On Tue, Feb 26, 2013 at 8:23 AM, Mike Stroven <
mike.stroven at visole-energy.com> wrote:
> Any help here? I have included all of the output of the suggested diags
> that Thomas said I should run, but I admit that I'm not sure what
I'm
> looking for, as I'm not familiar with RPC functionality on Linux.
> Something is not working with RPC on my Samba 4.0.3 server. (FWIW, it
> doesn't work with IPTables stopped either.)
>
> > On Mon, Feb 25, 2013 at 2:21 PM, Mike Stroven wrote:
> >
> > > I finally have everything working that can be verified from the
server
> command line. Running Bind9.8 with DLZ support.
> > > Verified Kerberos 5 running. Now attempting to join Windows XP
> machines to the domain, and am getting an error:
> > > "The RPC server is unavailable". Any pointers?
> > >
>
> On Mon, Feb 25, 2013 at 6:55 PM, Thomas Simmons wrote:
> > You're likely to get more support on the user's list (
> samba at lists.samba.org).
> >
> > If you're certain everything is working on the server and the
client
> > network config is correct (you have the DC's IP as the primary DNS
> server),
> > then my first guess would be iptables or selinux. If you need further
> > assistance, output from the following commands would be useful:
> >
>
>
> > # test samba
>
> [root at grumpy ~]# /usr/local/samba/bin/smbclient //grumpy/netlogon
> -UAdministrator%'**********' -c ls
> Domain=[TROY] OS=[Unix] Server=[Samba 4.0.3]
> . D 0 Mon Feb 25 09:53:33 2013
> .. D 0 Fri Feb 22 17:09:24 2013
>
> 40757 blocks of size 131072. 20332 blocks available
>
>
> > # test kerberos
>
> [root at grumpy ~]# kinit Administrator at VISOLE-ENERGY.COM
> Password for Administrator at VISOLE-ENERGY.COM:
> Warning: Your password will expire in 41 days on Mon Apr 8 18:14:03 2013
>
>
> > # check iptables
>
> [root at grumpy ~]# iptables -nL
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:22 /* SSH */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:53 /* DNS */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:53 /* DNS UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:80 /* HTTP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:88 /* Kerberos */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:123 /* NTP */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:135 /* RPC UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:135 /* RPC TCP */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:138 /* NetBIOS Netlogon and Browsing */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:139 /* NetBIOS Session */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:389 /* LDAP UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:443 /* HTTPS */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:445 /* SMB CIFS */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:445 /* SMB CIFS UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:464 /* Kerberos Password Management */
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:464 /* Kerberos Password Management UDP */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:636 /* LDAP SSL */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:3268 /* LDAP Global Catalog */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:3269 /* LDAP Global Catalog SSL */
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:10000 /* Webmin */
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
>
> > # check selinux
>
> root at grumpy ~]# sestatus
> SELinux status: disabled
>
>
> > # netstat output
>
> [root at grumpy ~]# netstat -anp
