[Samba] Failed to connect host on port 135 - NT_STATUS_CONNECTION_REFUSED
Jesper Koivumäki
I've been trying to install Samba4 for a while now, following the
instructions over at:
http://linuxdrops.com/install-samba-4-on-centos-rhel-fedora-debian-ubuntu/
However, when I get to the stage where I should be able to join the
domain with a Windows machine (7, not XP) I run into networking issues.
For one, my network is behind a NAT so I can't just use a public DNS for
this. Since Samba4 has its internal DNS server, that shouldn't be a
problem, right?
I tried to figure out what zonelists there are, so that I could add the
domain there. This is what I get.
$ sudo samba-tool dns zonelist 10.0.1.5
Failed to connect host 10.0.1.5 on port 135 - NT_STATUS_CONNECTION_REFUSED
Failed to connect host 10.0.1.5 (10.0.1.5) on port 135 -
NT_STATUS_CONNECTION_REFUSED.
I'm guessing there should be a process listening to port 135, but
$ sudo netstat -tulpan | grep "LISTEN" | grep "135" | wc -l
0
I've been trying to scour the web for this, but the results touch on a
number of different problems, none of this apply to my situation.
Any clues as to what I should try out next or what part of Samba4 is broken?
--
Kind regards,
Jesper Koivumäki
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marcel de Reuver
fi>:
> Hello,
>
> I've been trying to install Samba4 for a while now, following the
> instructions over at:
>
> http://linuxdrops.com/install-samba-4-on-centos-rhel-fedora-
> debian-ubuntu/
>
>
I hope you did install a more recent version of Samba4 then the one mention
in your howto.....
> However, when I get to the stage where I should be able to join the domain
> with a Windows machine (7, not XP) I run into networking issues. For one,
> my network is behind a NAT so I can't just use a public DNS for this. Since
> Samba4 has its internal DNS server, that shouldn't be a problem, right?
>
>
The Samba4 DNS server needs no further configuration, only needs a "dns
fowarder" in smb.conf, in your case it will be your NAT device.
Next your Windows clients should use the Samba4 box for DNS, if not Windows
clients cannot join your AD.
> I tried to figure out what zonelists there are, so that I could add the
> domain there. This is what I get.
>
>
With the Windows DNS tools from the RSAT package on a Windows workstation,
you can query your Samba4 internal DNS server. See
here<https://wiki.samba.org/index.php/Installing_RSAT_on_Windows_for_AD_Management>for
the details on
RSAT
Best regards,
Marcel de Reuver
Marcel de Reuver
>:
>
> 2014-05-06 16:16, Marcel de Reuver wrote:
>
> 2014-05-02 16:29 GMT+02:00 Jesper Koivumäki <jesper.koivumaki@
>> kulturfonden.fi <mailto:jesper.k...@kulturfonden.fi>>:
>>
>>
>> Hello,
>>
>> I've been trying to install Samba4 for a while now, following the
>> instructions over at:
>>
>> http://linuxdrops.com/install-samba-4-on-centos-rhel-fedora-
>> debian-ubuntu/
>>
>>
>> I hope you did install a more recent version of Samba4 then the one
>> mention in your howto.....
>>
> I did, I'm trying to get 4.1.7 to work. I realize now I should've given
> more information about my system, I was just too focused on the actual
> problem. I'm sorry about that.
>
> It's a Samba 4.1.7 install on a RHEL6 -system.
>
>
> However, when I get to the stage where I should be able to join
>> the domain with a Windows machine (7, not XP) I run into
>> networking issues. For one, my network is behind a NAT so I can't
>> just use a public DNS for this. Since Samba4 has its internal DNS
>> server, that shouldn't be a problem, right?
>>
>>
>> The Samba4 DNS server needs no further configuration, only needs a "dns
>> fowarder" in smb.conf, in your case it will be your NAT device.
>> Next your Windows clients should use the Samba4 box for DNS, if not
>> Windows clients cannot join your AD.
>>
>
> I thought the "dns forwarder" should be the DNS server for the network? In
> our case, the NAT device does not supply DNS. I did enter our DNS server
> into the "dns forwarder" -field, but that did nothing. We have an external
> DNS that's located outside our NAT, since at the moment we don't use DNS
> internally except for this DC.
