[Samba] Samba as an AD server problem
Roberto Greiner
roberto.greiner at fundunesp.org.br
Wed Feb 7 12:06:52 UTC 2024
Hi,
I'm having a problem with my samba install, more specifically to use it as one of my AD servers.
To setup the server, I used a fresh Debian 12, and followed https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory, using BIND9_DLZ as the DNS backend.
I did manage to make everything work and the tests indicated in the page itself work fine. But, to make sure everything was working, I made a quick serch and found that it would be interesting to test the setup from my windows server.
First (in a windows cli), 'Repadmin /replsummary' indicated everything as ok.
Then 'dcdiag /s:ad2' (where ad2 is the Debian/Samba server) also gave me an all Ok result.
Finally, I ran 'dcdiag /Test:DNS /e /v', and here the Samba server failed.
At the end of the command, it returned me the following(AD and WSUS are my current Windows AD's):
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: xxx.xxx.xxx.xxx
WSUS PASS WARN PASS FAIL PASS PASS n/a
ad2 PASS FAIL n/a n/a n/a n/a n/a
AD PASS WARN PASS FAIL PASS WARN n/a
......................... xxx.xxxxx.xxxx.xxx failed test DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: Intersite
In more detail, the server failed the DNS tests (dcdiag output):
Test omitted by user request: VerifyReplicas
Starting test: DNS
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
Starting test: DNS
See DNS test in enterprise tests section for results
......................... AD2 failed test DNS
See DNS test in enterprise tests section for results
......................... AD passed test DNS
See DNS test in enterprise tests section for results
......................... WSUS passed test DNS
Then at the authentication tests part, dcdiag accused a failure again:
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Error: No WMI connectivity
[Error details: 0x800706ba (Type: HRESULT - Facility: Win32, Description: The RPC server is unavailabl
e.) - Connection to WMI server failed]
No host records (A or AAAA) were found for this DC
The 'No host records' did puzzle me, as 'ad2' does appear when I open the windows DNS manager, and running DNS queries against ad2 does work fine. The two windows servers did complete this test. To make sure it wasn't a connectivity problem, I ran all tests on ad2 with iptables disabled.
Any idea of where I should look to make samba pass those tests, or if it even is necessary/important for it to pass?
Thank you,
Roberto
PS:
system details:
OS Debian 12
1 GB RAM
9 GB Disk
Xen-Citrix virtualization
samba version: 2:4.17.12+dfsg-0+deb12u1 (installed via packet manager)
More information about the samba
mailing list