[Samba] Samba4 - global catalog (GC) cannot be contacted using Windows 7 RSAT
Alfonso Conner
c1581634 at gmail.com
Fri Jul 19 10:13:37 UTC 2019
Hi Samba Team,
Have recently followed Samba guide and successfully migrate from PDC to AD
and from BDC to join AD forest.
Need some advice here as I encountered global catalog (GC) cannot be
contacted issue when using RSAT.
This message pops up when I click "member of" tab while viewing user
properties although it will display correctly after I acknowledged the
error.
Another similar message related to GC will also pop up when I click to the
next step while creating new user account, whereby I am aware my newly
created user might encounter login issues.
After done some research and with reference to previous posts, i noticed it
has to do with port 3268/tcp and 3269/tcp to be enabled and available.
After tried various methods to verify but no avail.
Below are the outputs of commands:
Appreciate for the advice.
# ps axf | egrep "samba|smbd|winbindd"
15163 pts/1 S+ 0:00 \_ egrep samba|smbd|winbindd
2571 ? Ss 0:00 samba
2572 ? S 0:00 \_ samba
2574 ? S 0:00 | \_ samba
2576 ? Ss 0:14 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
2596 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
2597 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
2598 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
9886 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
15160 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
15161 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D
--option=server role check:inhibit=yes --foreground
2573 ? S 0:35 \_ samba
8972 ? S 0:00 | \_ samba
8973 ? S 0:00 | \_ samba
2575 ? S 0:06 \_ samba
2577 ? S 0:00 \_ samba
2578 ? S 0:07 \_ samba
9411 ? S 0:00 | \_ samba
9412 ? S 0:00 | \_ samba
2579 ? S 0:02 \_ samba
2580 ? S 0:09 \_ samba
2581 ? S 0:05 \_ samba
2582 ? S 0:00 \_ samba
2584 ? S 0:00 | \_ samba
2586 ? Ss 0:02 | \_ /usr/local/samba/sbin/winbindd -D
--option=server role check:inhibit=yes --foreground
2652 ? S 0:00 | \_ /usr/local/samba/sbin/winbindd
-D --option=server role check:inhibit=yes --foreground
2653 ? S 0:00 | \_ /usr/local/samba/sbin/winbindd
-D --option=server role check:inhibit=yes --foreground
2583 ? S 0:00 \_ samba
2585 ? S 0:00 \_ samba
2587 ? S 0:00 \_ samba
2588 ? S 0:15 \_ samba
netstat -plaunt | egrep "ntp|bind|named|samba|?mbd"
tcp 0 0 0.0.0.0:53 0.0.0.0:*
LISTEN 2588/samba
tcp 0 0 0.0.0.0:88 0.0.0.0:*
LISTEN 2580/samba
tcp 0 0 0.0.0.0:445 0.0.0.0:*
LISTEN 2576/smbd
tcp 0 0 0.0.0.0:49152 0.0.0.0:*
LISTEN 2573/samba
tcp 0 0 0.0.0.0:49153 0.0.0.0:*
LISTEN 2573/samba
tcp 0 0 0.0.0.0:49154 0.0.0.0:*
LISTEN 2573/samba
tcp 0 0 0.0.0.0:389 0.0.0.0:*
LISTEN 2578/samba
tcp 0 0 0.0.0.0:135 0.0.0.0:*
LISTEN 2573/samba
tcp 0 0 0.0.0.0:139 0.0.0.0:*
LISTEN 2576/smbd
tcp 0 0 0.0.0.0:111 0.0.0.0:*
LISTEN 976/rpcbind
tcp 0 0 0.0.0.0:464 0.0.0.0:*
LISTEN 2580/samba
tcp 0 0 DC1_IP:49153 Other_IP:49182
ESTABLISHED 8972/samba
tcp 0 0 DC1_IP:49152 Other_IP:54906
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:389 Other_IP:63555
ESTABLISHED 9412/samba
tcp 0 0 DC1_IP:445 Other_IP:54486
ESTABLISHED 15410/smbd
tcp 0 0 DC1_IP:135 Other_IP:50476
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:135 Other_IP:61388
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:62660
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:65500
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:41854 DC2_IP:49152
ESTABLISHED 2581/samba
tcp 0 0 DC1_IP:49152 Other_IP:63554
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:60790
