Piers Kittel
2018-Jun-13 20:57 UTC
[Samba] No ports 445/139 & smbclient shows NT_STATUS_CONNECTION_REFUSED
Hi all, I'm maintaining a small AD system on a computer called "ad" in our small charity, and it has been working fine for a year or so. However, "ad" is very rickety so we got a proper server purchased and now I'm trying to move the AD system over. I've set up the new server called "org-ad" with Debian 9 and followed the instructions here https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory. I have successfully joined both DCs and the AD structure has transferred to "org-ad" fine, as shown below: root at org-ad:/var/log# wbinfo -u org\name1 org\administrator org\name2 org\kit org\name4 org\visitor org\name5 org\krbtgt org\guest root at org-ad:/var/log# Also, "samba-tool drs showrepl" works perfectly fine as per the wiki. However, smbclient doesn't work: root at org-ad:/var/log# smbclient -L localhost -U% Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED) Checking with netstat shows the necessary ports 445 & 139 aren't open: kit at org-ad:/var/log$ netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN - tcp6 0 0 :::636 :::* LISTEN - tcp6 0 0 :::1024 :::* LISTEN - tcp6 0 0 :::3268 :::* LISTEN - tcp6 0 0 :::3269 :::* LISTEN - tcp6 0 0 :::389 :::* LISTEN - tcp6 0 0 :::135 :::* LISTEN - tcp6 0 0 :::464 :::* LISTEN - tcp6 0 0 :::53 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 :::88 :::* LISTEN - kit at cfd-ad:/var/log$ The original AD server shows: piers at ad:/etc/samba$ netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN - tcp6 0 0 :::464 :::* LISTEN - tcp6 0 0 :::53 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 :::631 :::* LISTEN - tcp6 0 0 :::88 :::* LISTEN - tcp6 0 0 :::636 :::* LISTEN - tcp6 0 0 :::445 :::* LISTEN - tcp6 0 0 :::1024 :::* LISTEN - tcp6 0 0 :::3268 :::* LISTEN - tcp6 0 0 :::3269 :::* LISTEN - tcp6 0 0 :::389 :::* LISTEN - tcp6 0 0 :::135 :::* LISTEN - tcp6 0 0 :::139 :::* LISTEN - piers at ad:/etc/samba$ I know I had the exact same problem with the original AD computer when I first set it up, but for the life of me I can't figure out what the solution was! I've gone through all config files I can remember and both computers match. I've tried this solution here - https://wiki.samba.org/index.php/Configure_Samba_to_Bind_to_Specific_Interfaces - but it doesn't work at all. Am tearing my hair out trying to remember what I did originally, so any solutions would be greatly appreciated. Many thanks! With kind regards - Piers
Apparently Analagous Threads
Wisdom of the Ancients
