bcast=10.0.1.255 netmask=255.255.254.0
> libnet_Join:
>     libnet_JoinCtx: struct libnet_JoinCtx
>         in: struct libnet_JoinCtx
>             dc_name                  : NULL
>             machine_name             : 'HESTIA'
>             domain_name              : *
>                 domain_name              : '<EXAMPLE.COM>'
>             domain_name_type         : JoinDomNameTypeDNS (1)
>             account_ou               : NULL
>             admin_account            : 'root'
>             admin_domain             : NULL
>             machine_password         : NULL
>             join_flags               : 0x00000023 (35)
>                    0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
>                    0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
>                    0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
>                    0: WKSSVC_JOIN_FLAGS_DEFER_SPN
>                    0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
>                    0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
>                    1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
>                    0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
>                    0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
>                    1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
>                    1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
>             os_version               : NULL
>             os_name                  : NULL
>             os_servicepack           : NULL
>             create_upn               : 0x00 (0)
>             upn                      : NULL
>             modify_config            : 0x00 (0)
>             ads                      : NULL
>             debug                    : 0x01 (1)
>             use_kerberos             : 0x01 (1)
>             secure_channel_type      : SEC_CHAN_WKSTA (2)
>             desired_encryption_types : 0x0000001f (31)
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/run/samba/gencache_notrans.tdb
> sitename_fetch: Returning sitename for <EXAMPLE.COM>:
> "Default-First-Site-Name"
> dsgetdcname_internal: domain_name: <EXAMPLE.COM>, domain_guid: (null),
> site_name: Default-First-Site-Name, flags: 0x40021011
> debug_dsdcinfo_flags: 0x40021011
>         DS_FORCE_REDISCOVERY DS_DIRECTORY_SERVICE_REQUIRED
> DS_WRITABLE_REQUIRED DS_IS_DNS_NAME DS_RETURN_DNS_NAME
> dsgetdcname_rediscover
> ads_dns_lookup_srv: 2 records returned in the answer section.
> ads_dns_parse_rr_srv: Parsed hera.<example.com> [0, 100, 389]
> ads_dns_parse_rr_srv: Parsed zeus.<example.com> [0, 100, 389]
> LDAP ping to hera.<example.com> (10.0.0.3)
>      &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>         command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>         sbz                      : 0x0000 (0)
>         server_type              : 0x000013fc (5116)
>                0: NBT_SERVER_PDC
>                1: NBT_SERVER_GC
>                1: NBT_SERVER_LDAP
>                1: NBT_SERVER_DS
>                1: NBT_SERVER_KDC
>                1: NBT_SERVER_TIMESERV
>                1: NBT_SERVER_CLOSEST
>                1: NBT_SERVER_WRITABLE
>                1: NBT_SERVER_GOOD_TIMESERV
>                0: NBT_SERVER_NDNC
>                0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                0: NBT_SERVER_ADS_WEB_SERVICE
>                0: NBT_SERVER_DS_8
>                0: NBT_SERVER_HAS_DNS_NAME
>                0: NBT_SERVER_IS_DEFAULT_NC
>                0: NBT_SERVER_FOREST_ROOT
>         domain_uuid              : 0a010b9d-11fb-451e-a979-daff97fca593
