[Samba] RPC and NDR errors in log file
james.atwell365 at gmail.com
james.atwell365 at gmail.com
Mon Oct 29 17:20:18 UTC 2018
Hello List,
I'm receiving several of these messages in my samba log
file. I'm not entirely sure what the errors are referencing either. I'm
under the assumption DNS related.
ndr_pull_error(11): Pull bytes 1 (../librpc/ndr/ndr_basic.c:81)
../librpc/rpc/dcerpc_util.c:264: ERROR: pad length mismatch. Calculated 44
got 0
I have 3 sites with 2 DC's per site. These messages are only coming from
one site and both DC's are logging the errors.
Since I suspect DNS related, I will provide my setup configs.
Ubuntu 14.04
named -v BIND 9.10.3-P4-Ubuntu
samba -V Version 4.9.1 (Built from tar)
cat /etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
----------------------------------------------------------------------------
----------
cat /etc/bind/named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
---------------------------------------------------------
cat /etc/bind/named.conf.local
include "/usr/local/samba/private/named.conf";
----------------------------------------------------------
cat /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
dnssec-validation no;
dnssec-enable no;
version "0.0.7";
notify no;
empty-zones-enable no;
allow-query { 127.0.0.1/32; 172.0.0.0/8; };
allow-recursion { 172.0.0.0/8; 127.0.0.1/32; };
forwarders { 8.8.8.8; 8.8.4.4;};
allow-transfer {none; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { none; };
listen-on port 53 { 172.16.232.29; 127.0.0.1; };
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
};
------------------------------------------------------------------
dpkg -l | grep bind9
ii bind9 1:9.10.3.dfsg.P4-8ubuntu1.11
amd64 Internet Domain Name Server
ii bind9-host 1:9.10.3.dfsg.P4-8ubuntu1.11
amd64 Version of 'host' bundled with BIND 9.X
ii bind9utils 1:9.10.3.dfsg.P4-8ubuntu1.11
amd64 Utilities for BIND
ii libbind9-140:amd64 1:9.10.3.dfsg.P4-8ubuntu1.11
amd64 BIND9 Shared Library used by BIND
rc libbind9-80 1:9.8.1.dfsg.P1-4ubuntu0.21
amd64 BIND9 Shared Library used by BIND
rc libbind9-90 1:9.9.5.dfsg-3ubuntu0.17
amd64 BIND9 Shared Library used by BIND
-----------------------------------------------------------------------
cat /usr/local/samba/etc/smb.conf
# Global parameters
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL // I know about using .local as a domain
isn't ideal
netbios name = PFDC1
server role = active directory domain controller
dns forwarder = 75.75.75.75 208.67.222.222
idmap_ldb:use rfc2307 = Yes
server services = -dns
log file = /usr/local/samba/var/log.samba
log level = 1 auth_audit:3 auth_json_audit:3
debug timestamp = Yes
debug uid = Yes
debug pid = Yes
load printers = No
printcap name = /dev/null
disable spoolss = Yes
tls enabled = yes
tls keyfile = tls/myKey.pem
tls certfile = tls/myCert.pem
tls cafile =
ldap server require strong auth = no
[netlogon]
path = /usr/local/samba/var/locks/sysvol/domain.local/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[backup$]
comment = PFDC1 Weekly Backup Folder
browseable = No
path = /usr/local/backups
read only = No
Thanks for your assistance.
James Atwell
More information about the samba
mailing list