search for: samba_ad_dc_port_usage

Hi Rowland Thanks for the link https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage It should fix the Firewall authentication problem. I like to find out if I can rename the Domain name of the DC when I move it to the new DC like currently it is IUMNET.EDU.NA <http://iumnet.edu.na/> but my GApps domain name is IUM.EDU.NA <http://ium.edu.na/> and I like to use the same...

I tried the following firewall-cmd --add-service=dns --permanent firewall-cmd --add-service=samba --permanent firewall-cmd --reload But was not able to connect until I disabled the iptables via iptables -P INPUT ACCEPT iptables -F then I was able to connect my windows 10 pro to my domain. So my question is what services or ports am I missing to open?

Hai Gaetan,   Can you post the output this this command : netstat -plaunt | egrep "ntp|bind|named|samba|?mbd" and iptables -S     @Rowland, https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage  might need a smal change.  test as followed The wiki line:  netstat -tulpn | egrep "samba|smbd|nmbd|winbind"  Now test my line and see the changes. this catches everything a DC might be running. netstat -plaunt | egrep "ntp|bind|named|samba|?mbd"     Greetz,   Louis   Van:...

...onder if your old Samba was <= 4.7.x. A new GUID index mode was introduced at 4.8.0, but this should just slow things down at first start up. There was also a change of ports used at 4.7.0, so if there is a firewall in use, this could be your problem, see here: https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage You also posted in your smb.conf: realm = samdom.example.com Yet, in your other posts, you have this: DC=samdom,DC=example,DC=ch Which would make your dns domain (and realm) 'samdom.example.ch', I take it this is a typo. Rowland

...o the company LAN. openVPN seem to work fine. I get Routes, the AD DNS server, can ping domain controller file Server etc. Authendicaten on Fileserver fail (cant connect to domaincontroller) gpupdate fail with the same error. Firewall haas open all port list here: https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage I have try to debug with tcpdump but cant see any traffic that is not answerd. How can i fix? Best regards

...ith the same error. > > Where is the error message coming from ? on your Win10 client ? or the > fileserver ? The error come from win10 cleint, i can login with username and password. > >> >> Firewall haas open all port list here: >> https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage > > Which firewall ? The firewall is on the company router which is also the vpn endpoint.

...NOTFOUND=return] dns myhostname > > try 'hosts files dns' > >>> Is a firewall or selinux running ? >> >> Iptables seems to be running. Selinux is not > > Check if all the required ports are open, see here: > > https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage Made the corrections. All the ports listed on the wiki seem to be listening. No change in behavior. Same message on RSAT and drive maps list "access denied"

On Mon, Feb 12, 2018 at 11:50 PM, Marc Muehlfeld <mmuehlfeld at samba.org> wrote: > Hi Jeff, > > Am 13.02.2018 um 05:16 schrieb Jeff Sadowski via samba: >> So my question is what services or ports am I missing to open? > > AD DCs: > https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage perfect exactly what I was looking for I found some docs about firewalld that the service files are kept in /usr/lib/firewalld/services so I did [root at dc1 ~]# grep -e 139 -e 88 -e 445 /usr/lib/firewalld/services/*.xml /usr/lib/firewalld/services/freeipa-ldaps.xml: <port protocol="tcp&q...

I'm unable to join my computer to the domain. On the domain controller, initially I only had firewall-cmd --permanent --add-service=samba but that didn't work. The computer couldn't join but when I turned off the firewall all-together I was able to join. I then tried firewall-cmd --permanent --add-service={samba,dns,ldap,ldaps,kerberos,kpasswd} but that didn't work either. Are

...ed would not have changed. I only updated the OS. > On 21/03/2018, at 10:04 PM, Carlos Alberto Panozzo Cunha <carlos.hollow at gmail.com> wrote: > > Hi, > I have same problem after update for samba. > I allow new ports in firewall. > > https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage > > Regards > > > On Wed, Mar 21, 2018, 00:15 David Minard via samba <samba at lists.samba.org> wrote: > G'day All, > > I have 4 DCs on Centos 7.1. Everything was working really well for > years, including replication. > > Then I decid...

