[Samba] Upgrade to 4.5 error (SLES 12 SP1)

Vogel, Sven Sven.Vogel at kupper-computer.com
Sat Sep 17 11:10:14 UTC 2016 

Hi Rowland,

Is this on a DC or a domain member?
Both orion and orion2 are domain controller no member server.

I think you are going to have to give us more info, what version of Samba, what is in your smb.conf etc.
Yes. No problem sure. I am running 
orion:~ # samba --version
Version 4.4.5-SerNet-SuSE-31.suse132

---snip
# Global parameters
[global]
        workgroup = EXAMPLE
        realm = EXAMPLE.LOCAL
        netbios name = ORION
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate

        dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver
        idmap_ldb:use rfc2307 = yes
        vfs objects = dfs_samba4, acl_xattr
        rpc_server:spoolss = external
        rpc_daemon:spoolssd = fork
        spoolss: architecture = Windows x64

        #new to samba 4.2.0
        smb2 leases = yes
        
        ldap server require strong auth = no

[netlogon]
        path = /var/lib/samba/sysvol/example.local/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

[printers]
        path = /var/spool/samba
        printable = yes
        printing = CUPS

[print$]
        path = /srv/samba/printer_drivers
        comment = Printer Drivers
        writeable = yes

[home]
        comment = Homelaufwerk
        path = /srv/daten/home
        read only = No
        hide unreadable = yes
        vfs objects = btrfs, snapper, acl_xattr

[daten]
        comment = Datenverzeichnis
        path = /srv/daten/daten
        read only = No
        vfs objects = btrfs, snapper, acl_xattr

[info]
        comment = Informationen
        path = /srv/daten/informationen
        read only = No
        vfs objects = btrfs, snapper, acl_xattr
----snip
A lot of more shares but the same config like info or daten

If your dns domain does end in '.local', is Avahi running on the DC ?
No avahi or like sich services
----snip
orion:~ # systemd-analyze blame
          1.613s wicked.service
           864ms dev-mapper-vg_root\x2dlv_root.device
           721ms named.service
           644ms srv-daten.mount
           547ms lvm2-pvscan at 8:2.service
           520ms dhcpd.service
           406ms systemd-tmpfiles-clean.service
           394ms postfix.service
           286ms lsyncd.service
           223ms rsyslog.service
           188ms btrfsmaintenance-refresh.service
           177ms sshd.service
           155ms sernet-samba-ad.service
           152ms wickedd-dhcp6.service
           151ms wickedd-dhcp4.service
           150ms wickedd-auto4.service
           146ms rpcbind.service
           144ms ntpd.service
           143ms rc-local.service
           128ms systemd-fsck-root.service
           125ms dev-vg_root-lv_swap.swap
           114ms systemd-journald.service
           108ms systemd-remount-fs.service
           103ms rpc-statd.service
           100ms systemd-fsck at dev-sda1.service
            86ms systemd-udev-trigger.service
            80ms dev-hugepages.mount
            77ms auditd.service
            58ms systemd-tmpfiles-setup.service
            56ms systemd-tmpfiles-setup-dev.service
            52ms systemd-modules-load.service
            52ms systemd-udev-root-symlink.service
            51ms systemd-logind.service
            51ms dev-mqueue.mount
            51ms sys-kernel-debug.mount
            47ms kmod-static-nodes.service
            42ms wickedd.service
            39ms systemd-random-seed.service
            36ms plymouth-start.service
            31ms systemd-update-utmp.service
            29ms plymouth-read-write.service
            27ms systemd-fsck at dev-disk-by\x2duuid-05067202\x2db72e\x2d4496\x2d95bd\x2d3a20b3aeaa15.service
            19ms user at 0.service
            16ms sernet-samba-smbd.service
            16ms sernet-samba-nmbd.service
            15ms systemd-journal-flush.service
            15ms systemd-vconsole-setup.service
            15ms plymouth-quit.service
            15ms plymouth-quit-wait.service
            13ms boot.mount
            13ms nfs-config.service
----snip

Is a firewall getting in the way ? no that I see. Nothing.
orion:~ # iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I hope that helps Rowland. :)

Sven

-----Ursprüngliche Nachricht-----
Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von Rowland Penny via samba
Gesendet: Samstag, 17. September 2016 09:23
An: samba at lists.samba.org
Betreff: Re: [Samba] Upgrade to 4.5 error (SLES 12 SP1)

On Fri, 16 Sep 2016 22:10:20 +0000
"Vogel, Sven via samba" <samba at lists.samba.org> wrote:

> Hi,
> 
> i upgrade to sles sp1 with sernet packages and get the following error 
> after upgrade. Its looks like that port 135 will not reached.
> 
> Anyone who have an information about that or a solution?
> 
> Thanks
> 
> Sven
> 
> orion:~ # samba-tool drs showrepl
> Failed to connect host 192.168.24.2 on port 135 - 
> NT_STATUS_CONNECTION_REFUSED Failed to connect host 192.168.24.2
> (orion.domain.local) on port 135 - NT_STATUS_CONNECTION_REFUSED.
> ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to 
> orion.domain.local failed - drsException: DRS connection to 
> orion.domain.local failed: (-1073741258, 'The connection was
> refused') File
> "/usr/lib64/python2.7/site-packages/samba/netcmd/drs.py", line 41, in 
> drsuapi_connect (ctx.drsuapi, ctx.drsuapi_handle,
> ctx.bind_supported_extensions) =
> drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds) File 
> "/usr/lib64/python2.7/site-packages/samba/drs_utils.py", line 54, in 
> drsuapi_connect raise drsException("DRS connection to %s failed: %s"
> % (server, e))
> 
> 
> orion:~ # samba-tool domain trust validate domain.local Failed to 
> connect host /var/run/samba/ncalrpc/EPMAPPER on port 0 - 
> NT_STATUS_OBJECT_NAME_NOT_FOUND ERROR: LOCAL_DC[ORION]: failed to 
> connect lsa server - ERROR(0xC0000034) - The object name is not found.
> 
> 2016-09-16T17:40:35.263087+02:00 orion samba[1643]: [2016/09/16 
> 17:40:35.262662, 0] 
> ../source4/librpc/rpc/dcerpc_sock.c:245(continue_ip_open_socket)
> 2016-09-16T17:40:35.263288+02:00 orion samba[1643]:   Failed to
> connect host 192.168.24.3
> (6a3d57e1-ee56-4d7b-89ef-63f78af947d9._msdcs.domain.local) on port
> 135 - NT_STATUS_CONNECTION_REFUSED. 2016-09-16T17:40:35.285958+02:00 
> orion samba[1643]: [2016/09/16 17:40:35.285886, 0] 
> ../source4/librpc/rpc/dcerpc_sock.c:63(continue_socket_connect)
> 2016-09-16T17:40:35.286197+02:00 orion samba[1643]:   Failed to
> connect host 192.168.24.3 on port 135 - NT_STATUS_CONNECTION_REFUSED
> 
> Please use --fix to fix these errors
> Checked 3863 objects (3701 errors)
> 
> 
> 


Is this on a DC or a domain member?

I think you are going to have to give us more info, what version of Samba, what is in your smb.conf etc.

Just a couple of thoughts from what you have posted.
If your dns domain does end in '.local', is Avahi running on the DC ?
Is a firewall getting in the way ?

Rowland
 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list