[Samba] Logins differ for ip/DNS on ad dc
Maximilian Kirchner
max.kirchner at gmail.com
Sun Nov 6 15:20:32 UTC 2016
Thanks a lot for your help so far. The main reason I do not use vms is that
the server is pretty limited in RAM so this would only be my last resort.
To prevent confusion: srv.wie (192.168.1.50) is the same machine as smb.wie
(192.168.1.55), I seperated them just now to debug the problem.
> These look like they are being run on the DC, what about from the
> windows clients ?
>
I did those via a linux client on the same network, here the results from
windows (:
C:\Users\kirchner.SMB>nslookup smb.wie
Server: srv.wie
Address: 192.168.1.50
Name: smb.wie
Address: 192.168.1.55
C:\Users\kirchner.SMB>nslookup _ldap._tcp.smb.wie
Server: srv.wie
Address: 192.168.1.50
Name: _ldap._tcp.smb.wie
C:\Users\kirchner.SMB>nslookup _kerberos._tcp.smb.wie
Server: srv.wie
Address: 192.168.1.50
Name: _kerberos._tcp.smb.wie
Can you post your bind9 conf files, there may be something relevant
> there.
>
named.conf:
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/usr/local/samba/private/named.conf";
named.conf.options:
options {
directory "/var/cache/bind";
forwarders {
8.8.8.8;
8.8.4.4;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See
https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
};
named.conf.local:
zone "wie." {
type master;
file "/etc/bind/zones/db.wie";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.1.168.192";
};
named.conf.default-zones:
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zones/db.wie:
$TTL 604800
@ IN SOA srv.wie. ns.wie. (
3 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
3H ) ; NX (TTL Negativ Cache)
; Nameservers
IN NS srv.wie.
; name servers - A records
srv.wie. IN A 192.168.1.50
; Hostname records
router.wie. IN A 192.168.1.1
drucker.wie. IN A 192.168.1.25
drucker2.wie. IN A 192.168.1.26
wiesrv.wie. IN A 192.168.1.51
smb.wie. IN A 192.168.1.55
zones/db.1.168.192:
$TTL 2D
@ IN SOA srv.wie. ns.wie. (
3 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
2D ) ; TTL Negative Cache
; name servers - NS records
IN NS srv.wie.
; PTR Records
1 IN PTR router.wie.
25 IN PTR drucker.wie.
26 IN PTR drucker2.wie.
50 IN PTR srv.wie.
55 IN PTR smb.wie.
51 IN PTR wiesrv.wie.
More information about the samba
mailing list