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State PID/Program name
> tcp 0 0 0.0.0.0:3269 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 0 0.0.0.0:389 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 0 0.0.0.0:39689 0.0.0.0:*
> LISTEN 922/rpc.statd
> tcp 0 0 0.0.0.0:139 0.0.0.0:*
> LISTEN 1111/smbd
> tcp 0 0 0.0.0.0:111 0.0.0.0:*
> LISTEN 904/rpcbind
> tcp 0 0 0.0.0.0:10000 0.0.0.0:*
> LISTEN 1150/perl
> tcp 0 0 0.0.0.0:464 0.0.0.0:*
> LISTEN 1116/samba
> tcp 0 0 192.168.60.200:53 0.0.0.0:*
> LISTEN 882/named
> tcp 0 0 127.0.0.1:53 0.0.0.0:*
> LISTEN 882/named
> tcp 0 0 0.0.0.0:22 0.0.0.0:*
> LISTEN 1091/sshd
> tcp 0 0 0.0.0.0:88 0.0.0.0:*
> LISTEN 1116/samba
> tcp 0 0 127.0.0.1:953 0.0.0.0:*
> LISTEN 882/named
> tcp 0 0 0.0.0.0:636 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 0 0.0.0.0:445 0.0.0.0:*
> LISTEN 1111/smbd
> tcp 0 0 0.0.0.0:1024 0.0.0.0:*
> LISTEN 1110/samba
> tcp 0 0 0.0.0.0:3268 0.0.0.0:*
> LISTEN 1114/samba
> tcp 0 48 192.168.60.200:22 192.168.63.102:51832
> ESTABLISHED 4081/sshd
> tcp 0 0 :::3269 :::*
> LISTEN 1114/samba
> tcp 0 0 :::389 :::*
> LISTEN 1114/samba
> tcp 0 0 :::139 :::*
> LISTEN 1111/smbd
> tcp 0 0 :::111 :::*
> LISTEN 904/rpcbind
> tcp 0 0 :::464 :::*
> LISTEN 1116/samba
> tcp 0 0 :::53012 :::*
> LISTEN 922/rpc.statd
> tcp 0 0 :::22 :::*
> LISTEN 1091/sshd
> tcp 0 0 :::88 :::*
> LISTEN 1116/samba
> tcp 0 0 ::1:953 :::*
> LISTEN 882/named
> tcp 0 0 :::636 :::*
> LISTEN 1114/samba
> tcp 0 0 :::445 :::*
> LISTEN 1111/smbd
> tcp 0 0 :::1024 :::*
> LISTEN 1110/samba
> tcp 0 0 :::3268 :::*
> LISTEN 1114/samba
> udp 0 0 192.168.60.200:464 0.0.0.0:*
> 1116/samba
> udp 0 0 0.0.0.0:464 0.0.0.0:*
> 1116/samba
> udp 0 0 192.168.60.200:88 0.0.0.0:*
> 1116/samba
> udp 0 0 0.0.0.0:88 0.0.0.0:*
> 1116/samba
> udp 0 0 0.0.0.0:750 0.0.0.0:*
> 861/portreserve
> udp 0 0 0.0.0.0:111 0.0.0.0:*
> 904/rpcbind
> udp 0 0 192.168.60.200:123 0.0.0.0:*
> 1138/ntpd
> udp 0 0 127.0.0.1:123 0.0.0.0:*
> 1138/ntpd
> udp 0 0 0.0.0.0:123 0.0.0.0:*
> 1138/ntpd
> udp 0 0 192.168.60.200:389 0.0.0.0:*
> 1115/samba
> udp 0 0 0.0.0.0:389 0.0.0.0:*
> 1115/samba
> udp 0 0 192.168.60.200:137 0.0.0.0:*
> 1112/samba
> udp 0 0 192.168.63.255:137 0.0.0.0:*
> 1112/samba
> udp 0 0 0.0.0.0:137 0.0.0.0:*
> 1112/samba
> udp 0 0 192.168.60.200:138 0.0.0.0:*
> 1112/samba
> udp 0 0 192.168.63.255:138 0.0.0.0:*
> 1112/samba
> udp 0 0 0.0.0.0:138 0.0.0.0:*
> 1112/samba
> udp 0 0 0.0.0.0:655 0.0.0.0:*
> 904/rpcbind
> udp 0 0 0.0.0.0:10000 0.0.0.0:*
> 1150/perl
> udp 0 0 0.0.0.0:44959 0.0.0.0:*
> 922/rpc.statd
> udp 0 0 0.0.0.0:674 0.0.0.0:*
> 922/rpc.statd
> udp 0 0 192.168.60.200:53 0.0.0.0:*
> 882/named
> udp 0 0 127.0.0.1:53 0.0.0.0:*
> 882/named
> udp 0 0 fe80::389a:99ff:febe:379:464 :::*
> 1116/samba
> udp 0 0 :::464 :::*
> 1116/samba
> udp 0 0 fe80::389a:99ff:febe:3797:88 :::*
> 1116/samba
> udp 0 0 :::88 :::*
> 1116/samba
> udp 0 0 :::111 :::*
> 904/rpcbind
> udp 0 0 fe80::389a:99ff:febe:379:123 :::*
> 1138/ntpd
> udp 0 0 ::1:123 :::*
> 1138/ntpd
> udp 0 0 :::123 :::*
> 1138/ntpd
> udp 0 0 fe80::389a:99ff:febe:379:389 :::*
> 1115/samba
> udp 0 0 :::389 :::*
> 1115/samba
> udp 0 0 :::655 :::*
> 904/rpcbind
> udp 0 0 :::53046 :::*
> 922/rpc.statd
> Active UNIX domain sockets (servers and established)
> Proto RefCnt Flags Type State I-Node PID/Program name
> Path
> unix 2 [ ACC ] STREAM LISTENING 8689 1110/samba
> /usr/local/samba/var/run/ncalrpc/np/winreg
> unix 2 [ ] DGRAM 8672 1113/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1113
