Was marked as SOLVED on April 20, 2017 but was observed to have recurred sometime before June 28, 2017. Upgrade to 5.0.6 apparently was not a permanent fix. All symptoms are the same as originally reported.
Running Zentyal 5.0
I used the web interface a couple years ago (before upgrading to 5.0 a few months back) to configure a Zentyal server as both a backup domain controller and a file server. This was working fine. I recently discovered that it is no longer operating as a BDC and I don't know how long this has been the case, so I can't trace it to any particular event. It may or may not have been coincident with the 5.0 upgrade, but I would think I would have noticed it then if it was. Anyway, there are three observed problems:
- When I try to access the 'Users and Computers' page in the BDC web interface it reports "FATAL: Could not connect to samba LDAP server: connect: Connection refused".
- I am unable to connect to the BDC through the Windows ADExplorer tool - it reports "The server is not operational".
If my Windows client PC is using the BDC as the logon server, I can logon but am unable to query users and groups for ACLs. From a Windows client, I am unable to query users and groups for ACLs on any of the BDC shares.
None of this is observed when using the PDC. Note that Samba is running in some capacity. The file server function is still fully operational as far as I can tell.
"service smbd status" returns:
● smbd.service - Samba SMB Daemon
Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2017-04-19 11:12:46 PDT; 42min ago
Docs: man:smbd(8)
man:samba(7)
man:smb.conf(5)
Main PID: 20688 (smbd)
Status: "smbd: ready to serve connections..."
CGroup: /system.slice/smbd.service
├─20688 /usr/sbin/smbd
├─20689 /usr/sbin/smbd
├─20690 /usr/sbin/smbd
├─20692 /usr/sbin/smbd
├─20695 /usr/sbin/smbd
├─20696 /usr/sbin/smbd
├─20729 /usr/sbin/smbd
├─20830 /usr/sbin/smbd
├─21189 /usr/sbin/smbd
├─21671 /usr/sbin/smbd
├─21675 /usr/sbin/smbd
└─21677 /usr/sbin/smbd
and "samba-tool processes" returns:
Service: PID
-----------------------------
dnsupdate 4790
cldap_server 4783
rpc_server 4778
rpc_server 4778
nbt_server 4780
winbind_server 3810
winbind_server 10520
kdc_server 4784
notify-daemon 20689
ldap_server 4782
ldap_server 4782
ldap_server 4782
ldap_server 4782
kccsrv 4789
samba 4789
dreplsrv 4785
I've also grepped the various samba log files for "ldap" and nothing turns up.
I'm at a bit of a loss now as to where to go looking to figure out why the samba LDAP \ DC function isn't working properly. Please advise on suggested next steps for locating the source of the problem. Thanks.