Arjit Gupta
2017-Jun-13 14:39 UTC
[Samba] Joining a Windows Server 2008 / 2008 R2 DC to a Samba AD - ISSUE - The RPC server is unavailable
Hi , We have configured and run SAMBA-4.5 AD DC on Itanium HP UX 11iv3. We have tried to join the windows server 2008 DC to samba AD with the steps mentioned in the below link https://wiki.samba.org/index.php/Joining_a_Windows_Server_ 2008_/_2008_R2_DC_to_a_Samba_AD While i am trying to execute the steps mentioned in section "Joining the Windows Server to the Domain" 1. invoked dcpromo.exe 2. select advanced mode installation 3. Select Existing forest Add a domain to an existing domain Getting the below error .. The RPC server is unavailable Active Directory Domain Services Installation Wizard : The wizard cannot gain access to the list of domains in the forest. This condition may be caused by a DNS lookup problem. For information about troubleshooting common DNS lookup problems, please see the following Microsoft Web site: http://go.microsoft.com/ fwlink/?LinkId=5171 Logs : *Log.smbd:* ======= [2017/06/13 17:54:21.708701, 1] ../source3/rpc_server/rpc_ ncacn_np.c:772(make_external_rpc_pipe) tstream_npa_connect_recv to /var/opt/samba/run/ncalrpc/np for pipe NETLOGON and user DCTIA13DOM\Administrator failed: Broken pipe *log.samba:* *========* [2017/06/13 17:54:21.340006, 3] ../source4/auth/kerberos/krb5_ init_context.c:80(smb_krb5_debug_wrapper) Kerberos: Requested flags: renewable-ok, canonicalize, renewable, forwardable [2017/06/13 17:54:21.344718, 3] ../source4/smbd/service_ stream.c:66(stream_terminate_connection) Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2017/06/13 17:54:21.344829, 3] ../source4/smbd/process_ single.c:114(single_terminate) single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] [2017/06/13 17:54:21.348804, 3] ../source4/auth/kerberos/krb5_ init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ Administrator at DCTIA13DOM.COM from ipv4: 15.213.163.103:49171 for cifs/dctia13.dctia13dom.com at DCTIA13DOM.COM [canonicalize, renewable, forwardable] [2017/06/13 17:54:21.385671, 3] ../source4/auth/kerberos/krb5_ init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ authtime: 2017-06-13T17:54:21 starttime: 2017-06-13T17:54:21 endtime: 2017-06-14T03:54:21 renew till: 2017-06-20T17:54:21 [2017/06/13 17:54:21.388809, 3] ../source4/smbd/service_ stream.c:66(stream_terminate_connection) Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2017/06/13 17:54:21.388907, 3] ../source4/smbd/process_ single.c:114(single_terminate) single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] [2017/06/13 17:54:21.395346, 3] ../source4/auth/kerberos/krb5_ init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ Administrator at DCTIA13DOM.COM from ipv4: 15.213.163.103:49172 for krbtgt/DCTIA13DOM.COM at DCTIA13DOM.COM [renewable-ok, canonicalize, renewable, forwarded, forwardable] [2017/06/13 17:54:21.411618, 3] ../source4/auth/kerberos/krb5_ init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ authtime: 2017-06-13T17:54:21 starttime: 2017-06-13T17:54:21 endtime: 2017-06-14T03:54:21 renew till: 2017-06-20T17:54:21 [2017/06/13 17:54:21.414363, 3] ../source4/smbd/service_ stream.c:66(stream_terminate_connection) Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2017/06/13 17:54:21.414468, 3] ../source4/smbd/process_ single.c:114(single_terminate) single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] [2017/06/13 17:54:21.707864, 3] ../source4/smbd/service_ stream.c:66(stream_terminate_connection) Terminating connection - 'socket_get_remote_addr() failed' [2017/06/13 17:54:21.707999, 3] ../source4/smbd/process_ single.c:114(single_terminate) single_terminate: reason[socket_get_remote_addr() failed] Please help me on resolving this issue. Thanks, Arjit
Rowland Penny
2017-Jun-13 15:12 UTC
[Samba] Joining a Windows Server 2008 / 2008 R2 DC to a Samba AD - ISSUE - The RPC server is unavailable
