[Samba] samba PDC problems

John H Terpstra jht at samba.org
Thu Dec 12 06:50:00 GMT 2002 

On Wed, 11 Dec 2002, ___cliff rayman___ wrote:

> John H Terpstra wrote:
>
>  On Thu, 12 Dec 2002, Bradley W. Langhorst wrote:
>
> You might try to set a more DNS friendly domain name. ie: One without the
> '.' in it. Could be a problem.
>
> ok - i tried GENWAXTEST.  didn't help.  i also removed the netbios name and tried both
> at the same time. no luck.

Are you using LDAP? If so, then you need to put all user and
machine accounts into the LDAP database.

>
> the servers fully qualified name is MARS.GENWAX.TEST.
> test is like com or org or net.  i use my own root names all the
> time for testing.

Providing you are not using LDAP for Samba, use in smb.conf:

	workgroup = genwax
	netbios name = mars

Also, first stop samba, the remove your secrets.tdb file. Also, remove the
browse.dat (and if you have one, wins.dat), then restart samba, wait at
least 5 minutes before you try to get your MS Windows client to join the
domain.

Also, I strongly recommend that you run Samba as your WINS server and set
in the MS Windows Client TCP/IP config, the IP address of your samba
server for the WINS primary _and_ secondary addresses.

To enable WINS serving in samba in smb.conf [globals]:
	wins support = yes

Also, restart the MS Windows machine, and when you log on as the local
administrator, do NOT try to browse the network before you join the
domain.

Additionally, I presume you already have a root account in your smbpasswd
file. You will need to use the 'Administrator' account to join the domain,
and give it the password you entered when you added 'root' to smbpasswd.

Let's see how that goes.

- John T.

>
> here are some excerps from the ms help files:
> ---- snip -----
>          Error:  This computer could not locate a domain controller for the
>          Active Directory domain displayed in the error message because the
>          Domain Name System (DNS) servers used by this computer for name
>          resolution failed to look up the service (SRV) resource record.
>          Cause:  The DNS SRV resource record is not registered in DNS.
> ---- snip -----
>
> then:
>          Active Directory uses Domain Name System (DNS) to locate domain
>          controllers, enabling computers joining the network to obtain a
>          domain controller, and then begin the process of network
>          authentication.
>          Computers joining an Active Directory domain must satisfy the
>          following three DNS requirements:
>            The computer must be configured with the IP address of a preferred DNS server.
> (OK - and DNS works fine)
>
>            The _ldap._tcp.dc._msdcs.DNSDomainName service (SRV) resource record must exist
> in DNS. (NOPE-don't have this)
> ---- snip ----
> then:
>             set type=srv
>             _ldap._tcp.dc._msdcs.example.microsoft.com
>            Server:  dc1.example.microsoft.com
>            Address:  10.0.0.14
>
>            _ldap._tcp.dc._msdcs.example.microsoft.com   SRV service location
>                      priority       = 0
>                      weight         = 0
>
>                      port           = 389
>                      svr hostname   = dc1.example.microsoft.com
>            _ldap._tcp.dc._msdcs.example.microsoft.com   SRV service location
>                      priority       = 0
>
>                      weight         = 0
>                      port           = 389
>                      svr hostname   = dc2.example.microsoft.com
> ---- snip ----
>
> port 389 in my /etc/services file is ldap.  i am not sure what is causing it to want
> to do ldap on my computer and not on anyone else's.
>
> the server is mars.genwax.test.  the win XP pro SP1 client that i am trying to join to
> the domain is hpvec2.genwax.test.  when i try to join it to the domain by either
> using the wizard or the change button, this is the only interaction with the server
> that i see via tcpdump:
>
>  22:38:00.439236 hpvec2.genwax.test.1064 > mars.genwax.test.domain:  16+ SRV ? _ldap._tcp.dc._msdcs.GENWAX.TEST. (50)
> 22:38:00.439664 mars.genwax.test.domain > hpvec2.genwax.test.1064:  16 NXDomain*- 0/1/0 (101) (DF)
>
> i need to get this solved, so let me know if there is anything
> else i can provide that will help.
>
> cliff
>
>  - John T.
>
>
>
>  On Wed, 2002-12-11 at 23:03, ___cliff rayman___ wrote:
>
>
>  ok - did that.  joined workgroup WORKGROUP.
> rebooted (what else).
> then attempted to change to domain GENWAX.TEST.
> i received the same error message as previously.
>
>
>
>  bummer - i thought that would be it.
> i assume you get the welcome to WORKGROUP and
> welcome to GENWAX.TEST message boxes after you change the machine props?
>
>
>
>  # server name and group stuff
> 	workgroup = genwax.test
> 	netbios name = filesnew
>
>
>  i've never tried this - did you try logging in without the netbios name
> param?
>
> Are your sure your clients are looking at the dns server you mentioned?
> you might try putting the ip address into the hosts file on the pro
> machine..
>
> brad
>
>
>
>
>
>  --
> ___cliff rayman___cliff at genwax.com___http://www.genwax.com/
>
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list