[Samba] No ports 445/139 & smbclient shows NT_STATUS_CONNECTION_REFUSED
Piers Kittel
piers at centrefordeaf.org.uk
Wed Jun 13 20:57:38 UTC 2018
Hi all,
I'm maintaining a small AD system on a computer called "ad" in our small
charity, and it has been working fine for a year or so. However, "ad" is
very rickety so we got a proper server purchased and now I'm trying to
move the AD system over. I've set up the new server called "org-ad"
with Debian 9 and followed the instructions here
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory.
I have successfully joined both DCs and the AD structure has transferred
to "org-ad" fine, as shown below:
root at org-ad:/var/log# wbinfo -u
org\name1
org\administrator
org\name2
org\kit
org\name4
org\visitor
org\name5
org\krbtgt
org\guest
root at org-ad:/var/log#
Also, "samba-tool drs showrepl" works perfectly fine as per the wiki.
However, smbclient doesn't work:
root at org-ad:/var/log# smbclient -L localhost -U%
Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)
Checking with netstat shows the necessary ports 445 & 139 aren't open:
kit at org-ad:/var/log$ netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN -
tcp6 0 0 :::636 :::* LISTEN -
tcp6 0 0 :::1024 :::* LISTEN -
tcp6 0 0 :::3268 :::* LISTEN -
tcp6 0 0 :::3269 :::* LISTEN -
tcp6 0 0 :::389 :::* LISTEN -
tcp6 0 0 :::135 :::* LISTEN -
tcp6 0 0 :::464 :::* LISTEN -
tcp6 0 0 :::53 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::88 :::* LISTEN -
kit at cfd-ad:/var/log$
The original AD server shows:
piers at ad:/etc/samba$ netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp6 0 0 :::464 :::* LISTEN -
tcp6 0 0 :::53 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::631 :::* LISTEN -
tcp6 0 0 :::88 :::* LISTEN -
tcp6 0 0 :::636 :::* LISTEN -
tcp6 0 0 :::445 :::* LISTEN -
tcp6 0 0 :::1024 :::* LISTEN -
tcp6 0 0 :::3268 :::* LISTEN -
tcp6 0 0 :::3269 :::* LISTEN -
tcp6 0 0 :::389 :::* LISTEN -
tcp6 0 0 :::135 :::* LISTEN -
tcp6 0 0 :::139 :::* LISTEN -
piers at ad:/etc/samba$
I know I had the exact same problem with the original AD computer when I
first set it up, but for the life of me I can't figure out what the
solution was! I've gone through all config files I can remember and
both computers match. I've tried this solution here -
https://wiki.samba.org/index.php/Configure_Samba_to_Bind_to_Specific_Interfaces
- but it doesn't work at all. Am tearing my hair out trying to remember
what I did originally, so any solutions would be greatly appreciated.
Many thanks!
With kind regards - Piers
More information about the samba
mailing list