Hello List,
 
                I'm receiving several of these messages in my samba log
file. I'm not entirely sure what the errors are referencing either. I'm
under the assumption DNS related. 
 
ndr_pull_error(11): Pull bytes 1 (../librpc/ndr/ndr_basic.c:81)
 
../librpc/rpc/dcerpc_util.c:264: ERROR: pad length mismatch. Calculated 44
got 0
 
 
I have 3 sites with 2 DC's per site.  These messages are only coming from
one site and both DC's are logging the errors.
 
Since I suspect DNS related, I will provide my setup configs.
 
Ubuntu 14.04
named -v BIND 9.10.3-P4-Ubuntu
samba -V Version 4.9.1  (Built from tar)
 
 
 
 
cat /etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
 
----------------------------------------------------------------------------
----------
 
 
cat /etc/bind/named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};
 
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
 
zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};
 
zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};
 
zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};
 
zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};
 
---------------------------------------------------------
 
cat /etc/bind/named.conf.local
 
include "/usr/local/samba/private/named.conf";
 
 
----------------------------------------------------------
 
 
cat /etc/bind/named.conf.options
options {
        directory "/var/cache/bind";
 
 
        dnssec-validation no;
        dnssec-enable no;
        version "0.0.7";
        notify no;
        empty-zones-enable no;
        allow-query { 127.0.0.1/32; 172.0.0.0/8; };
        allow-recursion { 172.0.0.0/8; 127.0.0.1/32; };
        forwarders { 8.8.8.8; 8.8.4.4;};
        allow-transfer {none; };
        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { none; };
        listen-on port 53 { 172.16.232.29; 127.0.0.1; };
 
        tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
};
 
 
------------------------------------------------------------------
 
 
dpkg -l | grep bind9
ii  bind9                                1:9.10.3.dfsg.P4-8ubuntu1.11
amd64        Internet Domain Name Server
ii  bind9-host                           1:9.10.3.dfsg.P4-8ubuntu1.11
amd64        Version of 'host' bundled with BIND 9.X
ii  bind9utils                           1:9.10.3.dfsg.P4-8ubuntu1.11
amd64        Utilities for BIND
ii  libbind9-140:amd64                   1:9.10.3.dfsg.P4-8ubuntu1.11
amd64        BIND9 Shared Library used by BIND
rc  libbind9-80                          1:9.8.1.dfsg.P1-4ubuntu0.21
amd64        BIND9 Shared Library used by BIND
rc  libbind9-90                          1:9.9.5.dfsg-3ubuntu0.17
amd64        BIND9 Shared Library used by BIND
 
-----------------------------------------------------------------------
 
cat /usr/local/samba/etc/smb.conf
# Global parameters
[global]
        workgroup = DOMAIN
        realm = DOMAIN.LOCAL    // I know about using .local as a domain
isn't ideal
        netbios name = PFDC1
        server role = active directory domain controller
        dns forwarder = 75.75.75.75 208.67.222.222
        idmap_ldb:use rfc2307 = Yes
        server services = -dns
        log file = /usr/local/samba/var/log.samba
        log level = 1 auth_audit:3 auth_json_audit:3
        debug timestamp = Yes
        debug uid = Yes
        debug pid = Yes
 
        load printers = No
        printcap name = /dev/null
        disable spoolss = Yes
 
        tls enabled  = yes
        tls keyfile  = tls/myKey.pem
        tls certfile = tls/myCert.pem
        tls cafile   
 
        ldap server require strong auth = no
 
        
[netlogon]
        path = /usr/local/samba/var/locks/sysvol/domain.local/scripts
        read only = No
 
[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No
 
[backup$]
        comment = PFDC1 Weekly Backup Folder
        browseable = No
        path = /usr/local/backups
        read only = No
 
 
Thanks for your assistance.
 
James Atwell
On Mon, 29 Oct 2018 13:20:18 -0400 James Atwell via samba <samba at lists.samba.org> wrote:> Hello List, > I'm receiving several of these messages in my samba > log file. I'm not entirely sure what the errors are referencing > either. I'm under the assumption DNS related. > > ndr_pull_error(11): Pull bytes 1 (../librpc/ndr/ndr_basic.c:81) > ../librpc/rpc/dcerpc_util.c:264: ERROR: pad length mismatch. > Calculated 44 got 0 > > I have 3 sites with 2 DC's per site. These messages are only coming > from one site and both DC's are logging the errors. > > Since I suspect DNS related, I will provide my setup configs. >The message is coming from dcerpc_util.c, so it probably has nothing to do with dns> cat /usr/local/samba/etc/smb.conf > > # Global parameters > > [global] > dns forwarder = 75.75.75.75 208.67.222.222You are using Bind, so, as the 'dns forwarder' line will be ignored, you might as well remove it. I think we need to know more about your set up, OS versions etc. Also I would take it as a big favour if you found a better email client that didn't add all the blank lines ;-) Rowland
On 10/29/2018 1:57 PM, Rowland Penny via samba wrote:> On Mon, 29 Oct 2018 13:20:18 -0400 > James Atwell via samba <samba at lists.samba.org> wrote: > >> Hello List, >> I'm receiving several of these messages in my samba >> log file. I'm not entirely sure what the errors are referencing >> either. I'm under the assumption DNS related. >> >> ndr_pull_error(11): Pull bytes 1 (../librpc/ndr/ndr_basic.c:81) >> ../librpc/rpc/dcerpc_util.c:264: ERROR: pad length mismatch. >> Calculated 44 got 0 >> >> I have 3 sites with 2 DC's per site. These messages are only coming >> from one site and both DC's are logging the errors. >> >> Since I suspect DNS related, I will provide my setup configs. >> > The message is coming from dcerpc_util.c, so it probably has nothing to > do with dns > >> cat /usr/local/samba/etc/smb.conf >> >> # Global parameters >> >> [global] >> dns forwarder = 75.75.75.75 208.67.222.222 > You are using Bind, so, as the 'dns forwarder' line will be ignored, you > might as well remove it. > > I think we need to know more about your set up, OS versions etc. > > Also I would take it as a big favour if you found a better email client > that didn't add all the blank lines ;-) > > Rowland >I removed the dns forwarder line as it was left over when using the internal DNS at one point. Thanks. I have 6 DC's all using Ubuntu 16.04.5 LTS. I believe I previously indicated they were 14.04 releases. A total of 3 sites with 2 DC's at each. Using rysnc sysvol replication as well. All DC's are using bind9 for DNS. All DC's are compiled from tar and using 4.9.1. I was previously using Samba 4.8.6 prior to upgrading to 4.9.1. I was not alerted to these errors until after the upgrade. As a side note I have been on the list under a previous email if all this sounds familiar. I switched back to using Thunderbird so curious if it resolves the blank space issue as well.