>
> I did set the DC as the DNS for the windows clients, but it seems the
> samba server isn't giving out any DNS information. All the DNS requests for
> the clients just time out.
>
The Samba4 box must be the DNS server for the Windows clients that join the
AD. The dns forwarder for your Samba box can be your external DNS server.
Check this Wiki<https://wiki.samba.org/index.php/Samba4/HOWTO#Configure_DNS> on
why DNS is important for Samba 4 to work and for solving problems with the
DNS server of Samba4
> I tried to figure out what zonelists there are, so that I could
>> add the domain there. This is what I get.
>>
>>
>> With the Windows DNS tools from the RSAT package on a Windows
>> workstation, you can query your Samba4 internal DNS server. See here <
>> https://wiki.samba.org/index.php/Installing_RSAT_on_
>> Windows_for_AD_Management> for the details on RSAT
>>
> I'm assuming that for this to work, the Windows workstation should first
> be able to join the domain? As far as I've gathered, I need to use RSAT
> with a user that has administrative rights on the DC, which in turn
> requires the workstation to able to join the DC. Or am I mistaken?
>
Yes, the workstation must join the AD.
> Thank you for the link, those instructions were the best I've seen on the
> subject. It seems my google-fu isn't as strong as I thought it was.
>
It is part of the "official" documentation of Samba4...
Jesper Koivumäki
2014-05-06 16:16, Marcel de Reuver wrote:
> 2014-05-02 16:29 GMT+02:00 Jesper Koivumäki
> <jesper.k...@kulturfonden.fi
> I tried to figure out what zonelists there are, so that I could
> add the domain there. This is what I get.
>
>
> With the Windows DNS tools from the RSAT package on a Windows
> workstation, you can query your Samba4 internal DNS server. See here
> <https://wiki.samba.org/index.php/Installing_RSAT_on_Windows_for_AD_Management>
> for the details on RSAT
I'm assuming that for this to work, the Windows workstation should first
be able to join the domain? As far as I've gathered, I need to use RSAT
with a user that has administrative rights on the DC, which in turn
requires the workstation to able to join the DC. Or am I mistaken?
Thank you for the link, those instructions were the best I've seen on
the subject. It seems my google-fu isn't as strong as I thought it was.
Kind regards,
Jesper Koivumäki
Jesper Koivumäki
2014-05-07 12:53, Marcel de Reuver skrev:
> The Samba4 box must be the DNS server for the Windows clients that
> join the AD. The dns forwarder for your Samba box can be your external
> DNS server.
>
> Check this Wiki
> <https://wiki.samba.org/index.php/Samba4/HOWTO#Configure_DNS> on why
> DNS is important for Samba 4 to work and for solving problems with the
> DNS server of Samba4
>
I couldn't get the internal DNS server to work, so I resorted to
installing bind9, which is now up and running. Workstations and server
alike can now resolve the domain.
However, the actual problem still persists.
[code]
$ sudo samba-tool dns zonelist 10.0.1.5
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'sasl-DIGEST-MD5' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:10.0.1.5[,sign]
Failed to connect host 10.0.1.5 on port 135 - NT_STATUS_CONNECTION_REFUSED
Failed to connect host 10.0.1.5 (10.0.1.5) on port 135 -
NT_STATUS_CONNECTION_REFUSED.
ERROR(runtime): uncaught exception - (-1073741258, 'The connection was
refused')
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/dns.py",
line 806, in run
dns_conn = dns_connect(server, self.lp, self.creds)
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/dns.py",
line 37, in dns_connect
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
[/code]
Same errors appear if I try to do smbclient4 -L localhost or anything
similar. I just can't seem to get this thing to work.
--
Marcel de Reuver
fi>:
The Samba4 internal DNS server should run out of the box, why switch to the
more involved configuration of Bind?
I don't have any in dept knowledge of RHEL6, but maybe AppArmor or
SELinuxneed some attention, see
here<https://wiki.samba.org/index.php/DNS_Backend_BIND#Interaction_with_AppArmor_or_SELinux>
for
some pointers.
Best regards,
Marcel de Reuver