Bob of Donelson Trophy
2016-Sep-30 19:16 UTC
[Samba] turned on log level = 10 . . . no logs
On 2016-09-30 13:59, Rowland Penny via samba wrote:> On Fri, 30 Sep 2016 13:04:49 -0500 > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > > On 2016-09-30 07:27, Rowland Penny via samba wrote: > > On Fri, 30 Sep 2016 07:01:05 -0500 > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > > I have created a second DC and joined it to my first DC. Seemed to > go well, then not. Now experiencing dns issues. My syslog on first > DC shows "Failed to connect host 192.168.xx.49 > (22******c8._msdcs.dtshrm.dt) on port 135 - > NT_STATUS_CONNECTION_REFUSED." (Which is referencing the second DC > connection failed.) > > Now, _please set the dns issue aside for the moment_ as I went to > my second DC and set log level to "10" to see what is going on and > the second DC is not generating log files. It did not create > /var/log/samba/* anything. This after a couple of restarts. I > checked the "smbd -b" output of DC2 and Samba is set to > "LOGFILEBASE: /var/log/samba." > > The second DC is a Ubuntu 16.04.1LTS running Samba 4.3.9 (from > repo) and bind9.10.3-P4-Ubuntu. > > Does anyone know how can I get the logs to generate? Is there > something else I "need to turn on"? > Lets start with the dns entries, go and read this: > > https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record > > RowlandI had been through that but something changed. When I get to "ldbsearch-H /var/lib/samba/private/sam.ldb '(invcationId=*)' --cross-ncs objectguid" now returns "Search failed - Unsupported critical extension 1.2.840.113226.1.4.1340" So . . . thoughts? OK, try running 'samba-tool dbcheck --cross-ncs' and if it shows any errors, run it again adding '--fix' Rowland The results are: Checked 3534 objects (0 errors) -- _______________________________ Bob Wooden of Donelson Trophy
Bob of Donelson Trophy
2016-Sep-30 19:41 UTC
[Samba] turned on log level = 10 . . . no logs
On 2016-09-30 14:16, Bob of Donelson Trophy via samba wrote:> On 2016-09-30 13:59, Rowland Penny via samba wrote: > >> On Fri, 30 Sep 2016 13:04:49 -0500 >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: >> >> On 2016-09-30 07:27, Rowland Penny via samba wrote: >> >> On Fri, 30 Sep 2016 07:01:05 -0500 >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: >> >> I have created a second DC and joined it to my first DC. Seemed to >> go well, then not. Now experiencing dns issues. My syslog on first >> DC shows "Failed to connect host 192.168.xx.49 >> (22******c8._msdcs.dtshrm.dt) on port 135 - >> NT_STATUS_CONNECTION_REFUSED." (Which is referencing the second DC >> connection failed.) >> >> Now, _please set the dns issue aside for the moment_ as I went to >> my second DC and set log level to "10" to see what is going on and >> the second DC is not generating log files. It did not create >> /var/log/samba/* anything. This after a couple of restarts. I >> checked the "smbd -b" output of DC2 and Samba is set to >> "LOGFILEBASE: /var/log/samba." >> >> The second DC is a Ubuntu 16.04.1LTS running Samba 4.3.9 (from >> repo) and bind9.10.3-P4-Ubuntu. >> >> Does anyone know how can I get the logs to generate? Is there >> something else I "need to turn on"? >> Lets start with the dns entries, go and read this: >> >> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record >> >> Rowland > > I had been through that but something changed. > > When I get to "ldbsearch-H /var/lib/samba/private/sam.ldb > '(invcationId=*)' --cross-ncs objectguid" now returns "Search failed - > Unsupported critical extension 1.2.840.113226.1.4.1340" > > So . . . thoughts? > > OK, try running 'samba-tool dbcheck --cross-ncs' and if it shows any > errors, run it again adding '--fix' > > Rowland > > The results are: Checked 3534 objects (0 errors) > > -- > _______________________________ > > Bob Wooden of Donelson TrophyMy web-mail clients messes up occasionally. The results are: Checked 3534 objects (0 errors) -- _______________________________ Bob Wooden of Donelson Trophy
On Fri, 30 Sep 2016 14:41:45 -0500 Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote:> On 2016-09-30 14:16, Bob of Donelson Trophy via samba wrote: > > > On 2016-09-30 13:59, Rowland Penny via samba wrote: > > > >> On Fri, 30 Sep 2016 13:04:49 -0500 > >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > >> > >> On 2016-09-30 07:27, Rowland Penny via samba wrote: > >> > >> On Fri, 30 Sep 2016 07:01:05 -0500 > >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > >> > >> I have created a second DC and joined it to my first DC. Seemed to > >> go well, then not. Now experiencing dns issues. My syslog on first > >> DC shows "Failed to connect host 192.168.xx.49 > >> (22******c8._msdcs.dtshrm.dt) on port 135 - > >> NT_STATUS_CONNECTION_REFUSED." (Which is referencing the second DC > >> connection failed.) > >> > >> Now, _please set the dns issue aside for the moment_ as I went to > >> my second DC and set log level to "10" to see what is going on and > >> the second DC is not generating log files. It did not create > >> /var/log/samba/* anything. This after a couple of restarts. I > >> checked the "smbd -b" output of DC2 and Samba is set to > >> "LOGFILEBASE: /var/log/samba." > >> > >> The second DC is a Ubuntu 16.04.1LTS running Samba 4.3.9 (from > >> repo) and bind9.10.3-P4-Ubuntu. > >> > >> Does anyone know how can I get the logs to generate? Is there > >> something else I "need to turn on"? > >> Lets start with the dns entries, go and read this: > >> > >> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record > >> > >> Rowland > > > > I had been through that but something changed. > > > > When I get to "ldbsearch-H /var/lib/samba/private/sam.ldb > > '(invcationId=*)' --cross-ncs objectguid" now returns "Search > > failed - Unsupported critical extension 1.2.840.113226.1.4.1340" > > > > So . . . thoughts? > > > > OK, try running 'samba-tool dbcheck --cross-ncs' and if it shows any > > errors, run it again adding '--fix' > > > > Rowland > > > > The results are: Checked 3534 objects (0 errors)There doesn't seem to be anything wrong with your AD' Checking google for 1.2.840.113226.1.4.1340 doesn't turn up any results, reducing it to 1.2.840.113226 doesn't return anything either, microsoft seems to use 1.2.840.113556, so have you extended your schema and if so, with what ? Rowland