[Samba] net rpc rights grant fail to connect 127.0.0.1

Douglas G. Oechsler doguibnu at gmail.com
Mon Jul 13 13:06:11 UTC 2020 

Em seg., 13 de jul. de 2020 às 09:36, Rowland penny via samba <
samba at lists.samba.org> escreveu:

> On 13/07/2020 13:13, Douglas G. Oechsler via samba wrote:
> > Hello!
> >
> > I am trying to do the command:
> > *net rpc rights grant "SAMDOM\Unix Admins" SeDiskOperatorPrivilege -U
> > "SAMDOM\administrator"*
> > *could not connect to server 127.0.0.1*
> > *connection failed: NT_STATUS_CONNECTION_REFUSED*
> >
> > All steps from original samba wiki. The distro is Opensuse 15.1 64 bits,
> on
> > Oracle VM, static IP.
> > I did read several blogs, docs, samba mailing list. Trying many
> > configurations to solve or connect AD-DC.
> >
> > *some steps: ad-dc*
> > in smb.conf:
> > bind interfaces only = yes
> > interfaces = lo eth0
> >   dns forwarder = IP-AD-DC DNS
> >
> Did you use the distro packages to provision domain ?
>

Yes!
I add repo opensuse samba-ad-dc from
https://software.opensuse.org/package/samba-ad-dc



> If so, you are probably using MIT for the kdc and this is experimental
> and should not be used in production.
>

Oh right!

>
> Can you post the contents of the following files:
>

Yes, from ad-dc

>
> /etc/hostname
>

dclinux:/etc/samba # hostname
dclinux


> /etc/hosts


cat hosts

# IP-Address  Full-Qualified-Hostname  Short-Hostname
#

127.0.0.1 localhost
10.1.1.21       DCLINUX.ad.mydomain.br DCLINUX
# special IPv6 addresses
::1             localhost ipv6-localhost ipv6-loopback

fe00::0         ipv6-localnet

ff00::0         ipv6-mcastprefix
ff02::1         ipv6-allnodes
ff02::2         ipv6-allrouters
ff02::3         ipv6-allhosts
10.1.1.21 install


>
> /etc/resolv.conf
>

search ad.mydomain.br
nameserver 8.8.8.8
nameserver 200.x.x.x
nameserver 200.x.x.x


>
> /etc/krb5.conf
>
>
[libdefaults]
default_realm = AD.MYDOMAIN.BR
dns_lookup_realm = false
dns_lookup_kdc = true



> /etc/samba/smb.conf
>


# Global parameters
[global]
dns forwarder = 200.x.x.x 10.1.1.21
 bind interfaces only = yes
interfaces = lo eth0
netbios name = DCLINUX
realm = AD.MYDOMAIN.BR
server role = active directory domain controller
workgroup = MYDOMAIN
idmap_ldb:use rfc2307 = yes

[sysvol]
path = /var/lib/samba/sysvol
read only = No

[netlogon]
path = /var/lib/samba/sysvol/ad.mydomain.br/scripts
read only = No



> Also, if you are using Bind9, the bind9 conf files.
>
> No, not using Bind9

Thank you!


> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


--

More information about the samba mailing list