[Samba] RPC Server is unavailable

Rowland Penny rpenny at samba.org
Mon Jun 5 19:54:19 UTC 2017 

On Mon, 05 Jun 2017 20:40:58 +0200
Supporter via samba <samba at lists.samba.org> wrote:

 
Try changing this line in /etc/nsswitch.conf:

> hosts:          files resolve [!UNAVAIL=return] dns

To:

hosts: files dns


Try using this smb.conf:

[global]
         workgroup = XYZ
         security = ads
         realm = XYZ.LOCAL
         kerberos method = secrets and keytab
         server string = %h server (Samba, Ubuntu)
         interfaces = lo, eth0
         winbind use default domain = Yes
         winbind expand groups = 4
         winbind refresh tickets = Yes
         winbind enum users = Yes
         winbind enum groups = Yes
         idmap config * : range = 2000-49999
         idmap config * : backend = tdb
         idmap config XYZ : range = 50000-60000
         idmap config XYZ : backend = rid
         template shell = /bin/bash
         template homedir = /home/%U
         username map = /etc/samba/user.map
         vfs objects = acl_xattr
         map acl inherit = yes
         store dos attributes = yes
         load printers = no
         printing = bsd
         printcap name = /dev/null
         disable spoolss = yes

[share]
         comment = share
         path = /share
         read only = No
         vfs objects = full_audit
         full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename
         full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
         full_audit:prefix = %u|%I|%M|%S
         full_audit:priority = notice
         full_audit:facility = local5
         acl_xattr:ignore system acls = yes
         force create mode = 0660
         force directory mode = 0660

I personally think you should also remove the last two lines and set
the ACLs from windows.

I removed these lines because they are default settings:

         domain master = no
         local master = no
         preferred master = no
         domain logons = no
         allow trusted domains = yes
         acl map full control = true
         nt acl support = yes
         client use spnego = yes
         client ntlmv2 auth = yes
         browseable = Yes

These because they are the opposite of what I think you need:

         inherit acls = yes
         inherit permissions = yes
         acl group control = yes
         ea support = yes
         map archive = No
         map readonly = no

This because it should only be used on a DC:

         idmap_ldb:use rfc2307 = yes

These , well I have no idea why you have set them ;-)

         rpc_server:tcpip = no
         rpc_daemon:spoolssd = embedded
         rpc_server:spoolss = embedded
         rpc_server:winreg = embedded
         rpc_server:ntsvcs = embedded
         rpc_server:eventlog = embedded
         rpc_server:srvsvc = embedded
         rpc_server:svcctl = embedded
         rpc_server:default = external


Try it and see if it helps ;-)

Rowland

More information about the samba mailing list