> unix 2 [ ] DGRAM 8674 1114/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1114
> unix 2 [ ] DGRAM 8691 1115/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1115
> unix 2 [ ] DGRAM 8710 1116/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1116
> unix 2 [ ] DGRAM 8717 1117/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1117
> unix 2 [ ACC ] STREAM LISTENING 8878 1114/samba
> /usr/local/samba/private/ldapi
> unix 2 [ ACC ] STREAM LISTENING 8880 1114/samba
> /usr/local/samba/private/ldap_priv/ldapi
> unix 2 [ ] DGRAM 8719 1118/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1118
> unix 2 [ ACC ] STREAM LISTENING 8756 1118/samba
> /usr/local/samba/var/run/winbindd/pipe
> unix 2 [ ACC ] STREAM LISTENING 8758 1118/samba
> /usr/local/samba/var/lib/winbindd_privileged/pipe
> unix 2 [ ] DGRAM 8652 1109/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1109
> unix 2 [ ] DGRAM 8752 1119/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1119
> unix 2 [ ACC ] STREAM LISTENING 8509 1059/dbus-daemon
> /var/run/dbus/system_bus_socket
> unix 2 [ ACC ] STREAM LISTENING 8754 1119/samba
> /usr/local/samba/var/lib/ntp_signd/socket
> unix 2 [ ] DGRAM 8760 1120/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1120
> unix 2 [ ] DGRAM 8763 1121/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1121
> unix 2 [ ] DGRAM 9055 1118/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1118.28
> unix 2 [ ACC ] STREAM LISTENING 8676 1110/samba
> /usr/local/samba/var/run/ncalrpc/np/srvsvc
> unix 2 [ ACC ] STREAM LISTENING 8678 1110/samba
> /usr/local/samba/var/run/ncalrpc/DEFAULT
> unix 2 [ ] DGRAM 8657 1110/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1110
> unix 2 [ ] DGRAM 7754 861/portreserve
> /var/run/portreserve/socket
> unix 2 [ ACC ] STREAM LISTENING 6569 1/init
> @/com/ubuntu/upstart
> unix 9 [ ] DGRAM 7785 868/rsyslogd
> /dev/log
> unix 2 [ ] DGRAM 6706 319/udevd
> @/org/kernel/udev/udevd
> unix 2 [ ] DGRAM 8648 1107/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.0
> unix 2 [ ] DGRAM 8659 1112/samba
> /usr/local/samba/private/smbd.tmp/msg/msg.1112
> unix 2 [ ACC ] STREAM LISTENING 7969 904/rpcbind
> /var/run/rpcbind.sock
> unix 2 [ ] DGRAM 63732 4081/sshd
> unix 2 [ ] DGRAM 9193 1150/perl
> unix 3 [ ] STREAM CONNECTED 9054 1118/samba
> /usr/local/samba/var/lib/winbindd_privileged/pipe
> unix 3 [ ] STREAM CONNECTED 9053 1111/smbd
> unix 2 [ ] DGRAM 9012 1138/ntpd
> unix 2 [ ] DGRAM 8771 1111/smbd
> unix 2 [ ] DGRAM 8625 1099/crond
> unix 3 [ ] STREAM CONNECTED 8521 1059/dbus-daemon
> /var/run/dbus/system_bus_socket
> unix 3 [ ] STREAM CONNECTED 8520 1/init
> unix 3 [ ] STREAM CONNECTED 8514 1059/dbus-daemon
> unix 3 [ ] STREAM CONNECTED 8513 1059/dbus-daemon
> unix 3 [ ] STREAM CONNECTED 8419 1031/rpc.idmapd
> unix 3 [ ] STREAM CONNECTED 8418 1031/rpc.idmapd
> unix 2 [ ] DGRAM 8056 922/rpc.statd
> unix 2 [ ] DGRAM 7811 882/named
> unix 3 [ ] STREAM CONNECTED 7722 842/audispd
> unix 3 [ ] STREAM CONNECTED 7721 843/sedispatch
> unix 3 [ ] STREAM CONNECTED 7712 840/auditd
> unix 3 [ ] STREAM CONNECTED 7711 842/audispd
> unix 3 [ ] DGRAM 6724 319/udevd
> unix 3 [ ] DGRAM 6723 319/udevd
> >
>
Your server does not appear to be listening for RPC (TCP/135). Your netstat
output should show something like this:
[root at ADC1 ~]# netstat -anp|grep 135
tcp 0 0 0.0.0.0:135 0.0.0.0:*
LISTEN 20738/samba
tcp 0 0 :::135 :::*
LISTEN 20738/samba
Was this a standard S4 install following the Samba wiki? Do you have a
"server services" line in your smb.conf? Does it include
"rpc"?