On Tue, 13 Jun 2017 20:09:30 +0530 Arjit Gupta via samba <samba at lists.samba.org> wrote:> Hi , > > > We have configured and run SAMBA-4.5 AD DC on Itanium HP UX 11iv3. > >How did you configure Samba ? What Samba packages do you have installed (if you are using your OS packages) ? Can you post your smb.conf I have never used UX, but Linux has the pstree command which shows all running processes, does UX have something similar ? and if so can you post the output for the relevant Samba processes ? Rowland
Arjit Gupta
2017-Jun-14 05:13 UTC
[Samba] Joining a Windows Server 2008 / 2008 R2 DC to a Samba AD - ISSUE - The RPC server is unavailable
Hi Rowland, *>> How did you configure Samba ?* atca13 [/opt/samba/bin]# ./samba --show-build Samba version: 4.5.0-HPE CIFS SERVER 4.5.0.0 Build environment: Build host: HP-UX atca7 B.11.31 U ia64 3395706695 unlimited-user license Paths: BINDIR: /opt/samba/bin SBINDIR: /opt/samba/bin CONFIGFILE: /etc/opt/samba/smb.conf NCALRPCDIR: /var/opt/samba/run/ncalrpc LOGFILEBASE: /var/opt/samba LMHOSTSFILE: /etc/opt/samba/lmhosts DATADIR: /opt/samba/share MODULESDIR: /opt/samba/lib/samba LOCKDIR: /var/opt/samba/locks STATEDIR: /var/opt/samba/locks CACHEDIR: /var/opt/samba/cache PIDDIR: /var/opt/samba/run PRIVATE_DIR: /var/opt/samba/private CODEPAGEDIR: /opt/samba/share/codepages SETUPDIR: /opt/samba/share/setup WINBINDD_SOCKET_DIR: /var/opt/samba/run/winbindd WINBINDD_PRIVILEGED_SOCKET_DIR: /opt/samba/lib/samba/winbindd_privileged NTP_SIGND_SOCKET_DIR: /opt/samba/lib/samba/ntp_signd atca13 [/opt/samba/bin]# *We have configured samba ad dc with below steps* atca13 [/var/opt/samba/private]# /opt/samba/bin/samba-tool domain provision --use-rfc2307 --interactive Realm [ATCA13DOM.COM]: Domain [ATCA13DOM]: Server Role (dc, member, standalone) [dc]: DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]: DNS forwarder IP address (write 'none' to disable forwarding) [x.x.x.x]: 8.8.8.8 Administrator password: Retype password: You are not root or your system do not support xattr, using tdb backend for attributes. not using extended attributes to store ACLs and other metadata. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs. Looking up IPv4 addresses Looking up IPv6 addresses No IPv6 address will be assigned Setting up share.ldb Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema Adding DomainDN: DC=ATCA13DOM,DC=com Adding configuration container Setting up sam.ldb schema Setting up sam.ldb configuration data Setting up display specifiers Modifying display specifiers Adding users container Modifying users container Adding computers container Modifying computers container Setting up sam.ldb data Setting up well known security principals Setting up sam.ldb users and groups Setting up self join xattr_tdb_removexattr() failed to get vfs_handle->data! Adding DNS accounts Creating CN=MicrosoftDNS,CN=System,DC=ATCA13DOM,DC=com Creating DomainDnsZones and ForestDnsZones partitions Populating DomainDnsZones and ForestDnsZones partitions Setting up sam.ldb rootDSE marking as synchronized Fixing provision GUIDs A Kerberos configuration suitable for Samba 4 has been generated at /var/opt/samba/private/krb5.conf Setting up fake yp server settings Once the above files are installed, your Samba4 server will be ready to use Server Role: active directory domain controller Hostname: atca13 NetBIOS Domain: ATCA13DOM DNS Domain: ATCA13DOM.com DOMAIN SID: S-1-5-21-50425708-2301055408-3617724870 atca13 [/var/opt/samba/private]# ln -sf /var/opt/samba/private/krb5.conf /etc/krb5.conf atca13 [/var/opt/samba/private]# atca13 [/opt/samba/bin]# ./samba -D atca13 [/]# /opt/samba/bin/smbclient -L localhost -U% *Domain=[ATCA13DOM] OS=[Windows 6.1] Server=[Samba 4.5.0-HPE CIFS SERVER 4.5.0.0]* *tree connect failed: NT_STATUS_CONNECTION_DISCONNECTED* atca13 [/]# atca13 [/opt/samba/bin]# ./smbclient //localhost/netlogon -UAdministrator -c 'ls' Enter Administrator's password: *Domain=[ATCA13DOM] OS=[Windows 6.1] Server=[Samba 4.5.0-HPE CIFS SERVER 4.5.0.0]* * . D 0 Thu Dec 8 16:56:15 2016* * .. D 0 Thu Dec 8 16:57:03 2016* * 25985024 blocks of size 1024. 