[Samba] New Domain can't connect to localhost
Robert A Wooldridge
bob.wooldridge at edm-inc.com
Fri Aug 23 15:43:40 UTC 2019
On 08/23/2019 01:48 AM, L.P.H. van Belle via samba wrote:
> Hai,
>
> Still problems in your resolving setup?
> Try //FQDN/netlogon
No, this doesn't work either. Tried both //athena/netlogon and
//athena.edm-inc.com/netlogon
>
> But that said, my 4.10.6 works fine.
>
> smbclient //localhost/netlogon -UAdministrator -c 'ls'
> Enter NTDOM\Administrator's password:
> . D 0 Tue Feb 13 14:14:08 2018
> .. D 0 Fri Jul 26 09:39:59 2019
> firefox_startup.vbs.off A 25091 Sun Jul 3 03:56:20 2016
>
>
> Can you run :
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh
> And post the output, anonimize it where needed.
Results:
Collected config --- 2019-08-23-10:33 -----------
Hostname: athena
DNS Domain: edm-inc.com
FQDN: athena.edm-inc.com
ipaddress: 10.10.1.10
-----------
Samba is running as an AD DC
-----------
Checking file: /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
-----------
This computer is running Debian 10.0 x86_64
-----------
running command : ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc
pfifo_fast state DOWN group default qlen 1000
link/ether 00:1c:c0:ec:25:25 brd ff:ff:ff:ff:ff:ff
inet 10.10.1.10/16 brd 10.10.255.255 scope global noprefixroute enp0s25
inet6 fe80::21c:c0ff:feec:2525/64 scope link noprefixroute
-----------
Checking file: /etc/hosts
127.0.0.1 localhost
10.10.1.10 athena.edm-inc.com athena
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
-----------
Checking file: /etc/resolv.conf
nameserver 10.10.1.10
search edm-inc.com
-----------
Checking file: /etc/krb5.conf
[libdefaults]
default_realm = EDM-INC.COM
dns_lookup_realm = false
dns_lookup_kdc = true
-----------
Checking file: /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files systemd
group: files systemd
shadow: files
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
-----------
Checking file: /etc/samba/smb.conf
# Global parameters
[global]
dns forwarder = 10.10.1.1
netbios name = ATHENA
realm = EDM-INC.COM
server role = active directory domain controller
workgroup = EDM
idmap_ldb:use rfc2307 = yes
[netlogon]
path = /var/lib/samba/sysvol/edm-inc.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
-----------
BIND_DLZ not detected in smb.conf
-----------
Installed packages:
ii acl 2.2.53-4 amd64 access control list
- utilities
ii attr 1:2.4.48-4 amd64 utilities for
manipulating filesystem extended attributes
ii fonts-quicksand 0.2016-2 all
sans-serif font with round attributes
ii krb5-config 2.6 all
Configuration files for Kerberos Version 5
ii krb5-locales 1.17-3 all
internationalization support for MIT Kerberos
ii krb5-user 1.17-6 amd64 basic
programs to authenticate using MIT Kerberos
ii libacl1:amd64 2.2.53-4 amd64 access
control list - shared library
ii libattr1:amd64 1:2.4.48-4 amd64 extended
attribute handling - shared library
ii libgssapi-krb5-2:amd64 1.17-6 amd64
MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
ii libkrb5-3:amd64 1.17-6 amd64 MIT
Kerberos runtime libraries
ii libkrb5support0:amd64 1.17-6 amd64
MIT Kerberos runtime libraries - Support library
ii libnss-winbind:amd64 2:4.9.11+dfsg-1 amd64
Samba nameservice integration plugins
ii libpam-krb5:amd64 4.8-2 amd64 PAM
module for MIT Kerberos
ii libpam-winbind:amd64 2:4.9.11+dfsg-1 amd64
Windows domain authentication integration plugin
ii libsmbclient:amd64 2:4.9.11+dfsg-1 amd64
shared library for communication with SMB/CIFS servers
ii libwbclient0:amd64 2:4.9.11+dfsg-1 amd64
Samba winbind client library
ii python-samba 2:4.9.11+dfsg-1 amd64 Python
bindings for Samba
ii samba 2:4.9.11+dfsg-1 amd64 SMB/CIFS file,
print, and login server for Unix
ii samba-common 2:4.9.11+dfsg-1 all common
files used by both the Samba server and client
ii samba-common-bin 2:4.9.11+dfsg-1 amd64 Samba
common files used by both the server and the client
ii samba-dsdb-modules:amd64 2:4.9.11+dfsg-1
amd64 Samba Directory Services Database
ii samba-libs:amd64 2:4.9.11+dfsg-1 amd64 Samba
core libraries
ii samba-vfs-modules:amd64 2:4.9.11+dfsg-1 amd64
Samba Virtual FileSystem plugins
ii smbc 1.2.2-4+b3 amd64 samba-commander -
curses based samba network browser
ii smbclient 2:4.9.11+dfsg-1 amd64 command-line
SMB/CIFS clients for Unix
ii winbind 2:4.9.11+dfsg-1 amd64 service to
resolve user and group information from Windows NT servers
-----------
--
Bob Wooldridge
EDM Incorporated
More information about the samba
mailing list