[Samba] Need help joining an IPv6 Windows 2008 AD server
James B. Byrne
byrnejb at harte-lyne.ca
Mon Mar 3 13:22:41 MST 2014
On Fri, February 28, 2014 19:16, Sowmya Manjanatha wrote:
> I have been trying to successfully join a Windows 2008 AD server using
> net ads join createcomputer="<OUname>" -U <usename>%password for days and
> have been unsuccessful. smb.conf and krb5.conf files are below.
>
> It fails with a message "Cannot contact any KDC for requested realm". I have
> checked all the service records via
>
>
> dig +short _ldap._tcp.mydomain.com which returns
> serv1.mydomain.com
>
> serv1 is the ipv6 server and the client I am communicating from only has ipv6
> addresses (shown below) configured. I have also tried to query other records
> e.g. _kerberos, _kpasswd, _gc etc and everything checks out.
>
> I also verified that I can join the domain from an ipv4 client with the same
> credentials, same realm etc.
>
> I also have no problems when I do a kinit username at MYDOMAIN.COM. It asks for
> a password and it is accepted.
>
>
> So, I am wondering if any one has successfully joined an ipv6 AD server using
> "net ads". Any help is appreciated.
>
> Thanks,
> Sowmya.
>
According to this, Windows 2000 has only limited support for IPv6.
--->
http://www.windowsnetworking.com/articles-tutorials/network-protocols/IPv6-Support-Microsoft-Windows.html
Windows 2000
In March of 2000 (the year the stock market imploded and the dot.com boom
started going bust) Microsoft released something called IPv6 Technology
Preview for Windows 2000. The goal of this release was to provide developers
something to work with to help them write IPv6-aware applications. This
technology preview is still available from the Microsoft Download Center, but
it's not intended for production networks and should be deployed only in a
test environment. So if you're still running Windows 2000 Professional, you
can install this preview to get some limited IPv6 support, which includes
stateless address autoconfiguration (automatic assignment of link-local
addresses to each network interface upon startup) and automatic assignment of
site-local or global addresses when IPv6 router advertisements as received
(requires an IPv6-enabled router). You could try running this on your
production network, but you do so at your own risk since Microsoft doesn't
officially support this version of the IPv6 stack. So again, the best solution
if you want good IPv6 support is to either upgrade to Windows XP now or wait
for Vista.
<---
I have apparently successfully added a sernet-samba-4.4.4-7 as a AD DC to an
existing Win2000 Advanced Server AD DC. However, that setup runs entirely on
IPv4.
I write 'apparently' because going through the setup per the wiki how to join
a domain as a DC I encountered a couple of errors for which I can obtain no
explanation. I do not know if these are critical or not so the entire project
(of moving off the existing Win2000 AD DC) is in abeyance until I find out
more. But, the Samba DC is joined and it does seem to respond as expected.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the samba
mailing list