...c Muehlfeld > <mmuehlfeld at samba.org> wrote: > > Hi Jeff, > > > > Am 13.02.2018 um 05:16 schrieb Jeff Sadowski via samba: > >> So my question is what services or ports am I missing to open? > > > > AD DCs: > > https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage > > perfect exactly what I was looking for > I found some docs about firewalld that the service files are kept in > /usr/lib/firewalld/services > so I did > [root at dc1 ~]# grep -e 139 -e 88 -e 445 > /usr/lib/firewalld/services/*.xml > /usr/lib/firewalld/services/freeipa-...

...would suggest you start downgrading again. > If it looks if downgrading is needed, then first try to run : samba-tool dbcheck --reindex > That might help fixing it. ( run it on every DC ) ! > > And beware the the RPC ports have changed, so do check. > https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage Dynamic RPC Ports > > > Greetz, > > Louis > > >

...21/03/2018, at 10:04 PM, Carlos Alberto Panozzo Cunha >>> <carlos.hollow at gmail.com> wrote: >>> >>> Hi, >>> I have same problem after update for samba. >>> I allow new ports in firewall. >>> >>> https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage >>> >>> Regards >>> >>> >>> On Wed, Mar 21, 2018, 00:15 David Minard via samba >>> <samba at lists.samba.org> wrote: >>> G'day All, >>> >>>          I have 4 DCs on Centos 7.1. Everything was working really...

I'm trying to get an Samba AD setup. I thought I had RSAT working, but when I launch the server manager I get the error message: "Error - Cannot manage the operating system of the target computer" I can ping the computer and the internal DNS seems to be working. I can manually create shares & I can browse netlogon and sysvol of the AD server. Am I missing something or is this

Hi, We did not upgrade in the real sense of upgrade. We did not directly apply the patch on the servers. Our steps were as follows: 1. Created an additional Domain Controller with Samba-AD 4.10.4. 2. Transferred the FSMO Roles to the new domain controller. 3. Stopped Samba-AD-DC and Bind9 services, demoted the Samba-4.7.6 DCs with samba-tool domain demote command. 4. Cleaned the

Hi I have created a new DC on the Ubuntu 16.04 with the latest sernet samba 4.7.0 package. After joining to the PDC running 4.6.8 package I backed up the idmap.ldb file and copied to the new DC. When I run the samba-tool ntacl sysvolreset command on the new DC to replicate GID Mappings it fails with the below error: open: error=2 (No such file or directory) ERROR(runtime): uncaught exception -

Progress... On 08/27/2015 08:50 AM, L.P.H. van Belle wrote: > After reading this thread.. and ..seeing the comments.. > > I googled a bit around. and yes.. more then 5 sec.. ;-) > > I wonder why almost every "centos/redhat/rpm based" howto removes firewalld with the base iptables service > now, i'm not "pro" systemd or con systemd, i use it but i set my

I think you missed these in the firewall, if you allowed the "in" for the DC, you also need the OUT. 49152:65535/tcp ALLOW OUT Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Gaetan SLONGO via samba > Verzonden: dinsdag 29 mei 2018 16:40 > Aan: Rowland Penny > CC: samba at lists.samba.org

...gt;>>>> <carlos.hollow at gmail.com> wrote: >>>>> >>>>> Hi, >>>>> I have same problem after update for samba. >>>>> I allow new ports in firewall. >>>>> >>>>> https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage >>>>> >>>>> Regards >>>>> >>>>> >>>>> On Wed, Mar 21, 2018, 00:15 David Minard via samba >>>>> <samba at lists.samba.org> wrote: >>>>> G'day All, >>>>> >>>>...

...- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >>>> >>> >> >> > > Ah, This might help: > https://wiki.samba.org/index.php/Samba_AD_DC_port_usage There it is! Shows my weak search foo. Answers the udp ldap/s question. Couple new questions though. mDNS? Even if you are running DHCP which provides the Nameserver address? And again, the firewalld mdns service only specifies udp; no tcp. And what to do for ports 1024-5000? Open one? O...