Peter Milesson
2025-Jul-03 09:26 UTC
[Samba] WERR_DNS_ERROR_DS_UNAVAILABLE when asking for local dns server info
On 7/3/25 08:59, CED Ing. Damiano Bolla via samba wrote:> this is what works > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/hostname > vdce > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/hosts > 127.0.0.1?????? localhost > 192.168.999.40? vdce.CONTOSO.local???? vdce > > ---------------------- >Hi folks, the IP address 192.168.999.40 is not valid. Shouldn't it be 99 instead? Best regards, Peter> root at vdce:/home/damiano/work# cat /etc/krb5.conf > [libdefaults] > ??????? default_realm = CONTOSO.LOCAL > ??????? dns_lookup_realm = false > ??????? dns_lookup_kdc = true > > [realms] > CONTOSO.LOCAL = { > ??????? default_domain = CONTOSO.local > } > > [domain_realm] > ??????? VDCE = CONTOSO.LOCAL > > ---------------------- > > root at vdce:/home/damiano/work# cat /etc/nsswitch.conf > # /etc/nsswitch.conf > # > # Example configuration of GNU Name Service Switch functionality. > # If you have the `glibc-doc-reference' and `info' packages installed, > try: > # `info libc "Name Service Switch"' for information about this file. > > passwd:???????? files > group:????????? files > shadow:???????? files > gshadow:??????? files > > #hosts:????????? files mdns4_minimal [NOTFOUND=return] dns > hosts:????????? files dns > networks:?????? files > > protocols:????? db files > services:?????? db files > ethers:???????? db files > rpc:??????????? db files > > netgroup:?????? nis > > ---------------------- > > root at vdce:/home/damiano/work# nslookup vdce > Server:???????? 192.168.999.40 > Address:??????? 192.168.999.40#53 > > Name:?? vdce.CONTOSO.local > Address: 192.168.999.40 > > ---------------------- > > root at vdce:/home/damiano/work#? net --use-krb5-ccache=/tmp/krb5cc_0 -S > virtdc time > Thu Jul? 3 08:50:12 2025 > > ---------------------- > > root at vdce:/home/damiano/work#? net --use-krb5-ccache=/tmp/krb5cc_0 -S > vdce time > Thu Jul? 3 08:49:31 2025 > ---------------------- > > I can use RSAT (from windows machine, clearly) to connect to xx.40 and > administer "active directory users and computers" > > ---------------------- I have removed the other windows machines from > the report > > PS C:\Users\xxxxxxx> repadmin /replsummary > Replication Summary Start Time: 2025-07-03 08:56:54 > > Source DSA????????? largest delta??? fails/total %%?? error > ?VDCD????????????????????? 03m:58s??? 0 /? 10??? 0 > > Destination DSA???? largest delta??? fails/total %%?? error > ?VDCD????????????????????? 59m:57s??? 0 /? 10??? 0 > > > ---------------------------------- however.... > > root at vdce:/home/damiano/work# samba-tool dns serverinfo vdce > --use-krb5-ccache=/tmp/krb5cc_0 > ERROR(runtime): Could not contact RPC server > [WERR_DNS_ERROR_DS_UNAVAILABLE] - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE') > > the question, again.... > > the question is "how can I find out if RPC server for DNS (that is NOT > the dns server itself, it is the "administrative" part) is "enabled") ? > > and if it is not enabled.... how do I enable it ? > > or alternatively, where (what file and possibly what "string") should > I look for for possible invalid params related to RPC server for DNS ? > > > Il 2025-07-03 8:38 AM, Rowland Penny via samba ha scritto: >> samba-tool dns serverinfo rpidc1 --use-krb5-ccache=/tmp/krb5cc_0 >
CED Ing. Damiano Bolla
2025-Jul-03 09:31 UTC
[Samba] WERR_DNS_ERROR_DS_UNAVAILABLE when asking for local dns server info
