[Samba] Joining a Windows Server 2008 / 2008 R2 DC to a Samba AD - ISSUE - The RPC server is unavailable

Arjit Gupta arjitk.gupta at gmail.com
Wed Jun 14 05:13:50 UTC 2017 

Hi Rowland,


*>> How did you configure Samba ?*

atca13 [/opt/samba/bin]# ./samba --show-build
Samba version: 4.5.0-HPE CIFS SERVER 4.5.0.0
Build environment:
   Build host:  HP-UX atca7 B.11.31 U ia64 3395706695 unlimited-user license
Paths:
   BINDIR: /opt/samba/bin
   SBINDIR: /opt/samba/bin
   CONFIGFILE: /etc/opt/samba/smb.conf
   NCALRPCDIR: /var/opt/samba/run/ncalrpc
   LOGFILEBASE: /var/opt/samba
   LMHOSTSFILE: /etc/opt/samba/lmhosts
   DATADIR: /opt/samba/share
   MODULESDIR: /opt/samba/lib/samba
   LOCKDIR: /var/opt/samba/locks
   STATEDIR: /var/opt/samba/locks
   CACHEDIR: /var/opt/samba/cache
   PIDDIR: /var/opt/samba/run
   PRIVATE_DIR: /var/opt/samba/private
   CODEPAGEDIR: /opt/samba/share/codepages
   SETUPDIR: /opt/samba/share/setup
   WINBINDD_SOCKET_DIR: /var/opt/samba/run/winbindd
   WINBINDD_PRIVILEGED_SOCKET_DIR: /opt/samba/lib/samba/winbindd_privileged
   NTP_SIGND_SOCKET_DIR: /opt/samba/lib/samba/ntp_signd
atca13 [/opt/samba/bin]#

*We have configured samba ad dc with below steps*

atca13 [/var/opt/samba/private]# /opt/samba/bin/samba-tool domain provision
--use-rfc2307 --interactive
Realm [ATCA13DOM.COM]:
 Domain [ATCA13DOM]:
 Server Role (dc, member, standalone) [dc]:
 DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
[SAMBA_INTERNAL]:
 DNS forwarder IP address (write 'none' to disable forwarding) [x.x.x.x]:
8.8.8.8
Administrator password:
Retype password:
You are not root or your system do not support xattr, using tdb backend for
attributes.
not using extended attributes to store ACLs and other metadata. If you
intend to use this provision in production, rerun the script as root on a
system supporting xattrs.
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=ATCA13DOM,DC=com
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
xattr_tdb_removexattr() failed to get vfs_handle->data!
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=ATCA13DOM,DC=com
Creating DomainDnsZones and ForestDnsZones partitions
Populating DomainDnsZones and ForestDnsZones partitions
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at
/var/opt/samba/private/krb5.conf
Setting up fake yp server settings
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              atca13
NetBIOS Domain:        ATCA13DOM
DNS Domain:            ATCA13DOM.com
DOMAIN SID:            S-1-5-21-50425708-2301055408-3617724870

atca13 [/var/opt/samba/private]# ln -sf /var/opt/samba/private/krb5.conf
/etc/krb5.conf
atca13 [/var/opt/samba/private]#
atca13 [/opt/samba/bin]# ./samba -D


atca13 [/]# /opt/samba/bin/smbclient -L localhost -U%
*Domain=[ATCA13DOM] OS=[Windows 6.1] Server=[Samba 4.5.0-HPE CIFS SERVER
4.5.0.0]*
*tree connect failed: NT_STATUS_CONNECTION_DISCONNECTED*
atca13 [/]#
atca13 [/opt/samba/bin]#  ./smbclient //localhost/netlogon -UAdministrator
-c 'ls'
Enter Administrator's password:
*Domain=[ATCA13DOM] OS=[Windows 6.1] Server=[Samba 4.5.0-HPE CIFS SERVER
4.5.0.0]*
*  .                                   D        0  Thu Dec  8 16:56:15 2016*
*  ..                                  D        0  Thu Dec  8 16:57:03 2016*

*                25985024 blocks of size 1024. 12311120 blocks available*
atca13 [/opt/samba/bin]# host -t SRV _ldap._tcp.ATCA13DOM.COM
_ldap._tcp.ATCA13DOM.COM has SRV record 0 100 389 atca13.ATCA13DOM.com.
atca13 [/opt/samba/bin]#  host -t SRV _kerberos._udp.ATCA13DOM.COM
_kerberos._udp.ATCA13DOM.COM has SRV record 0 100 88 atca13.ATCA13DOM.com.
atca13 [/opt/samba/bin]# host -t A atca13.ATCA13DOM.com
atca13.ATCA13DOM.com has address x.x.x.x
atca13 [/opt/samba/bin]# kinit administrator
Password for administrator at ATCA13DOM.COM:
Warning: Your password will expire in 41 days on Fri Jul 14 16:03:14 2017
atca13 [/opt/samba/bin]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator at ATCA13DOM.COM

