[Samba] AD DC lost sub.conf

Callum MacEwan callum at pegasusnz.com
Wed Nov 30 20:57:51 UTC 2022 

I have checked all my smb.conf on the AD DC and Dom member 
On the AD DC
wbinfo -u and -g respond normally with users and groups prefixed with Domain
Starting samba with -i -d 4 reveals no obvious error it chats to DOM members
The only error I saw was invalid SID (not sure if that is an error or warning )

On Dom Member
wbinfo -u returns nothing but Wbinfo -g returns domain\groups as expected 
I have started all modules with -i -d 4 and don’t see any obvious errors
wbinfo -p pings winbindd successfully 
wbinfo -P returns an error 
>checking the NETLOGON for domain[SAND] dc connection to "" failed
>failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND

All the DNS test are good
Any guidance on what to do next appreciated

Thanks
Callum MacEwan
https://Whatson.pegasusnz.com


> On 29/11/2022, at 11:17 AM, Callum MacEwan via samba <samba at lists.samba.org> wrote:
> 
> 
>> On 29/11/2022, at 10:39 AM, Rowland Penny via samba <samba at lists.samba.org> wrote:
>> 
>> 
>> 
>>>> On 28/11/2022 21:07, Callum MacEwan via samba wrote:
>>> Hello Team Samba
>>> I have a Debian Samba AD DC 4.13.13 and a Debian Domain member
>>> Everything was working fine then one day my Linux ID’s changed from UID 10000 GID 11001 to UID 3000017 and GID 100.
>> 
>> Are we talking about the DC here ?
>> Have you added uidNumber & gidNumber attributes to AD ?
> Yes I am taking about DC
>> 
>> If you have, uncomment (remove the '#') from '#idmap_ldb:use rfc2307 = yes', restart Samba and run 'net cache flush'
>> 
> No I haven’t added uidNumber & gidNumber attributes to AD because everything was okay
> 
>> 
>>> After a little fiddling with the AD DC and Domain Memeber  returned to normal so I tidy up the configs and reboot both machines.
>>> After the restart nothing was working and my smb.conf on the AD DC was missing a section. I rebuilt what I thought was correct
>>> I now have the AD DC responding normally locally but my Debian Domain member reports DC1 offline but lists users correctly  with wbinfo -u but without the domain wbinfo -g responds with nothing
>> 
>> Do you have only one DC ?
> 
> Yes only 1 DC,
>> It is better if you have at least two and backup the domain with samba-tool.
>> 
>> Have you run 'net ads testjoin' on the Unix domain member ?
> Just ran that and the response was 
> 
> Join is OK
>> 
>> Rowland
>> 
>> 
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list