[Samba] NT_STATUS_INTERNAL_ERROR from RPC server on samba 4.5.8 AD DC

Richard Connon richard at connon.me.uk
Tue Oct 17 12:18:46 UTC 2017 


On 17/10/2017 09:54, Rowland Penny via samba wrote:
> On Tue, 17 Oct 2017 09:29:00 +0100
> Richard Connon via samba <samba at lists.samba.org> wrote:
>
>> On 16/10/2017 19:30, Rowland Penny wrote:
>>> Is the member server using DHCP ?
>> Yes. Both test hosts are using DHCP with static leases for IP
>> addresses but not for DNS domains or nameservers.
> I wouldn't do this, I would give the DC a fixed ipaddress.
In my production environment my DC(s) have fixed IP addresses, the use 
of DHCP is only in my lab environment. Do you see a problem with doing 
this as long as the IPs don't change during testing? (they are static 
leases)
>>> Is '10.0.2.15' the ipaddress of the DC ?
>> Yes
>>> You haven't got 'security = ADS' in your smb.conf.
>> Assuming you mean on the member, good point, but it doesn't change
>> this behaviour. My understanding was this only affected smbd anyway,
>> which I'm not running on the member.
> You need it
OK. I've set it now and see no change in behaviour.
>>> You have 'unix password sync = yes' in smb.conf,
>>> Do you have Unix users that are also in AD ?
>> No, this is just a default smb.conf from debian. I assume this
>> wouldn't actually have any affect on a member server where there is
>> no local passdb anyway and again, removing it has no affect.
> It wouldn't help.
I've removed this now and see no change in behaviour.
> And finally the biggy, are you using sssd ?
>> No, these test hosts are very basic debian installs I've done to
>> attempt to isolate this problem, although my "production" installs
>> use SSSD.
> Then it is never going to work, you have not set up winbind at all.
>
> Can I suggest you go and read this:
>
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> I suggest you follow it and use the 'rid' backend.
Again, this is a production/lab difference. I didn't setup SSSD in the 
lab to reduce the complexity. I'm simply trying to get the actual join 
process working. I will follow through that wiki anyway to check there's 
nothing I've missed though.
> Rowland
>

More information about the samba mailing list