Re: [Samba] NT_STATUS_CONNECTION_REFUSED Joining Domain - Desperately need help
- Date: Fri, 9 Mar 2018 08:14:35 -0500
- From: lingpanda101 via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] NT_STATUS_CONNECTION_REFUSED Joining Domain - Desperately need help
On 3/9/2018 4:06 AM, Rowland Penny via samba wrote:
Not much more I can say outside of what Rowland has suggested. I did
find this interesting with regards to your DNS problems.
On Thu, 8 Mar 2018 15:58:43 -0600 (CST)
Brent Davidson via samba <samba@xxxxxxxxxxxxxxx> wrote:
I am desperately in need of help. I have a Centos 7.2 server running
Samba 4.6.13 as an active directory domain controller. I am trying to
join a new Centos 7.4 server running Samba 4.6.13 to the domain. The
domain command will not connect to the other server.
How this problem started:
I originally had two domain controllers, both of which were running
Samba 4.5. I was troubleshooting a time sync issue between Windows 10
workstations and the server that appeared to come from a bug in the
older Samba 4.5 version. I update the secondary domain controller to
Samba 4.6.13 and that appeared to go fine, so I switched over to the
primary domain controller and tried to upgrade it to 4.6.13.
Something went wrong, and users were no longer able to access the
domain. I switched to the backup domain controller and promoted it to
primary and all was well again, so I took the original primary
off-line and tried to solve the issue. After taking the old primary
off-line, DNS stopped resolving for the network. Things get a bit
murky at this part because my phone was runing off the hook, but I
managed to wipe out the /var/lib/samba/private folder from one of the
servers. Since my backups were of the old 4.5 database versions and I
was unable to roll back the Samba version, I had to copy
the /var/lib/samba/private folder from one server to the other, then
remove the server entries for the non-working server.
I don't know what your original problem was, but you made it a
magnitude times worse when you copied /var/lib/samba/private from one
DC to another. Whilst DCs replicate between one another, not everything
is replicated and some things are specific to each DC.
Do you have a backup of the original 4.5 DC that held all the FSMO
roles (note, you didn't have a primary domain controller or a secondary
domain controller or a backup domain controller, you just had DCs. All
DCs are equal except for the FSMO roles). If you do have this backup, I
would suggest you turn off all your DCS and reinstall the DC from the
backup and start again.
getlmhostsent: lmhost entry: 127.0.0.1 localhost
getlmhostsent: lmhost entry: 10.10.11.4 old-dc.redacteddomain.redacted.com
I wouldn't normally expect to see lmhost entries unless explicitly
created. I would allow DNS to find your domain.
To unsubscribe from this list go to the following URL and read the