Hello good people of LinuxQuestions,
I'm running Debian 8.3 Jessie 64-bit
Samba version: 4.2.10-Debian
I'm trying to set up a samba 4 AD controller
When I try:
Code:
smbclient -L localhost -U%
Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)
I set up the domain controller using BIND9_DLZ for DNS.
syslog shows the problem:
Code:
Sep 23 13:23:46 virtdev named[842]: ----------------------------------------------------
Sep 23 13:23:46 virtdev named[842]: BIND 9 is maintained by Internet Systems Consortium,
Sep 23 13:23:46 virtdev named[842]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Sep 23 13:23:46 virtdev named[842]: corporation. Support and training for BIND 9 are
Sep 23 13:23:46 virtdev named[842]: available at https://www.isc.org/support
Sep 23 13:23:46 virtdev named[842]: ----------------------------------------------------
Sep 23 13:23:46 virtdev named[842]: adjusted limit on open files from 4096 to 1048576
Sep 23 13:23:46 virtdev named[842]: found 1 CPU, using 1 worker thread
Sep 23 13:23:46 virtdev named[842]: using 1 UDP listener per interface
Sep 23 13:23:46 virtdev named[842]: using up to 4096 sockets
Sep 23 13:23:46 virtdev named[842]: loading configuration from '/etc/bind/named.conf'
Sep 23 13:23:46 virtdev named[842]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Sep 23 13:23:46 virtdev named[842]: using default UDP/IPv4 port range: [1024, 65535]
Sep 23 13:23:46 virtdev named[842]: using default UDP/IPv6 port range: [1024, 65535]
Sep 23 13:23:46 virtdev named[842]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 23 13:23:46 virtdev named[842]: listening on IPv4 interface eth0, 192.168.10.100#53
Sep 23 13:23:46 virtdev named[842]: generating session key for dynamic DNS
Sep 23 13:23:46 virtdev named[842]: sizing zone task pool based on 5 zones
Sep 23 13:23:46 virtdev named[842]: Loading 'AD DNS Zone' using driver dlopen
Sep 23 13:23:46 virtdev named[842]: samba_dlz: Failed to connect to /var/lib/samba/private/dns/sam.ldb
Sep 23 13:23:46 virtdev named[842]: dlz_dlopen of 'AD DNS Zone' failed
Sep 23 13:23:46 virtdev named[842]: SDLZ driver failed to load.
Sep 23 13:23:46 virtdev named[842]: DLZ driver failed to load.
Sep 23 13:23:46 virtdev named[842]: loading configuration: failure
Sep 23 13:23:46 virtdev named[842]: exiting (due to fatal error)
Sep 23 13:23:46 virtdev systemd[1]: bind9.service: main process exited, code=exited, status=1/FAILURE
Sep 23 13:23:46 virtdev rndc[861]: rndc: connect failed: 127.0.0.1#953: connection refused
Sep 23 13:23:46 virtdev systemd[1]: bind9.service: control process exited, code=exited status=1
Sep 23 13:23:46 virtdev systemd[1]: Unit bind9.service entered failed state.
My named.conf:
Code:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/var/lib/samba/private/named.conf";
named.conf.options:
Code:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
192.168.10.1;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
auth-nxdomain yes;
empty-zones-enable no;
// Adding this Samba generated file will allow for automatic DDNS updates
tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
};
I forgot something and fixed it: /var/lib/samba/named.conf was owned by root, I changed the owner to bind after that I installed the winbind package and now thins are running fine :-)
So this should be marked as SOLVED but I don't know how to do that