>         forest                   : '<example.com>'
>         dns_domain               : '<example.com>'
>         pdc_dns_name             : 'hera.<example.com>'
>         domain_name              : '<EXAMPLE>'
>         pdc_name                 : 'HERA'
>         user_name                : ''
>         server_site              : 'Default-First-Site-Name'
>         client_site              : 'Default-First-Site-Name'
>         sockaddr_size            : 0x00 (0)
>         sockaddr: struct nbt_sockaddr
>             sockaddr_family          : 0x00000000 (0)
>             pdc_ip                   : (null)
>             remaining                : DATA_BLOB length=0
>         next_closest_site        : NULL
>         nt_version               : 0x00000005 (5)
>                1: NETLOGON_NT_VERSION_1
>                0: NETLOGON_NT_VERSION_5
>                1: NETLOGON_NT_VERSION_5EX
>                0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                0: NETLOGON_NT_VERSION_PDC
>                0: NETLOGON_NT_VERSION_IP
>                0: NETLOGON_NT_VERSION_LOCAL
>                0: NETLOGON_NT_VERSION_GC
>         lmnt_token               : 0xffff (65535)
>         lm20_token               : 0xffff (65535)
> Adding cache entry with key=[DSGETDCNAME/DOMAIN/<EXAMPLE>] and timeout=[do
> mei 26 08:31:50 2016 CEST] (900 seconds ahead)
> sitename_store: realm = [<EXAMPLE>], sitename = [Default-First-Site-Name],
> expire = [2085923199]
> Did not store value for AD_SITENAME/DOMAIN/<EXAMPLE>, we already got it
> Adding cache entry with key=[DSGETDCNAME/DOMAIN/<EXAMPLE.COM>] and
> timeout=[do mei 26 08:31:50 2016 CEST] (900 seconds ahead)
> sitename_store: realm = [<example.com>], sitename =
> [Default-First-Site-Name], expire = [2085923199]
> Did not store value for AD_SITENAME/DOMAIN/<EXAMPLE.COM>, we already got
> it
> create_local_private_krb5_conf_for_domain: fname =
> /var/run/samba/smb_krb5/krb5.conf..JOIN, realm = <EXAMPLE.COM>, domain =
> .JOIN
> saf_fetch: failed to find server for "<EXAMPLE.COM>" domain
> get_dc_list: preferred server list: ", *"
> internal_resolve_name: looking up <EXAMPLE.COM>#dcdc (sitename
> Default-First-Site-Name)
> resolve_ads: Attempting to resolve KDCs for <EXAMPLE.COM> using DNS
> ads_dns_lookup_srv: 2 records returned in the answer section.
> ads_dns_parse_rr_srv: Parsed hera.<example.com> [0, 100, 88]
> ads_dns_parse_rr_srv: Parsed zeus.<example.com> [0, 100, 88]
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> internal_resolve_name: returning 6 addresses: <hera_ipv6_#1>:88
> <hera_ipv6_#2>:88 10.0.0.3:88 <zeus_ipv6_#1>:88 <zeus_ipv6_#2>:88
> 10.0.0.2:88
> Adding 6 DC's from auto lookup
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <hera_ipv6_#1>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <hera_ipv6_#2>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server 10.0.0.3
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <zeus_ipv6_#1>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <zeus_ipv6_#2>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server 10.0.0.2
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> get_dc_list: returning 6 ip addresses in an ordered list
> get_dc_list: 10.0.0.3:88 10.0.0.2:88 <hera_ipv6_#1>:88 <hera_ipv6_#2>:88
> <zeus_ipv6_#1>:88 <zeus_ipv6_#2>:88
> got 6 addresses from site Default-First-Site-Name search
> saf_fetch: failed to find server for "<EXAMPLE.COM>" domain
> get_dc_list: preferred server list: ", *"
> internal_resolve_name: looking up <EXAMPLE.COM>#dcdc (sitename (null))
> resolve_ads: Attempting to resolve KDCs for <EXAMPLE.COM> using DNS
> ads_dns_lookup_srv: 2 records returned in the answer section.
