Rowland Penny
2025-Jul-03 08:13 UTC
[Samba] WERR_DNS_ERROR_DS_UNAVAILABLE when asking for local dns server info
On Thu, 3 Jul 2025 08:59:35 +0200 "CED Ing. Damiano Bolla via samba" <samba at lists.samba.org> wrote:> this is what works > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/hostname > vdce > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/hosts > 127.0.0.1?????? localhost > 192.168.999.40? vdce.CONTOSO.local???? vdce > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/krb5.conf > [libdefaults] > ??????? default_realm = CONTOSO.LOCAL > ??????? dns_lookup_realm = false > ??????? dns_lookup_kdc = true > > [realms] > CONTOSO.LOCAL = { > ??????? default_domain = CONTOSO.local > } > > [domain_realm] > ??????? VDCE = CONTOSO.LOCAL > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/nsswitch.conf > # /etc/nsswitch.conf > # > # Example configuration of GNU Name Service Switch functionality. > # If you have the `glibc-doc-reference' and `info' packages > installed, try: # `info libc "Name Service Switch"' for information > about this file. > > passwd:???????? files > group:????????? files > shadow:???????? files > gshadow:??????? files > > #hosts:????????? files mdns4_minimal [NOTFOUND=return] dns > hosts:????????? files dns > networks:?????? files > > protocols:????? db files > services:?????? db files > ethers:???????? db files > rpc:??????????? db files > > netgroup:?????? nis > > ---------------------- > > root at vdce:/home/damiano/work# nslookup vdce > Server:???????? 192.168.999.40 > Address:??????? 192.168.999.40#53 > > Name:?? vdce.CONTOSO.local > Address: 192.168.999.40 > > ---------------------- > > root at vdce:/home/damiano/work#? net --use-krb5-ccache=/tmp/krb5cc_0 -S > virtdc time > Thu Jul? 3 08:50:12 2025 > > ---------------------- > > root at vdce:/home/damiano/work#? net --use-krb5-ccache=/tmp/krb5cc_0 -S > vdce time > Thu Jul? 3 08:49:31 2025 > ---------------------- > > I can use RSAT (from windows machine, clearly) to connect to xx.40 > and administer "active directory users and computers" > > ---------------------- I have removed the other windows machines from > the report > > PS C:\Users\xxxxxxx> repadmin /replsummary > Replication Summary Start Time: 2025-07-03 08:56:54 > > Source DSA????????? largest delta??? fails/total %%?? error > ?VDCD????????????????????? 03m:58s??? 0 /? 10??? 0 > > Destination DSA???? largest delta??? fails/total %%?? error > ?VDCD????????????????????? 59m:57s??? 0 /? 10??? 0 > >Well, everything looks ok, but I missed asking for /etc/resolv.conf, from what you have posted, it should look like this: search contoso.local nameserver 192.168.999.40 If it doesn't, then I suggest you edit it to match and try again.> ---------------------------------- however.... > > root at vdce:/home/damiano/work# samba-tool dns serverinfo vdce > --use-krb5-ccache=/tmp/krb5cc_0 > ERROR(runtime): Could not contact RPC server > [WERR_DNS_ERROR_DS_UNAVAILABLE] - (9717, > 'WERR_DNS_ERROR_DS_UNAVAILABLE') > > the question, again.... > > the question is "how can I find out if RPC server for DNS (that is > NOT the dns server itself, it is the "administrative" part) is > "enabled") ?Does running the following command on the DC produce output ?: ps ax | grep 'samba' | grep 'rpc' You could try the rpcclient command: rpcclient -U "" -N -I 192.168.999.40 -c srvinfo vdce Does that produce output ?> > and if it is not enabled.... how do I enable it ?Thing is, it should be enabled, there is a default line in smb.conf on a DC: server services = s3fs, rpc, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns That is a list of the services that run on a DC and you have to remove the service from the list (either by entering the line in your smb.conf without the service(s) you want to stop or by entering "server services -'the_service_you_do_not_want_to_run' e.g. 'server services -dns') While writing this, I remembered something from the beginning of the year, so searched the mailing list archive, I wonder if this is your problem ? : https://lists.samba.org/archive/samba/2025-January/250736.html Rowland
CED Ing. Damiano Bolla
2025-Jul-03 08:19 UTC
[Samba] WERR_DNS_ERROR_DS_UNAVAILABLE when asking for local dns server info
root at vdce:/home/damiano/work# ps ax | grep 'samba' | grep 'rpc' ?4580 ???????? S????? 0:00 samba: task[rpc] pre-fork master ?4586 ???????? S????? 1:35 samba: task[rpc] pre-forked worker(0) ?4590 ???????? S????? 0:00 samba: task[rpc] pre-forked worker(1) ?4594 ???????? S????? 0:00 samba: task[rpc] pre-forked worker(2) ?4600 ???????? S????? 0:00 samba: task[rpc] pre-forked worker(3) there are three rpc workers, good, where is written what is that they are serving ? root at vdce:/home/damiano/work# rpcclient? -U "" -N -I 192.168.999.40 -c srvinfo vdce ??????? VDCE?????????? Wk Sv PrQ Unx NT SNT Samba 4.22.2-Debian-4.22.2+dfsg-1~bpo12+1 ??????? platform_id???? :?????? 500 ??????? os version????? :?????? 6.1 ??????? server type???? :?????? 0x809a03 Il 2025-07-03 10:13 AM, Rowland Penny via samba ha scritto:> ps ax | grep 'samba' | grep 'rpc'