On Fri, 30 Sep 2016 14:41:45 -0500 Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote:> On 2016-09-30 14:16, Bob of Donelson Trophy via samba wrote: > > > On 2016-09-30 13:59, Rowland Penny via samba wrote: > > > >> On Fri, 30 Sep 2016 13:04:49 -0500 > >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > >> > >> On 2016-09-30 07:27, Rowland Penny via samba wrote: > >> > >> On Fri, 30 Sep 2016 07:01:05 -0500 > >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > >> > >> I have created a second DC and joined it to my first DC. Seemed to > >> go well, then not. Now experiencing dns issues. My syslog on first > >> DC shows "Failed to connect host 192.168.xx.49 > >> (22******c8._msdcs.dtshrm.dt) on port 135 - > >> NT_STATUS_CONNECTION_REFUSED." (Which is referencing the second DC > >> connection failed.) > >> > >> Now, _please set the dns issue aside for the moment_ as I went to > >> my second DC and set log level to "10" to see what is going on and > >> the second DC is not generating log files. It did not create > >> /var/log/samba/* anything. This after a couple of restarts. I > >> checked the "smbd -b" output of DC2 and Samba is set to > >> "LOGFILEBASE: /var/log/samba." > >> > >> The second DC is a Ubuntu 16.04.1LTS running Samba 4.3.9 (from > >> repo) and bind9.10.3-P4-Ubuntu. > >> > >> Does anyone know how can I get the logs to generate? Is there > >> something else I "need to turn on"? > >> Lets start with the dns entries, go and read this: > >> > >> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record > >> > >> Rowland > > > > I had been through that but something changed. > > > > When I get to "ldbsearch-H /var/lib/samba/private/sam.ldb > > '(invcationId=*)' --cross-ncs objectguid" now returns "Search > > failed - Unsupported critical extension 1.2.840.113226.1.4.1340" > > > > So . . . thoughts? > > > > OK, try running 'samba-tool dbcheck --cross-ncs' and if it shows any > > errors, run it again adding '--fix' > > > > Rowland > > > > The results are: Checked 3534 objects (0 errors)There doesn't seem to be anything wrong with your AD' Checking google for 1.2.840.113226.1.4.1340 doesn't turn up any results, reducing it to 1.2.840.113226 doesn't return anything either, microsoft seems to use 1.2.840.113556, so have you extended your schema and if so, with what ? Rowland
Bob of Donelson Trophy
2016-Sep-30 20:43 UTC
[Samba] turned on log level = 10 . . . no logs
On 2016-09-30 15:20, Rowland Penny via samba wrote:> On Fri, 30 Sep 2016 14:41:45 -0500 > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > > On 2016-09-30 14:16, Bob of Donelson Trophy via samba wrote: > > On 2016-09-30 13:59, Rowland Penny via samba wrote: > > On Fri, 30 Sep 2016 13:04:49 -0500 > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > > On 2016-09-30 07:27, Rowland Penny via samba wrote: > > On Fri, 30 Sep 2016 07:01:05 -0500 > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > > I have created a second DC and joined it to my first DC. Seemed to > go well, then not. Now experiencing dns issues. My syslog on first > DC shows "Failed to connect host 192.168.xx.49 > (22******c8._msdcs.dtshrm.dt) on port 135 - > NT_STATUS_CONNECTION_REFUSED." (Which is referencing the second DC > connection failed.) > > Now, _please set the dns issue aside for the moment_ as I went to > my second DC and set log level to "10" to see what is going on and > the second DC is not generating log files. It did not create > /var/log/samba/* anything. This after a couple of restarts. I > checked the "smbd -b" output of DC2 and Samba is set to > "LOGFILEBASE: /var/log/samba." > > The second DC is a Ubuntu 16.04.1LTS running Samba 4.3.9 (from > repo) and bind9.10.3-P4-Ubuntu. > > Does anyone know how can I get the logs to generate? Is there > something else I "need to turn on"? > Lets start with the dns entries, go and read this: > > https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record > > Rowland > I had been through that but something changed. > > When I get to "ldbsearch-H /var/lib/samba/private/sam.ldb > '(invcationId=*)' --cross-ncs objectguid" now returns "Search > failed - Unsupported critical extension 1.2.840.113226.1.4.1340" > > So . . . thoughts? > > OK, try running 'samba-tool dbcheck --cross-ncs' and if it shows any > errors, run it again adding '--fix' > > Rowland > > The results are: Checked 3534 objects (0 errors)There doesn't seem to be anything wrong with your AD' Checking google for 1.2.840.113226.1.4.1340 doesn't turn up any results, reducing it to 1.2.840.113226 doesn't return anything either, microsoft seems to use 1.2.840.113556, so have you extended your schema and if so, with what ? Rowland When I work via command line from a different location and "shutdown -r 0" I have experienced that some times "things" don't restart quite right. I decided to shut it down (rather than just restart) as I am "looking at the box" and power up from "dead" stop. When I: "ldbsearch-H /var/lib/samba/private/sam.ldb '(invocationId=*)' --cross-ncs objectguid" now returns >>correct results.