> ads_dns_parse_rr_srv: Parsed hera.<example.com> [0, 100, 88]
> ads_dns_parse_rr_srv: Parsed zeus.<example.com> [0, 100, 88]
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> internal_resolve_name: returning 6 addresses: <hera_ipv6_#1>:88
> <hera_ipv6_#2>:88 10.0.0.3:88 <zeus_ipv6_#1>:88 <zeus_ipv6_#2>:88
> 10.0.0.2:88
> Adding 6 DC's from auto lookup
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <hera_ipv6_#1>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <hera_ipv6_#2>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server 10.0.0.3
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <zeus_ipv6_#1>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server <zeus_ipv6_#2>
> check_negative_conn_cache returning result 0 for domain <EXAMPLE.COM>
> server 10.0.0.2
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> get_dc_list: returning 6 ip addresses in an ordered list
> get_dc_list: 10.0.0.3:88 10.0.0.2:88 <hera_ipv6_#1>:88 <hera_ipv6_#2>:88
> <zeus_ipv6_#1>:88 <zeus_ipv6_#2>:88
> got 6 addresses from site-less search
> 5 additional KDCs to test
>      &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>         command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>         sbz                      : 0x0000 (0)
>         server_type              : 0x000013fc (5116)
>                0: NBT_SERVER_PDC
>                1: NBT_SERVER_GC
>                1: NBT_SERVER_LDAP
>                1: NBT_SERVER_DS
>                1: NBT_SERVER_KDC
>                1: NBT_SERVER_TIMESERV
>                1: NBT_SERVER_CLOSEST
>                1: NBT_SERVER_WRITABLE
>                1: NBT_SERVER_GOOD_TIMESERV
>                0: NBT_SERVER_NDNC
>                0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                0: NBT_SERVER_ADS_WEB_SERVICE
>                0: NBT_SERVER_DS_8
>                0: NBT_SERVER_HAS_DNS_NAME
>                0: NBT_SERVER_IS_DEFAULT_NC
>                0: NBT_SERVER_FOREST_ROOT
>         domain_uuid              : 0a010b9d-11fb-451e-a979-daff97fca593
>         forest                   : '<example.com>'
>         dns_domain               : '<example.com>'
>         pdc_dns_name             : 'zeus.<example.com>'
>         domain_name              : '<EXAMPLE>'
>         pdc_name                 : 'ZEUS'
>         user_name                : ''
>         server_site              : 'Default-First-Site-Name'
>         client_site              : 'Default-First-Site-Name'
>         sockaddr_size            : 0x00 (0)
>         sockaddr: struct nbt_sockaddr
>             sockaddr_family          : 0x00000000 (0)
>             pdc_ip                   : (null)
>             remaining                : DATA_BLOB length=0
>         next_closest_site        : NULL
>         nt_version               : 0x00000005 (5)
>                1: NETLOGON_NT_VERSION_1
>                0: NETLOGON_NT_VERSION_5
>                1: NETLOGON_NT_VERSION_5EX
>                0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                0: NETLOGON_NT_VERSION_PDC
>                0: NETLOGON_NT_VERSION_IP
>                0: NETLOGON_NT_VERSION_LOCAL
>                0: NETLOGON_NT_VERSION_GC
>         lmnt_token               : 0xffff (65535)
>         lm20_token               : 0xffff (65535)
>      &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>         command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>         sbz                      : 0x0000 (0)
>         server_type              : 0x000013fc (5116)
>                0: NBT_SERVER_PDC
>                1: NBT_SERVER_GC
>                1: NBT_SERVER_LDAP
>                1: NBT_SERVER_DS
>                1: NBT_SERVER_KDC
>                1: NBT_SERVER_TIMESERV
>                1: NBT_SERVER_CLOSEST
>                1: NBT_SERVER_WRITABLE
>                1: NBT_SERVER_GOOD_TIMESERV
>                0: NBT_SERVER_NDNC
>                0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                0: NBT_SERVER_ADS_WEB_SERVICE
>                0: NBT_SERVER_DS_8
>                0: NBT_SERVER_HAS_DNS_NAME
>                0: NBT_SERVER_IS_DEFAULT_NC
>                0: NBT_SERVER_FOREST_ROOT
>         domain_uuid              : 0a010b9d-11fb-451e-a979-daff97fca593
