Re: [Samba] NT_STATUS_INTERNAL_ERROR from RPC server on samba 4.5.8 AD DC
- Date: Mon, 16 Oct 2017 19:06:20 +0100
- From: Richard Connon via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] NT_STATUS_INTERNAL_ERROR from RPC server on samba 4.5.8 AD DC
I provided the dump of all the conf files to Rowland by email but in
case anyone else is curious they are also here:
I tried providing -S to the join command which didn't change the
behaviour. It doesn't seem to have trouble finding the DC, only when
connecting to the RPC server.
On 16/10/2017 18:13, L.P.H. van Belle via samba wrote:
yes, this should work fine but this is something in your setup.
can you try this
ads join -k -s fqdn-dc1.dom.tld
if kinit fails, then Rowland wil find your error..
ive seen this few times.. -S solves it most of the times.
Op 16 okt. 2017 om 18:27 heeft Rowland Penny via samba <samba@xxxxxxxxxxxxxxx> het volgende geschreven:
On Mon, 16 Oct 2017 17:01:29 +0100
Richard Connon via samba <samba@xxxxxxxxxxxxxxx> wrote:
To try and narrow down this issue I tried to setup a test environment
using two fresh install Debian 9.2 VMs, now running samba 4.5.12
since it was updated in Debian.
I provisioned a new domain using `samba-tool domain provision` on the
first VM, let it generate the smb.conf itself, and configured it
using the BIND9_DLZ DNS backend.
I tried to join the domain using a second Debian 9.2 VM using `net
ads join -UAdministrator` after setting the DNS resolver to be the
test DC and synchronising with NTP on the DC. This failed with the
"Failed to join domain: failed to lookup DC info for domain
'ADS.TEST.LOCAL' over rpc: An internal error occurred."
Finally, I tried to connect to RPC on the DC using `rpcclient` which
failed, as before, with NT_STATUS_INTERNAL_ERROR.
Is there some inherent problem with the Debian packages and the RPC
server component of the DC? Alternatively, is there somewhere else I
should be looking for the root cause of this?
This isn't a known problem with the debian packages, it should work.
Can you post the provision command you used on the DC.
I know you posted the smb.conf from a DC before, but can you post it
Can you post the following files:
From both the DC and the domain member
The named.conf files from the DC
and finally the smb.conf from the domain member.
To unsubscribe from this list go to the following URL and read the