[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired
Rowland Penny
rpenny at samba.org
Wed Jan 3 16:53:59 UTC 2024
On Wed, 3 Jan 2024 13:30:48 -0300
Elias Pereira <empbilly at gmail.com> wrote:
> >
> > Is dns configured correctly ?
>
> root at dc2:~# cat /etc/resolv.conf
> search campus.sertao.ifrs.edu.br
> nameserver 200.xxx.xxx.163 (*own IP*)
>
> root at dc3:~# cat /etc/resolv.conf
> search campus.sertao.ifrs.edu.br
> nameserver 200.xxx.xxx.160 (*own IP*)
>
> Is a firewall running and if so, are all the
> > required ports open ?
>
> We use pfsense and there's a rule allow everything between the DCs.
> Anyway, I checked the logs while I was running the replicate command,
> and nothing appeared in the logs.
>
> but strangely, some ports are closed... O.o
>
> PORT STATE SERVICE VERSION
> 53/tcp open domain (unknown banner: non3)
> 88/tcp open kerberos-sec (server time: 2024-01-03 16:19:09Z)
> *123/tcp closed ntp*
> 135/tcp open msrpc Microsoft Windows RPC
>
> *137/tcp closed netbios-ns138/tcp closed netbios-dgm*
> 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: CAMPUS)
> 389/tcp open ldap (Anonymous bind OK)
> 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: CAMPUS)
> 464/tcp open kpasswd5?
> 636/tcp open ssl/ldap (Anonymous bind OK)
> 3268/tcp open ldap (Anonymous bind OK)
> 3269/tcp open ssl/ldap (Anonymous bind OK)
>
> Do closed ports affect replication?
>
Yes and you need more than those ports, see here:
https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage ``
Where does pfsense come into this ? From my understanding, pfsense is a
firewall/router device and should be between your DCs and the internet
and not between your DCs.
Rowland
More information about the samba
mailing list