>         forest                   : '<example.com>'
>         dns_domain               : '<example.com>'
>         pdc_dns_name             : 'hera.<example.com>'
>         domain_name              : '<EXAMPLE>'
>         pdc_name                 : 'HERA'
>         user_name                : ''
>         server_site              : 'Default-First-Site-Name'
>         client_site              : 'Default-First-Site-Name'
>         sockaddr_size            : 0x00 (0)
>         sockaddr: struct nbt_sockaddr
>             sockaddr_family          : 0x00000000 (0)
>             pdc_ip                   : (null)
>             remaining                : DATA_BLOB length=0
>         next_closest_site        : NULL
>         nt_version               : 0x00000005 (5)
>                1: NETLOGON_NT_VERSION_1
>                0: NETLOGON_NT_VERSION_5
>                1: NETLOGON_NT_VERSION_5EX
>                0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                0: NETLOGON_NT_VERSION_PDC
>                0: NETLOGON_NT_VERSION_IP
>                0: NETLOGON_NT_VERSION_LOCAL
>                0: NETLOGON_NT_VERSION_GC
>         lmnt_token               : 0xffff (65535)
>         lm20_token               : 0xffff (65535)
>      &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>         command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>         sbz                      : 0x0000 (0)
>         server_type              : 0x000013fc (5116)
>                0: NBT_SERVER_PDC
>                1: NBT_SERVER_GC
>                1: NBT_SERVER_LDAP
>                1: NBT_SERVER_DS
>                1: NBT_SERVER_KDC
>                1: NBT_SERVER_TIMESERV
>                1: NBT_SERVER_CLOSEST
>                1: NBT_SERVER_WRITABLE
>                1: NBT_SERVER_GOOD_TIMESERV
>                0: NBT_SERVER_NDNC
>                0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                0: NBT_SERVER_ADS_WEB_SERVICE
>                0: NBT_SERVER_DS_8
>                0: NBT_SERVER_HAS_DNS_NAME
>                0: NBT_SERVER_IS_DEFAULT_NC
>                0: NBT_SERVER_FOREST_ROOT
>         domain_uuid              : 0a010b9d-11fb-451e-a979-daff97fca593
>         forest                   : '<example.com>'
>         dns_domain               : '<example.com>'
>         pdc_dns_name             : 'zeus.<example.com>'
>         domain_name              : '<EXAMPLE>'
>         pdc_name                 : 'ZEUS'
>         user_name                : ''
>         server_site              : 'Default-First-Site-Name'
>         client_site              : 'Default-First-Site-Name'
>         sockaddr_size            : 0x00 (0)
>         sockaddr: struct nbt_sockaddr
>             sockaddr_family          : 0x00000000 (0)
>             pdc_ip                   : (null)
>             remaining                : DATA_BLOB length=0
>         next_closest_site        : NULL
>         nt_version               : 0x00000005 (5)
>                1: NETLOGON_NT_VERSION_1
>                0: NETLOGON_NT_VERSION_5
>                1: NETLOGON_NT_VERSION_5EX
>                0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                0: NETLOGON_NT_VERSION_PDC
>                0: NETLOGON_NT_VERSION_IP
>                0: NETLOGON_NT_VERSION_LOCAL
>                0: NETLOGON_NT_VERSION_GC
>         lmnt_token               : 0xffff (65535)
>         lm20_token               : 0xffff (65535)
> get_kdc_ip_string: Returning            kdc = 10.0.0.3
>                 kdc = 10.0.0.2
>                 kdc = [<hera_ipv6_#1>]:88
>                 kdc = [<zeus_ipv6_#1>]:88
>
> create_local_private_krb5_conf_for_domain: wrote file
> /var/run/samba/smb_krb5/krb5.conf..JOIN with realm <EXAMPLE.COM> KDC list
> =               kdc = 10.0.0.3
>                 kdc = 10.0.0.2
>                 kdc = [<hera_ipv6_#1>]:88
>                 kdc = [<zeus_ipv6_#1>]:88
>
> sitename_fetch: Returning sitename for <EXAMPLE.COM>:
> "Default-First-Site-Name"
> internal_resolve_name: looking up hera.<example.com>#20 (sitename
> Default-First-Site-Name)
> Adding cache entry with key=[NBT/HERA.<EXAMPLE.COM>#20] and timeout=[do
> jan  1 01:00:00 1970 CET] (-1464243411 seconds in the past)
> no entry for hera.<example.com>#20 found.
