Web lists-archives.com

Re: [Samba] ADUC: RPC Server is unavailable




On Tue, 4 Sep 2018 11:46:07 -0300
Marcio Vogel Merlone dos Santos via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hi,
> 
> Setting up a new AD DC on Ubuntu 18.04, samba 4.7 from ubuntu's repos 
> and BIND_DLZ. Did a samba-tool domain classicupgrade from an old
> NT3.x domain, imported users and groups ok.
> 
> I am able to join windows workstations, can login with a domain user,
> etc.
> 
> Problem is my user A1\mmerlone, member of 'domain admins' group,
> cannot open ADUC with the error RPC server is unavailable. If I login
> with A1\Administrator it works fine.

Have you given 'Domain Admins' the required privileges ?
See here:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

> 
> root@araucaria:/etc/samba# cat smb.conf
> [global]
>      netbios name = ARAUCARIA
>      realm = AD.A1.IND.BR
>      server role = active directory domain controller
>      workgroup = A1
>      server services = -dns
>      dns forwarder = 192.168.0.254

As you are using Bind9, you shouldn't have the dns forwarder line

> 
>      log file = /var/log/samba/%m.log
>      log level = 1 auth_audit:3 auth_json_audit:3
>      include = /etc/samba/smb.conf.client-%I

What is in the 'include' file ?

>      username map = /etc/samba/user.map

A DC already has a user.map , it is called idmap.ldb

> 
>      idmap_ldb:use rfc2307 = yes
>      idmap config * : backend = tdb
> 
> [netlogon]
>      path = /var/lib/samba/sysvol/ad.a1.ind.br/scripts
>      read only = No
> 
> [sysvol]
>      path = /var/lib/samba/sysvol
>      read only = No
> 
> root@araucaria:/etc/samba#  cat /etc/hosts
> 127.0.0.1       localhost.localdomain   localhost

I would replace the above line with '127.0.0.1 localhost'

> 192.168.0.253 araucaria.ad.a1.ind.br araucaria
> 

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba