Discussion:
[Samba] The RPC server is unavailable
(too old to reply)
Jesper Koivumäki
2015-03-18 18:30:01 UTC
Permalink
Hi,

I'm running a samba 4.2 server on RedHat5 and for some reason I can't
seem to logon using the AD Users and Computers -tool.

Whenever I try to connect to the PDC I get the following error:

"The following Domain Controller could not be contacted: <name of pdc>.
The RPC server is unavailable."

I've checked for any possible firewall issues, but even with all
firewalls turned off in between them, I still get the same error message.

I've also noticed I cannot access the server with the Administrator
account over the network. When using smbclient I get
NT_STATUS_INVALID_SID and if I try to connect as Administrator with a
Windows 7 workstation, I just get a time out ("Error code: 0x80004005
Unspecified error).

samba-tool works without a hitch, as do a number of other tools like
ldbedit and wbinfo.


I've followed the instructions by Rowland Penny I found in the archives
for this mailing list:

http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html

But I just can't get the Administrator account to work. The same error
has now also started propagating to some of my test accounts as well as
my own main account.

mots might've fixed this by installing 4.1.0, but I have yet to try
that. I figured I'd want to solve this with the current stable release.

Anybody got any suggestions on how to tackle this?
--
Kind regards,
Jesper Koivumäki
--
To unsubscribe from this list go to the following URL and read the
instructi
Rowland Penny
2015-03-18 18:40:02 UTC
Permalink
Post by Jesper Koivumäki
Hi,
I'm running a samba 4.2 server on RedHat5 and for some reason I can't
seem to logon using the AD Users and Computers -tool.
"The following Domain Controller could not be contacted: <name of
pdc>. The RPC server is unavailable."
I've checked for any possible firewall issues, but even with all
firewalls turned off in between them, I still get the same error message.
I've also noticed I cannot access the server with the Administrator
account over the network. When using smbclient I get
NT_STATUS_INVALID_SID and if I try to connect as Administrator with a
Windows 7 workstation, I just get a time out ("Error code: 0x80004005
Unspecified error).
samba-tool works without a hitch, as do a number of other tools like
ldbedit and wbinfo.
I've followed the instructions by Rowland Penny I found in the
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
But I just can't get the Administrator account to work. The same error
has now also started propagating to some of my test accounts as well
as my own main account.
mots might've fixed this by installing 4.1.0, but I have yet to try
that. I figured I'd want to solve this with the current stable release.
Anybody got any suggestions on how to tackle this?
WOW, fame at last, I got quoted :-D

Where did you get samba4 from ?

Can you post your smb.conf

Rowland
--
To unsubscribe from this list go to the following URL and read the
instru
Jesper Koivumäki
2015-03-19 06:50:02 UTC
Permalink
I added a new test user and it worked until I added the user to the
"domain admins" group. Once there, it also started getting the
NT_STATUS_INVALID_SID error message.

It seems like the group is corrupted somehow.

Any ideas on how to fix this? Can I reset or recreate a system group
like Domain Admins?

Kind regards,
Jesper Koivumäki
Hi,
Thank you for your reply!
I don't have any openchange services included in my installation. Nor
am I using sogo.
I changed the DNS settings on the DHCP server now, to only include the
PDC. Any idea if I can still have the PDC forward the DNS calls with
"dns forwarder" in smb.conf? Can I still use a secondary DNS server in
resolv.conf on the PDC?
It feels a bit risky, when profiles are corrupting left and right, to
restrict any users to only use the PDC as a DNS server. I really hope
this does the trick, but I still can't log in with the Administrator
account.
Kind regards,
Jesper Koivumäki
https://lists.samba.org/archive/samba/2015-February/189159.html
https://lists.samba.org/archive/samba/2015-February/189167.html
Essentially, I pointed my client DNS to the Samba AD DC only and
commented out "derpc" calls.
Post by Jesper Koivumäki
Hi,
I'm running a samba 4.2 server on RedHat5 and for some reason I
can't seem to logon using the AD Users and Computers -tool.
"The following Domain Controller could not be contacted: <name of
pdc>. The RPC server is unavailable."
I've checked for any possible firewall issues, but even with all
firewalls turned off in between them, I still get the same error message.
I've also noticed I cannot access the server with the Administrator
account over the network. When using smbclient I get
NT_STATUS_INVALID_SID and if I try to connect as Administrator with
0x80004005 Unspecified error).
samba-tool works without a hitch, as do a number of other tools like
ldbedit and wbinfo.
I've followed the instructions by Rowland Penny I found in the
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
But I just can't get the Administrator account to work. The same
error has now also started propagating to some of my test accounts
as well as my own main account.
mots might've fixed this by installing 4.1.0, but I have yet to try
that. I figured I'd want to solve this with the current stable release.
Anybody got any suggestions on how to tackle this?
--
To unsubscribe from this list go to the following URL and read the
instructions: ht
Jesper Koivumäki
2015-03-19 07:10:02 UTC
Permalink
Hi,

Thank you for your reply!