Valid starting     Expires            Service principal
06/02/17 16:08:22  06/03/17 02:08:19  krbtgt/ATCA13DOM.COM at ATCA13DOM.COM
atca13 [/opt/samba/bin]# ./wbinfo --ping-dc
checking the NETLOGON for domain[ATCA13DOM] dc connection to "
atca13.ATCA13DOM.com" succeeded
atca13 [/opt/samba/bin]#


*>> What Samba packages do you have installed (if you are using your OS*
*packages) ?*

We have built the Samba 4.5.0 on Itanium HP UX 11iv3


*>> smb.conf*
======
# Global parameters
[global]
        netbios name = atca13
        realm = ATCA13DOM.COM
        workgroup = ATCA13DOM
        dns forwarder = 8.8.8.8
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
        xattr_tdb:file = /var/opt/samba/locks/xattr.tdb
        guest account = smbnull
        log level = 5


[netlogon]
        path = /var/opt/samba/locks/sysvol/ATCA13DOM.com/scripts
        read only = No

[sysvol]
        path = /var/opt/samba/locks/sysvol
        read only = No


*Running Samba process :*
=============
atca13 [/opt/samba/bin]# ps -ef | grep -i samba
    root 16486 16480  0 22:42:11 ?         0:00 /opt/samba/bin/winbindd -D
--option=server role check:inhibit=yes --foreground
    root 16477 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16489 16471  0 22:42:11 ?         0:00 /opt/samba/bin/smbd -D
--option=server role check:inhibit=yes --foreground
    root 16475 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16469 16468  0 22:42:06 ?         0:00 ./samba -D
    root 16483 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16487 16471  0 22:42:11 ?         0:00 /opt/samba/bin/smbd -D
--option=server role check:inhibit=yes --foreground
    root 16488 16471  0 22:42:11 ?         0:00 /opt/samba/bin/smbd -D
--option=server role check:inhibit=yes --foreground
    root 16480 16478  0 22:42:07 ?         0:00 /opt/samba/bin/winbindd -D
--option=server role check:inhibit=yes --foreground
    root 16482 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16470 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16481 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16478 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16476 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16474 16468  0 22:42:07 ?         0:15 ./samba -D
    root 16471 16469  0 22:42:07 ?         0:00 /opt/samba/bin/smbd -D
--option=server role check:inhibit=yes --foreground
    root 16468     1  0 22:42:05 ?         0:01 ./samba -D
    root 16479 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16473 16468  0 22:42:07 ?         0:00 ./samba -D
    root 16472 16468  0 22:42:07 ?         0:00 ./samba -D
atca13 [/opt/samba/bin]# ptree 16468
16468      ./samba -D
 16469      ./samba -D
  16471      /opt/samba/bin/smbd -D --option=server role check:inhibit=yes -
   16487      /opt/samba/bin/smbd -D --option=server role check:inhibit=yes
-
   16488      /opt/samba/bin/smbd -D --option=server role check:inhibit=yes
-
   16489      /opt/samba/bin/smbd -D --option=server role check:inhibit=yes
-
 16470      ./samba -D
 16472      ./samba -D
 16473      ./samba -D
 16474      ./samba -D
 16475      ./samba -D
 16476      ./samba -D
 16477      ./samba -D
 16478      ./samba -D
  16480      /opt/samba/bin/winbindd -D --option=server role check:inhibit=y
   16486      /opt/samba/bin/winbindd -D --option=server role
check:inhibit=y
 16479      ./samba -D
 16481      ./samba -D
 16482      ./samba -D
 16483      ./samba -D
atca13 [/opt/samba/bin]#

*Please let us know if any other details required.*


Arjit Kumar

On Tue, Jun 13, 2017 at 8:42 PM, Rowland Penny <rpenny at samba.org> wrote:

> On Tue, 13 Jun 2017 20:09:30 +0530
> Arjit Gupta via samba <samba at lists.samba.org> wrote:
>
> > Hi ,
> >
> >
> > We have configured and run SAMBA-4.5 AD DC on Itanium HP UX 11iv3.
> >
> >
>
> How did you configure Samba ?
> What Samba packages do you have installed (if you are using your OS
> packages) ?
>
> Can you post your smb.conf
>
> I have never used UX, but Linux has the pstree command which shows all
> running processes, does UX have something similar ? and if so can you
> post the output for the relevant Samba processes ?
>
> Rowland
>
>

More information about the samba mailing list