> resolve_hosts: Attempting host lookup for name hera.<example.com><0x20>
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> namecache_store: storing 3 addresses for hera.<example.com>#20:
> [<hera_ipv6_#1>],[<hera_ipv6_#2>],10.0.0.3
> Adding cache entry with key=[NBT/HERA.<EXAMPLE.COM>#20] and timeout=[do
> mei 26 08:27:51 2016 CEST] (660 seconds ahead)
> internal_resolve_name: returning 3 addresses: <hera_ipv6_#1>:0
> <hera_ipv6_#2>:0 10.0.0.3:0
> Connecting to <hera_ipv6_#1> at port 445
> Socket options:
>         SO_KEEPALIVE = 0
>         SO_REUSEADDR = 0
>         SO_BROADCAST = 0
>         TCP_NODELAY = 1
>         TCP_KEEPCNT = 9
>         TCP_KEEPIDLE = 7200
>         TCP_KEEPINTVL = 75
>         IPTOS_LOWDELAY = 0
>         IPTOS_THROUGHPUT = 0
>         SO_REUSEPORT = 0
>         SO_SNDBUF = 87040
>         SO_RCVBUF = 368000
>         SO_SNDLOWAT = 1
>         SO_RCVLOWAT = 1
>         SO_SNDTIMEO = 0
>         SO_RCVTIMEO = 0
>         TCP_QUICKACK = 1
>         TCP_DEFER_ACCEPT = 0
> Doing spnego session setup (blob length=96)
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178 at please_ignore
> cli_session_setup_spnego: using target hostname not SPNEGO principal
> cli_session_setup_spnego: guessed server principal=cifs/hera.<example.com
> >@<EXAMPLE.COM>
> GENSEC backend 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered
> GENSEC backend 'sasl-EXTERNAL' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered
> GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Starting GENSEC mechanism spnego
> Starting GENSEC submechanism gse_krb5
> SPNEGO login failed: The object name is not found.
> libnet_Join:
>     libnet_JoinCtx: struct libnet_JoinCtx
>         out: struct libnet_JoinCtx
>             account_name             : NULL
>             netbios_domain_name      : NULL
>             dns_domain_name          : NULL
>             forest_name              : NULL
>             dn                       : NULL
>             domain_sid               : NULL
>                 domain_sid               : (NULL SID)
>             modified_config          : 0x00 (0)
>             error_string             : 'failed to lookup DC info for
> domain '<EXAMPLE.COM>' over rpc: The object name is not found.'
>             domain_is_ad             : 0x00 (0)
>             set_encryption_types     : 0x00000000 (0)
>             result                   : WERR_BADFILE
> return code = -1
> msg_dgm_ref_destructor: refs=(nil)
>
> HERA smb.conf:
> [global]
>         workgroup = SPEELMANROBBEN
>         realm = speelmanrobben.nl
>         netbios name = HERA
>         server role = active directory domain controller
>         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate
>
> [netlogon]
>         path = /mnt/netlogon
>         read only = No
>         guest ok = Yes
>
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
>
> ZEUS smb.conf:
> [global]
>         workgroup = SPEELMANROBBEN
>         realm = speelmanrobben.nl
>         netbios name = ZEUS
>         server string = %h PDC (Debian Testing, Samba4)
>         interfaces = 127.0.0.0/8, ::1/128, eth0, lo
>         bind interfaces only = Yes
>         server role = active directory domain controller
>         map to guest = Bad User
>         private dir = /var/lib/samba/private
>         pam password change = Yes
>         unix password sync = Yes
>         syslog = 0
>         log file = /var/log/samba/log.samba
>         max log size = 1000
>         logon path =
>         domain logons = Yes
>         preferred master = Yes
>         domain master = Yes
>         dns proxy = No
>         lock directory = /var/lib/samba/
>         state directory = /var/lib/samba/state
>         cache directory = /var/cache/samba
>         usershare allow guests = Yes
>         panic action = /usr/share/samba/panic-action %d
>         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate
>         idmap_ldb:use rfc2307 = yes
>         idmap config * : backend = tdb
>         invalid users = root
>         admin users = administrator
>         tls enabled  = yes
>         tls keyfile  = tls/sambakey.pem
>         tls certfile = tls/zeus.<example.com>.crt
>         tls cafile = /etc/ssl/certs/cacert.pem
>
> [netlogon]
>         comment = Network Logon Service
>         path = /mnt/netlogon
>         read only = No
>         guest ok = Yes
>
> [sysvol]
>         comment = System Volume
>         path = /var/lib/samba/state/sysvol
>         read only = No
>         guest ok = Yes
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list