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 DC2_IP:49612
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:58881
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:445 Other_IP:61391
ESTABLISHED 15409/smbd
tcp 0 0 DC1_IP:49152 Other_IP:64459
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:63481
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:49174
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:50477
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:53405
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49153 Other_IP:49183
ESTABLISHED 8973/samba
tcp 0 0 DC1_IP:135 Other_IP:49180
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:389 Other_IP:63551
ESTABLISHED 9411/samba
tcp 0 0 DC1_IP:135 Other_IP:58880
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:135 Other_IP:49173
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:135 Other_IP:53404
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:445 Other_IP:49195
ESTABLISHED 9886/smbd
tcp 0 0 DC1_IP:135 Other_IP:54903
ESTABLISHED 2573/samba
tcp 0 0 DC1_IP:49152 Other_IP:63553
ESTABLISHED 2573/samba
tcp 0 0 :::53 :::*
LISTEN 2588/samba
tcp 0 0 :::88 :::*
LISTEN 2580/samba
tcp 0 0 :::636 :::*
LISTEN 2578/samba
tcp 0 0 :::445 :::*
LISTEN 2576/smbd
tcp 0 0 :::49152 :::*
LISTEN 2573/samba
tcp 0 0 :::49153 :::*
LISTEN 2573/samba
tcp 0 0 :::49154 :::*
LISTEN 2573/samba
tcp 0 0 :::3268 :::*
LISTEN 2578/samba
tcp 0 0 :::3269 :::*
LISTEN 2578/samba
tcp 0 0 :::389 :::*
LISTEN 2578/samba
tcp 0 0 :::135 :::*
LISTEN 2573/samba
tcp 0 0 :::139 :::*
LISTEN 2576/smbd
tcp 0 0 :::111 :::*
LISTEN 976/rpcbind
tcp 0 0 :::464 :::*
LISTEN 2580/samba
udp 0 0 0.0.0.0:53 0.0.0.0:*
2588/samba
udp 0 0 DC1_IP:464 0.0.0.0:*
2580/samba
udp 0 0 0.0.0.0:464 0.0.0.0:*
2580/samba
udp 0 0 0.0.0.0:727 0.0.0.0:*
976/rpcbind
udp 0 0 DC1_IP:88 0.0.0.0:*
2580/samba
udp 0 0 0.0.0.0:88 0.0.0.0:*
2580/samba
udp 0 0 0.0.0.0:111 0.0.0.0:*
976/rpcbind
udp 0 0 DC1_IP:123 0.0.0.0:*
8210/./ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:*
8210/./ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:*
8210/./ntpd
udp 0 0 DC1_IP:389 0.0.0.0:*
2579/samba
udp 0 0 0.0.0.0:389 0.0.0.0:*
2579/samba
udp 0 0 DC1_IP:137 0.0.0.0:*
2575/samba
udp 0 0 Broadcast_IP:137 0.0.0.0:*
2575/samba
udp 0 0 0.0.0.0:137 0.0.0.0:*
2575/samba
udp 0 0 DC1_IP:138 0.0.0.0:*
2575/samba
udp 0 0 Broadcast_IP:138 0.0.0.0:*
2575/samba
udp 0 0 0.0.0.0:138 0.0.0.0:*
2575/samba
udp 0 0 :::53 :::*
2588/samba
udp 0 0 :::464 :::*
2580/samba
udp 0 0 :::727 :::*
976/rpcbind
udp 0 0 :::88 :::*
2580/samba
udp 0 0 :::111 :::*
976/rpcbind
udp 0 0 IP_V6:123 :::*
8210/./ntpd
udp 0 0 ::1:123 :::*
8210/./ntpd
udp 0 0 :::123 :::*
8210/./ntpd
udp 0 0 :::389 :::*
2579/samba
# host -t SRV _ldap._tcp.gc._msdcs.sandom.example.com.
_ldap._tcp.gc._msdcs.sandom.example.com has SRV record 0 100 3268
dc1.sandom.example.com.
_ldap._tcp.gc._msdcs.sandom.example.com has SRV record 0 100 3268
dc2.sandom.example.com.
# host -t SRV _gc._tcp.sandom.example.com.
_gc._tcp.sandom.example.com has SRV record 0 100 3268 dc1.sandom.example.com
.
_gc._tcp.sandom.example.com has SRV record 0 100 3268 dc2.sandom.example.com
.
My DC smb.conf as below:
# Global parameters
[global]
netbios name = DC1
realm = SANDOM.EXAMPLE.COM
server role = active directory domain controller
workgroup = SANDOM
idmap_ldb:use rfc2307 = yes
ldap server require strong auth = no
template shell = /bin/bash
template homedir = /home/%U
dns forwarder = FORWARDER_IP
ntlm auth = yes
Thanks and Regards
AC
More information about the samba
mailing list