I don't have any openchange services included in my installation. Nor am
I using sogo.

I changed the DNS settings on the DHCP server now, to only include the
PDC. Any idea if I can still have the PDC forward the DNS calls with
"dns forwarder" in smb.conf? Can I still use a secondary DNS server in
resolv.conf on the PDC?


It feels a bit risky, when profiles are corrupting left and right, to
restrict any users to only use the PDC as a DNS server. I really hope
this does the trick, but I still can't log in with the Administrator
account.


Kind regards,
Jesper Koivumäki
https://lists.samba.org/archive/samba/2015-February/189159.html
https://lists.samba.org/archive/samba/2015-February/189167.html
Essentially, I pointed my client DNS to the Samba AD DC only and
commented out "derpc" calls.
Post by Jesper Koivumäki
Hi,
I'm running a samba 4.2 server on RedHat5 and for some reason I can't
seem to logon using the AD Users and Computers -tool.
"The following Domain Controller could not be contacted: <name of
pdc>. The RPC server is unavailable."
I've checked for any possible firewall issues, but even with all
firewalls turned off in between them, I still get the same error message.
I've also noticed I cannot access the server with the Administrator
account over the network. When using smbclient I get
NT_STATUS_INVALID_SID and if I try to connect as Administrator with a
Windows 7 workstation, I just get a time out ("Error code: 0x80004005
Unspecified error).
samba-tool works without a hitch, as do a number of other tools like
ldbedit and wbinfo.
I've followed the instructions by Rowland Penny I found in the
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
But I just can't get the Administrator account to work. The same
error has now also started propagating to some of my test accounts as
well as my own main account.
mots might've fixed this by installing 4.1.0, but I have yet to try
that. I figured I'd want to solve this with the current stable release.
Anybody got any suggestions on how to tackle this?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman
Jesper Koivumäki
2015-03-19 12:50:02 UTC
Permalink
Post by Rowland Penny
/ Hi,
/>>/
/>>/ I'm running a samba 4.2 server on RedHat5 and for some reason I can't
/>>/ seem to logon using the AD Users and Computers -tool.
/>>/
/>>/ Whenever I try to connect to the PDC I get the following error:
/>>/
/>>/ "The following Domain Controller could not be contacted: <name of
/>>/ pdc>. The RPC server is unavailable."
/>>/
/>>/ I've checked for any possible firewall issues, but even with all
/>>/ firewalls turned off in between them, I still get the same error message.
/>>/
/>>/ I've also noticed I cannot access the server with the Administrator
/>>/ account over the network. When using smbclient I get
/>>/ NT_STATUS_INVALID_SID and if I try to connect as Administrator with a
/>>/ Windows 7 workstation, I just get a time out ("Error code: 0x80004005
/>>/ Unspecified error).
/>>/
/>>/ samba-tool works without a hitch, as do a number of other tools like
/>>/ ldbedit and wbinfo.
/>>/
/>>/
/>>/ I've followed the instructions by Rowland Penny I found in the
/>>/ archives for this mailing list:
/>>/
/>>/ http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
/>>/
/>>/
/>>/ But I just can't get the Administrator account to work. The same error
/>>/ has now also started propagating to some of my test accounts as well
/>>/ as my own main account.
/>>/
/>>/ mots might've fixed this by installing 4.1.0, but I have yet to try
/>>/ that. I figured I'd want to solve this with the current stable release.
/>>/
/>>/ Anybody got any suggestions on how to tackle this?
/>>/
/>
Post by Rowland Penny
WOW, fame at last, I got quoted :-D
Where did you get samba4 from ?
Can you post your smb.conf
Rowland
Hello,

My mailinglist-Fu is clearly lacking, since I didn't get your message
sent to my inbox. Sorry about that.

I'm running the 4.2 that is currently linked on samba.org.

My smb.conf:

# Global parameters
[global]
workgroup = DOMAIN
realm = FANCYDOMAINNAME.ORG
netbios name = MEGATRON
server role = active directory domain controller
dns forwarder = <ISP DNS server>

