[Samba] ERROR:connection refused after provision
Felipe_G0NZÁLEZ_SANTIAG0
fgonzalez at uci.cu
Thu Nov 10 14:48:22 UTC 2016
See inline comments:
----- Original Message -----
From: "Rowland Penny" <rpenny at samba.org>
To: samba at lists.samba.org
Sent: Tuesday, November 8, 2016 10:46:50 AM
Subject: Re: [Samba] ERROR:connection refused after provision
See inline comments:
On Tue, 8 Nov 2016 09:08:34 -0500 (CST)
Felipe_G0NZÁLEZ_SANTIAG0 via samba <samba at lists.samba.org> wrote:
> Hello, I'm installing Samba4 AD from repo Ubuntu16.04. These are the
> steps I've applied:
>
>
> 1. editing fstab in EXT3
Why are you using ext3 ?
No, I'm not using EXT3, I'm using EXT4. I should've wrote edit fstab. So, I add 'defaults,barrier=1' in fstab.
<blockquote>
> 2. install dependencies ( acl attr quota fam libnet-ldap-perl )
> 3. install krb5-user, bind9, ntp, winbind, ldbtools and samba.
> 4. remove smb.conf, if exists
> 5. samba-tool provision
How are provisioning ?
</blockquote>
#samba-tool domain provision --use-rfc2307 --realm=ejemplo.cu --domain=ejemplo --adminpass=free.2016 --server-role=dc --dns-backend=BIND9_DLZ --option="interfaces=lo enp0s3" --option="bind interfaces only=yes"
<blockquote>
> 6. Restart services bind9, ntp and samba
> 7. config Bind9 (add 'include' in /etc/bind/named.conf.local )
Please post your bind9 conf files.
</blockquote>
This is my /etc/bind/named.conf content:
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
This is my /etc/bind/named.conf.local content:
include "/var/lib/samba/private/named.conf";
And This is my /etc/bind/named.conf.options content:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
<blockquote>
> 8. set permissions to bind9
> 9. set nameserver in resolv.conf
What are you setting the nameserver to ?
</blockquote>
The resolv.conf content is:
nameserver 10.53.3.11
domain ejemplo.cu
<blockquote>
> 10. edit apparmor profile
> 11. config Kerberos ( ln
> -sf /var/lib/samba/private/krb5.conf /etc/krb5.conf ) 12. set ntp
> permissions 13. config ntp.conf
>
> THEN:::
> add reverse zone
> #samba-tool dns zonecreate 127.0.0.1 3.53.10.in-addr.arpa
> -UAdministrator%free.2016
>
Try it like this:
samba-tool dns zonecreate 127.0.0.1 3.53.10.in-addr.arpa -UAdministrator
Rowland
</blockquote>
Notice that after provisioning and configuring ntp, krb and bind9 services when I try to create the DNS reverse zone I got this 'connection refused' error. Then, I reboot the server I all work fine. My point is that I need this work fine without rebooting.
Regards,
Felipe-G-S.
The University of Informatics Sciences invites you to participate in the Scientific Conference UCIENCIA 2016, November 24-26.
Conferencia Científica UCIENCIA 2016, del 24 al 26 de noviembre.
http://uciencia.eventos.uci.cu/
More information about the samba
mailing list