12311120 blocks available* atca13 [/opt/samba/bin]# host -t SRV _ldap._tcp.ATCA13DOM.COM _ldap._tcp.ATCA13DOM.COM has SRV record 0 100 389 atca13.ATCA13DOM.com. atca13 [/opt/samba/bin]# host -t SRV _kerberos._udp.ATCA13DOM.COM _kerberos._udp.ATCA13DOM.COM has SRV record 0 100 88 atca13.ATCA13DOM.com. atca13 [/opt/samba/bin]# host -t A atca13.ATCA13DOM.com atca13.ATCA13DOM.com has address x.x.x.x atca13 [/opt/samba/bin]# kinit administrator Password for administrator at ATCA13DOM.COM: Warning: Your password will expire in 41 days on Fri Jul 14 16:03:14 2017 atca13 [/opt/samba/bin]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator at ATCA13DOM.COM Valid starting Expires Service principal 06/02/17 16:08:22 06/03/17 02:08:19 krbtgt/ATCA13DOM.COM at ATCA13DOM.COM atca13 [/opt/samba/bin]# ./wbinfo --ping-dc checking the NETLOGON for domain[ATCA13DOM] dc connection to " atca13.ATCA13DOM.com" succeeded atca13 [/opt/samba/bin]# *>> What Samba packages do you have installed (if you are using your OS* *packages) ?* We have built the Samba 4.5.0 on Itanium HP UX 11iv3 *>> smb.conf* =====# Global parameters [global] netbios name = atca13 realm = ATCA13DOM.COM workgroup = ATCA13DOM dns forwarder = 8.8.8.8 server role = active directory domain controller idmap_ldb:use rfc2307 = yes xattr_tdb:file = /var/opt/samba/locks/xattr.tdb guest account = smbnull log level = 5 [netlogon] path = /var/opt/samba/locks/sysvol/ATCA13DOM.com/scripts read only = No [sysvol] path = /var/opt/samba/locks/sysvol read only = No *Running Samba process :* ============atca13 [/opt/samba/bin]# ps -ef | grep -i samba root 16486 16480 0 22:42:11 ? 0:00 /opt/samba/bin/winbindd -D --option=server role check:inhibit=yes --foreground root 16477 16468 0 22:42:07 ? 0:00 ./samba -D root 16489 16471 0 22:42:11 ? 0:00 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes --foreground root 16475 16468 0 22:42:07 ? 0:00 ./samba -D root 16469 16468 0 22:42:06 ? 0:00 ./samba -D root 16483 16468 0 22:42:07 ? 0:00 ./samba -D root 16487 16471 0 22:42:11 ? 0:00 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes --foreground root 16488 16471 0 22:42:11 ? 0:00 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes --foreground root 16480 16478 0 22:42:07 ? 0:00 /opt/samba/bin/winbindd -D --option=server role check:inhibit=yes --foreground root 16482 16468 0 22:42:07 ? 0:00 ./samba -D root 16470 16468 0 22:42:07 ? 0:00 ./samba -D root 16481 16468 0 22:42:07 ? 0:00 ./samba -D root 16478 16468 0 22:42:07 ? 0:00 ./samba -D root 16476 16468 0 22:42:07 ? 0:00 ./samba -D root 16474 16468 0 22:42:07 ? 0:15 ./samba -D root 16471 16469 0 22:42:07 ? 0:00 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes --foreground root 16468 1 0 22:42:05 ? 0:01 ./samba -D root 16479 16468 0 22:42:07 ? 0:00 ./samba -D root 16473 16468 0 22:42:07 ? 0:00 ./samba -D root 16472 16468 0 22:42:07 ? 0:00 ./samba -D atca13 [/opt/samba/bin]# ptree 16468 16468 ./samba -D 16469 ./samba -D 16471 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes - 16487 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes - 16488 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes - 16489 /opt/samba/bin/smbd -D --option=server role check:inhibit=yes - 16470 ./samba -D 16472 ./samba -D 16473 ./samba -D 16474 ./samba -D 16475 ./samba -D 16476 ./samba -D 16477 ./samba -D 16478 ./samba -D 16480 /opt/samba/bin/winbindd -D --option=server role check:inhibit=y 16486 /opt/samba/bin/winbindd -D --option=server role check:inhibit=y 16479 ./samba -D 16481 ./samba -D 16482 ./samba -D 16483 ./samba -D atca13 [/opt/samba/bin]# *Please let us know if any other details required.* Arjit Kumar On Tue, Jun 13, 2017 at 8:42 PM, Rowland Penny <rpenny at samba.org> wrote:> On Tue, 13 Jun 2017 20:09:30 +0530 > Arjit Gupta via samba <samba at lists.samba.org> wrote: > > > Hi , > > > > > > We have configured and run SAMBA-4.5 AD DC on Itanium HP UX 11iv3. > > > > > > How did you configure Samba ? > What Samba packages do you have installed (if you are using your OS > packages) ? > > Can you post your smb.conf > > I have never used UX, but Linux has the pstree command which shows all > running processes, does UX have something similar ? and if so can you > post the output for the relevant Samba processes ? > > Rowland > >