<< I have always called this type of restart a "Bob thing". Shut it OFF, let everything stop moving (inside) and then start it up again. It seems to be fixed. Sorry I bothered the list with this nonsense. But, thanks for your help, Rowland!! -- _______________________________ Bob Wooden of Donelson Trophy
Bob of Donelson Trophy
2016-Oct-02 20:53 UTC
[Samba] turned on log level = 10 . . . no logs
On 2016-09-30 15:43, Bob of Donelson Trophy via samba wrote:> On 2016-09-30 15:20, Rowland Penny via samba wrote: > >> On Fri, 30 Sep 2016 14:41:45 -0500 >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: >> >> On 2016-09-30 14:16, Bob of Donelson Trophy via samba wrote: >> >> On 2016-09-30 13:59, Rowland Penny via samba wrote: >> >> On Fri, 30 Sep 2016 13:04:49 -0500 >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: >> >> On 2016-09-30 07:27, Rowland Penny via samba wrote: >> >> On Fri, 30 Sep 2016 07:01:05 -0500 >> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: >> >> I have created a second DC and joined it to my first DC. Seemed to >> go well, then not. Now experiencing dns issues. My syslog on first >> DC shows "Failed to connect host 192.168.xx.49 >> (22******c8._msdcs.dtshrm.dt) on port 135 - >> NT_STATUS_CONNECTION_REFUSED." (Which is referencing the second DC >> connection failed.) >> >> Now, _please set the dns issue aside for the moment_ as I went to >> my second DC and set log level to "10" to see what is going on and >> the second DC is not generating log files. It did not create >> /var/log/samba/* anything. This after a couple of restarts. I >> checked the "smbd -b" output of DC2 and Samba is set to >> "LOGFILEBASE: /var/log/samba." >> >> The second DC is a Ubuntu 16.04.1LTS running Samba 4.3.9 (from >> repo) and bind9.10.3-P4-Ubuntu. >> >> Does anyone know how can I get the logs to generate? Is there >> something else I "need to turn on"? >> Lets start with the dns entries, go and read this: >> >> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record >> >> Rowland >> I had been through that but something changed. >> >> When I get to "ldbsearch-H /var/lib/samba/private/sam.ldb >> '(invcationId=*)' --cross-ncs objectguid" now returns "Search >> failed - Unsupported critical extension 1.2.840.113226.1.4.1340" >> >> So . . . thoughts? >> >> OK, try running 'samba-tool dbcheck --cross-ncs' and if it shows any >> errors, run it again adding '--fix' >> >> Rowland >> >> The results are: Checked 3534 objects (0 errors) > > There doesn't seem to be anything wrong with your AD' > Checking google for 1.2.840.113226.1.4.1340 doesn't turn up any > results, reducing it to 1.2.840.113226 doesn't return anything either, > microsoft seems to use 1.2.840.113556, so have you extended your schema > and if so, with what ? > > Rowland > > When I work via command line from a different location and "shutdown -r > 0" I have experienced that some times "things" don't restart quite > right. I decided to shut it down (rather than just restart) as I am > "looking at the box" and power up from "dead" stop. > > When I: "ldbsearch-H /var/lib/samba/private/sam.ldb '(invocationId=*)' > --cross-ncs objectguid" now returns >>correct results.<< > > I have always called this type of restart a "Bob thing". Shut it OFF, > let everything stop moving (inside) and then start it up again. > > It seems to be fixed. Sorry I bothered the list with this nonsense. But, > thanks for your help, Rowland!! > > -- > _______________________________ > > Bob Wooden of Donelson TrophyTo close the subject line "turned on log level = 10 . . . no logs" I discovered that while running an ssd I had redirected /var/log/* to tmpfs to reduce the writes to and from the ssd. Disabling this redirection in /etc/fstab and "mkdir /var/log/samba/" and now samba is logging normally. -- _______________________________ Bob Wooden of Donelson Trophy