Rowland Penny
2016-Dec-16 11:27 UTC
[Samba] Fwd: net ads join -> "The connection was refused"
On Fri, 16 Dec 2016 12:08:05 +0100 Artur Moor via samba <samba at lists.samba.org> wrote:> I don't want to join samba as DC, i am trying to join samba as member > to AD. > > My setup ist: > DC: dc1.ad.interdekor.com.ua (10.0.140.2) > NETBIOS NAME: INTERDEKOR > > ------------------------ > SAMBA SERVER: 10.0.140.3 > ------------------------ > root at samba:~# uname -nrs > FreeBSD samba.ad.interdekor.com.ua 11.0-RELEASE > > root at samba:~# samba-tool -V > 4.4.5 > > root at samba:~# cat /etc/resolv.conf > search ad.interdekor.com.ua > nameserver 10.0.140.2 > > root at samba:~# cat /etc/krb5.conf > [libdefaults] > default_realm = AD.INTERDEKOR.COM.UA > dns_lookup_realm = true > dns_lookup_kdc = true > > root at samba:~# cat /usr/local/etc/smb4.conf > [global] > netbios name = SAMBA > realm = AD.INTERDEKOR.COM.UA > security = ads > workgroup = INTERDEKOR > > nmbd bind explicit broadcast = no > > use sendfile = true > > idmap config * : backend = tdb > idmap config * : range = 60000-69999 > idmap config INTERDEKOR : backend = ad > idmap config INTERDEKOR : schema_mode = rfc2307 > idmap config INTERDEKOR : range = 10000-59999 > > winbind separator = + > winbind enum users = yes > winbind enum groups = yes > winbind use default domain = yes > winbind refresh tickets = yes > > restrict anonymous = 2 > > log file = /var/log/samba4/log.%m > >Try removing 'nmbd bind explicit broadcast = no', everything else looks okay. What is the AD DC ? Is it running a firewall ? Rowland
Artur Moor
2016-Dec-16 11:36 UTC
[Samba] Fwd: net ads join -> "The connection was refused"
If I remove 'nmbd bind explicit broadcast = no' then 'smbd' can't start because samba is running i jailed einvironment. AD DC is a Windows Server 2016 Standard Yes there is a firewall but I get the same error if disable the firewall. 2016-12-16 12:27 GMT+01:00 Rowland Penny via samba <samba at lists.samba.org>:> On Fri, 16 Dec 2016 12:08:05 +0100 > Artur Moor via samba <samba at lists.samba.org> wrote: > > > I don't want to join samba as DC, i am trying to join samba as member > > to AD. > > > > My setup ist: > > DC: dc1.ad.interdekor.com.ua (10.0.140.2) > > NETBIOS NAME: INTERDEKOR > > > > ------------------------ > > SAMBA SERVER: 10.0.140.3 > > ------------------------ > > root at samba:~# uname -nrs > > FreeBSD samba.ad.interdekor.com.ua 11.0-RELEASE > > > > root at samba:~# samba-tool -V > > 4.4.5 > > > > root at samba:~# cat /etc/resolv.conf > > search ad.interdekor.com.ua > > nameserver 10.0.140.2 > > > > root at samba:~# cat /etc/krb5.conf > > [libdefaults] > > default_realm = AD.INTERDEKOR.COM.UA > > dns_lookup_realm = true > > dns_lookup_kdc = true > > > > root at samba:~# cat /usr/local/etc/smb4.conf > > [global] > > netbios name = SAMBA > > realm = AD.INTERDEKOR.COM.UA > > security = ads > > workgroup = INTERDEKOR > > > > nmbd bind explicit broadcast = no > > > > use sendfile = true > > > > idmap config * : backend = tdb > > idmap config * : range = 60000-69999 > > idmap config INTERDEKOR : backend = ad > > idmap config INTERDEKOR : schema_mode = rfc2307 > > idmap config INTERDEKOR : range = 10000-59999 > > > > winbind separator = + > > winbind enum users = yes > > winbind enum groups = yes > > winbind use default domain = yes > > winbind refresh tickets = yes > > > > restrict anonymous = 2 > > > > log file = /var/log/samba4/log.%m > > > > > > Try removing 'nmbd bind explicit broadcast = no', everything else looks > okay. > What is the AD DC ? > Is it running a firewall ? > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Rowland Penny
2016-Dec-16 12:07 UTC
[Samba] Fwd: net ads join -> "The connection was refused"
On Fri, 16 Dec 2016 12:36:33 +0100 Artur Moor via samba <samba at lists.samba.org> wrote:> If I remove 'nmbd bind explicit broadcast = no' then 'smbd' can't > start because samba is running i jailed einvironment.You should still be able to start 'smbd', are any Samba deamons running when you try the join? Which Samba daemons are you starting ?> > AD DC is a Windows Server 2016 Standard >Not had to deal with one of them yet. Rowland