Samba AD DC Troubleshooting
Making sure samba is running
You can use the following command to check to see if Samba 3.X is running currently
ps ax | grep "mbd\|winbindd" | grep -v grep
If its running you will see something like:
16491 ? S 0:48 /usr/local/samba/sbin/smbd -D 16494 ? S 0:48 /usr/local/samba/sbin/nmbd -D 16509 ? S 0:02 /usr/local/samba/sbin/winbindd -D
You can check Samba 4.X by:
ps ax | grep "samba" | grep -v grep
If its running you should see something like:
8258 ? S 0:47 samba 8261 ? S 0:00 /usr/local/samba/sbin/smbd --option=server role check:inhibit=yes --foreground
You will only see lines like the last one if you are using s3fs (which is default).
Installing Python 2.6.5 for Samba
If you are having issues with your distribution version of python, you can install python 2.6.5 from this install script, included with the tarball or git files.
sh install_with_python.sh /usr/local/samba --enable-debug --enable-selftest
You will also need to add export PATH=/usr/local/samba/python/bin:/usr/local/samba/bin:/usr/local/samba/sbin:$PATH to the end of your ~/.bashrc file before things will work properly.
Making pastebin easy
First thing, if you are asking for samba help, you may be asked for logs, configs, exact error messages, or a variety of other things. I use a program called pastebinit which can be installed on Ubuntu using apt-get install pastebinit.
I have setup a config in my users home directory called .pastebinit.xml and it contains the following:
<pastebinit> <pastebin>http://paste.ubuntu.com</pastebin> <author>IRC_Nick</author> <format>text</format> </pastebinit>
change IRC_Nick to your IRC nickname. You can find out more at http://www.stgraber.org/category/pastebinit/ including other sites pastebinit works with.
After this is setup, if someone asks you for a config file, you can simply type pastebinit some.cfg and it will return a link the other use can use to see your pastebin. If you are trying to capture an error you may use something like samba-tool domain provision 2>&1 | pastebinit
Checking the logs
If you installed samba from source and didn't specify a prefix during configure, your logs should be located in /usr/local/samba/var/, unless you have specified a log file = directive in your smb.conf. This can be checked by using either testparm -v (for the samba 3.X series) or samba-tool testparm -v (for the samba 4.X series), this will provide a lot of output so you can also add a | grep "log file"
Sometimes the log file will not have the info you need, so you will need to turn up the amount of logging that needs done but adding the following line to your smb.conf in the [global] section:
log level = 3
by default samba only logs at level 0, so start low and turn it up slowly, you will want to restart samba after making this change.
- Note: If you add grep to the command it will silently prompt you to press enter.
Checking your system for ports samba needs
If samba appears to be running, but something isn't working quite right, you should double check that another program isn't using a port it needs. The first thing to do is look through the logs for lines like
Failed to bind to 0.0.0.0:53 TCP - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
If you find one use the following method to check what is using the port. In the following example I will be checking to see if something is using the DNS port (53), but this could easily be adapted to LDAP (ports 389 and 636), a KDC Server (port 464) or any other port that may be in use:
netstat -anp | grep "LISTEN " | grep 53
you should receive output like the following:
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 27805/samba
if anything else is running on that port it may look like:
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1075/named
in which case you will need to either specifically bind samba to a certain interface, or simply kill the program that is running (in this example the pid is 1075 for named) by using kill 1075, to bind samba to a certain interface add the following to the [global] section of your smb.conf
bind interfaces only = yes interfaces = 192.168.1.1
you can have more interfaces by using something like interfaces = eth0 192.168.2.10/24 192.168.3.10/255.255.255.0