999 and CONTOSO is a replaced string for the actual content.... as i have written I can use RSAT domain admin to "talk" to the samba server the question is specifically related to RPC and DNS management, since the actual DNS works Il 2025-07-03 11:26 AM, Peter Milesson via samba ha scritto:> > On 7/3/25 08:59, CED Ing. Damiano Bolla via samba wrote: >> this is what works >> >> ---------------------- >> >> root at vdce:/home/damiano/work# cat /etc/hostname >> vdce >> >> ---------------------- >> >> root at vdce:/home/damiano/work# cat /etc/hosts >> 127.0.0.1?????? localhost >> 192.168.999.40? vdce.CONTOSO.local???? vdce >> >> ---------------------- >> > Hi folks, > > the IP address 192.168.999.40 is not valid. Shouldn't it be 99 instead? > > Best regards, > > Peter > > >> root at vdce:/home/damiano/work# cat /etc/krb5.conf >> [libdefaults] >> ??????? default_realm = CONTOSO.LOCAL >> ??????? dns_lookup_realm = false >> ??????? dns_lookup_kdc = true >> >> [realms] >> CONTOSO.LOCAL = { >> ??????? default_domain = CONTOSO.local >> } >> >> [domain_realm] >> ??????? VDCE = CONTOSO.LOCAL >> >> ---------------------- >> >> root at vdce:/home/damiano/work# cat /etc/nsswitch.conf >> # /etc/nsswitch.conf >> # >> # Example configuration of GNU Name Service Switch functionality. >> # If you have the `glibc-doc-reference' and `info' packages >> installed, try: >> # `info libc "Name Service Switch"' for information about this file. >> >> passwd:???????? files >> group:????????? files >> shadow:???????? files >> gshadow:??????? files >> >> #hosts:????????? files mdns4_minimal [NOTFOUND=return] dns >> hosts:????????? files dns >> networks:?????? files >> >> protocols:????? db files >> services:?????? db files >> ethers:???????? db files >> rpc:??????????? db files >> >> netgroup:?????? nis >> >> ---------------------- >> >> root at vdce:/home/damiano/work# nslookup vdce >> Server:???????? 192.168.999.40 >> Address:??????? 192.168.999.40#53 >> >> Name:?? vdce.CONTOSO.local >> Address: 192.168.999.40 >> >> ---------------------- >> >> root at vdce:/home/damiano/work#? net --use-krb5-ccache=/tmp/krb5cc_0 -S >> virtdc time >> Thu Jul? 3 08:50:12 2025 >> >> ---------------------- >> >> root at vdce:/home/damiano/work#? net --use-krb5-ccache=/tmp/krb5cc_0 -S >> vdce time >> Thu Jul? 3 08:49:31 2025 >> ---------------------- >> >> I can use RSAT (from windows machine, clearly) to connect to xx.40 >> and administer "active directory users and computers" >> >> ---------------------- I have removed the other windows machines from >> the report >> >> PS C:\Users\xxxxxxx> repadmin /replsummary >> Replication Summary Start Time: 2025-07-03 08:56:54 >> >> Source DSA????????? largest delta??? fails/total %%?? error >> ?VDCD????????????????????? 03m:58s??? 0 /? 10??? 0 >> >> Destination DSA???? largest delta??? fails/total %%?? error >> ?VDCD????????????????????? 59m:57s??? 0 /? 10??? 0 >> >> >> ---------------------------------- however.... >> >> root at vdce:/home/damiano/work# samba-tool dns serverinfo vdce >> --use-krb5-ccache=/tmp/krb5cc_0 >> ERROR(runtime): Could not contact RPC server >> [WERR_DNS_ERROR_DS_UNAVAILABLE] - (9717, >> 'WERR_DNS_ERROR_DS_UNAVAILABLE') >> >> the question, again.... >> >> the question is "how can I find out if RPC server for DNS (that is >> NOT the dns server itself, it is the "administrative" part) is >> "enabled") ? >> >> and if it is not enabled.... how do I enable it ? >> >> or alternatively, where (what file and possibly what "string") should >> I look for for possible invalid params related to RPC server for DNS ? >> >> >> Il 2025-07-03 8:38 AM, Rowland Penny via samba ha scritto: >>> samba-tool dns serverinfo rpidc1 --use-krb5-ccache=/tmp/krb5cc_0 >> >
Rowland Penny
2025-Jul-03 09:32 UTC
[Samba] WERR_DNS_ERROR_DS_UNAVAILABLE when asking for local dns server info
On Thu, 3 Jul 2025 11:26:50 +0200 Peter Milesson via samba <samba at lists.samba.org> wrote:> > On 7/3/25 08:59, CED Ing. Damiano Bolla via samba wrote: > > this is what works > > > > ---------------------- > > > > root at vdce:/home/damiano/work# cat /etc/hostname > > vdce > > > > ---------------------- > > > > root at vdce:/home/damiano/work# cat /etc/hosts > > 127.0.0.1?????? localhost > > 192.168.999.40? vdce.CONTOSO.local???? vdce > > > > ---------------------- > > > Hi folks, > > the IP address 192.168.999.40 is not valid. Shouldn't it be 99 > instead? > >Good catch, I totally missed that, concentrating if things matched ;-( Rowland