[netlogon]
path = /mnt/Netshares/Logonscripts
read only = No

[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No

[nethome]
path = /mnt/Netusers/Nethome
read only = No
--
Kind regards,
Jesper Koivumäki
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/opti
Rowland Penny
2015-03-19 13:20:02 UTC
Permalink
Post by Jesper Koivumäki
Post by Rowland Penny
/ Hi,
/>>/
/>>/ I'm running a samba 4.2 server on RedHat5 and for some reason I can't
/>>/ seem to logon using the AD Users and Computers -tool.
/>>/
/>>/
/>>/ "The following Domain Controller could not be contacted: <name of
/>>/ pdc>. The RPC server is unavailable."
/>>/
/>>/ I've checked for any possible firewall issues, but even with all
/>>/ firewalls turned off in between them, I still get the same error message.
/>>/
/>>/ I've also noticed I cannot access the server with the Administrator
/>>/ account over the network. When using smbclient I get
/>>/ NT_STATUS_INVALID_SID and if I try to connect as Administrator with a
/>>/ Windows 7 workstation, I just get a time out ("Error code: 0x80004005
/>>/ Unspecified error).
/>>/
/>>/ samba-tool works without a hitch, as do a number of other tools like
/>>/ ldbedit and wbinfo.
/>>/
/>>/
/>>/ I've followed the instructions by Rowland Penny I found in the
/>>/
/>>/
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
/>>/
/>>/
/>>/ But I just can't get the Administrator account to work. The same error
/>>/ has now also started propagating to some of my test accounts as well
/>>/ as my own main account.
/>>/
/>>/ mots might've fixed this by installing 4.1.0, but I have yet to try
/>>/ that. I figured I'd want to solve this with the current stable release.
/>>/
/>>/ Anybody got any suggestions on how to tackle this?
/>>/
/>
Post by Rowland Penny
WOW, fame at last, I got quoted :-D
Where did you get samba4 from ?
Can you post your smb.conf
Rowland
Hello,
My mailinglist-Fu is clearly lacking, since I didn't get your message
sent to my inbox. Sorry about that.
I'm running the 4.2 that is currently linked on samba.org.
# Global parameters
[global]
workgroup = DOMAIN
realm = FANCYDOMAINNAME.ORG
netbios name = MEGATRON
server role = active directory domain controller
dns forwarder = <ISP DNS server>
[netlogon]
path = /mnt/Netshares/Logonscripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[nethome]
path = /mnt/Netusers/Nethome
read only = No
OK, what is the results from the following two commands:

samba-tool testparm --suppress-prompt -v | grep '[s]erver services'

samba-tool testparm --suppress-prompt -v | grep '[d]cerpc endpoint servers'

Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https
Jesper Koivumäki
2015-03-23 07:50:01 UTC
Permalink
Post by Rowland Penny
Post by Jesper Koivumäki
Post by Rowland Penny
/ Hi,
/>>/
/>>/ I'm running a samba 4.2 server on RedHat5 and for some reason I can't
/>>/ seem to logon using the AD Users and Computers -tool.
/>>/
/>>/
/>>/ "The following Domain Controller could not be contacted: <name of
/>>/ pdc>. The RPC server is unavailable."
/>>/
/>>/ I've checked for any possible firewall issues, but even with all
/>>/ firewalls turned off in between them, I still get the same error message.
/>>/
/>>/ I've also noticed I cannot access the server with the
Administrator
/>>/ account over the network. When using smbclient I get
/>>/ NT_STATUS_INVALID_SID and if I try to connect as Administrator with a
/>>/ Windows 7 workstation, I just get a time out ("Error code: 0x80004005
/>>/ Unspecified error).
/>>/
/>>/ samba-tool works without a hitch, as do a number of other tools like
/>>/ ldbedit and wbinfo.
/>>/
/>>/
/>>/ I've followed the instructions by Rowland Penny I found in the
/>>/
/>>/
http://samba.2283325.n4.nabble.com/Administrators-SID-is-invalid-td4674430.html
/>>/
/>>/
/>>/ But I just can't get the Administrator account to work. The same error
/>>/ has now also started propagating to some of my test accounts as well
/>>/ as my own main account.
/>>/
/>>/ mots might've fixed this by installing 4.1.0, but I have yet to try
/>>/ that. I figured I'd want to solve this with the current stable release.
/>>/
/>>/ Anybody got any suggestions on how to tackle this?
/>>/
/>
Post by Rowland Penny
WOW, fame at last, I got quoted :-D
Where did you get samba4 from ?
Can you post your smb.conf
Rowland
Hello,
My mailinglist-Fu is clearly lacking, since I didn't get your message
sent to my inbox. Sorry about that.
I'm running the 4.2 that is currently linked on samba.org.
# Global parameters
[global]
workgroup = DOMAIN
realm = FANCYDOMAINNAME.ORG
netbios name = MEGATRON
server role = active directory domain controller
dns forwarder = <ISP DNS server>
[netlogon]
path = /mnt/Netshares/Logonscripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[nethome]
path = /mnt/Netusers/Nethome
read only = No
samba-tool testparm --suppress-prompt -v | grep '[s]erver services'
samba-tool testparm --suppress-prompt -v | grep '[d]cerpc endpoint servers'
Rowland
$ sudo samba-tool testparm --suppress-prompt -v | grep '[s]erver services'
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate, dns

$ sudo samba-tool testparm --suppress-prompt -v | grep '[d]cerpc
endpoint servers'
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
eventlog6, backupkey, dnsserver

I don't see anything out of the ordinary here, but then again I'd have
no clue if something would be missing.

Kind regards,
Jesper Koivumäki
--
To unsubscribe from this list go to the following URL and read the
instructions: h
Loading...