samba - Mar 2015 - The RPC server is unavailable

Hi,

Thank you for your reply!

I don't have any openchange services included in my installation. Nor am 
I using sogo.

I changed the DNS settings on the DHCP server now, to only include the 
PDC. Any idea if I can still have the PDC forward the DNS calls with 
"dns forwarder" in smb.conf? Can I still use a secondary DNS server in
resolv.conf on the PDC?


It feels a bit risky, when profiles are corrupting left and right, to 
restrict any users to only use the PDC as a DNS server. I really hope 
this does the trick, but I still can't log in with the Administrator 
account.


Kind regards,
     Jesper Koivum?ki


Den 2015-03-18 21:05, Steve Ankeny skrev:
> I had a similar issue:
>
> https://lists.samba.org/archive/samba/2015-February/189159.html
> https://lists.samba.org/archive/samba/2015-February/189167.html
>
> Essentially, I pointed my client DNS to the Samba AD DC only and 
> commented out "derpc" calls.
>
> On 03/18/2015 01:56 PM, Jesper Koivum?ki wrote:
>> Hi,
>>
>> I'm running a samba 4.2 server on RedHat5 and for some reason I
can't
>> seem to logon using the AD Users and Computers -tool.
>>
>> Whenever I try to connect to the PDC I get the following error:
>>
>> "The following Domain Controller could not be contacted: <name
of
>> pdc>. The RPC server is unavailable."
>>
>> I've checked for any possible firewall issues, but even with all 
>> firewalls turned off in between them, I still get the same error 
>> message.
>>
>> I've also noticed I cannot access the server with the Administrator
>> account over the network. When using smbclient I get 
>> NT_STATUS_INVALID_SID and if I try to connect as Administrator with a 
>> Windows 7 workstation, I just get a time out ("Error code:
0x80004005
>> Unspecified error).
>>
>> samba-tool works without a hitch, as do a number of other tools like 
>> ldbedit and wbinfo.
>>
>>
>> I've followed the instructions by Rowland Penny I found in the 
>> archives for this mailing list:
>>
>>
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
>>
>>
>> But I just can't get the Administrator account to work. The same 
>> error has now also started propagating to some of my test accounts as 
>> well as my own main account.
>>
>> mots might've fixed this by installing 4.1.0, but I have yet to try
>> that. I figured I'd want to solve this with the current stable
release.
>>
>> Anybody got any suggestions on how to tackle this?
>>
>

I added a new test user and it worked until I added the user to the 
"domain admins" group. Once there, it also started getting the 
NT_STATUS_INVALID_SID error message.

It seems like the group is corrupted somehow.

Any ideas on how to fix this? Can I reset or recreate a system group 
like Domain Admins?

Kind regards,
     Jesper Koivum?ki

Den 2015-03-19 08:16, Jesper Koivum?ki skrev:
> Hi,
>
> Thank you for your reply!
>
> I don't have any openchange services included in my installation. Nor 
> am I using sogo.
>
> I changed the DNS settings on the DHCP server now, to only include the 
> PDC. Any idea if I can still have the PDC forward the DNS calls with 
> "dns forwarder" in smb.conf? Can I still use a secondary DNS
server in
> resolv.conf on the PDC?
>
>
> It feels a bit risky, when profiles are corrupting left and right, to 
> restrict any users to only use the PDC as a DNS server. I really hope 
> this does the trick, but I still can't log in with the Administrator 
> account.
>
>
> Kind regards,
>     Jesper Koivum?ki
>
>
> Den 2015-03-18 21:05, Steve Ankeny skrev:
>
>> I had a similar issue:
>>
>> https://lists.samba.org/archive/samba/2015-February/189159.html
>> https://lists.samba.org/archive/samba/2015-February/189167.html
>>
>> Essentially, I pointed my client DNS to the Samba AD DC only and 
>> commented out "derpc" calls.
>>
>> On 03/18/2015 01:56 PM, Jesper Koivum?ki wrote:
>>> Hi,
>>>
>>> I'm running a samba 4.2 server on RedHat5 and for some reason I
>>> can't seem to logon using the AD Users and Computers -tool.
>>>
>>> Whenever I try to connect to the PDC I get the following error:
>>>
>>> "The following Domain Controller could not be contacted:
<name of
>>> pdc>. The RPC server is unavailable."
>>>
>>> I've checked for any possible firewall issues, but even with
all
>>> firewalls turned off in between them, I still get the same error 
>>> message.
>>>
>>> I've also noticed I cannot access the server with the
Administrator
>>> account over the network. When using smbclient I get 
>>> NT_STATUS_INVALID_SID and if I try to connect as Administrator with
>>> a Windows 7 workstation, I just get a time out ("Error code: 
>>> 0x80004005 Unspecified error).
>>>
>>> samba-tool works without a hitch, as do a number of other tools
like
>>> ldbedit and wbinfo.
>>>
>>>
>>> I've followed the instructions by Rowland Penny I found in the 
>>> archives for this mailing list:
>>>
>>>
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
>>>
>>>
>>> But I just can't get the Administrator account to work. The
same
>>> error has now also started propagating to some of my test accounts 
>>> as well as my own main account.
>>>
>>> mots might've fixed this by installing 4.1.0, but I have yet to
try
>>> that. I figured I'd want to solve this with the current stable
release.
>>>
>>> Anybody got any suggestions on how to tackle this?
>>>
>>
>