Problems joining a Windows 8 system to a Samba 4 domain
Mark Pilant
lpilant at us.ibm.com
Mon Jan 7 13:22:50 MST 2013
After finally getting Samba 4 configured on a RHEL 6.3 system I figured the
next thing to try was to join a Windows system (Windows 8 in this case) to
the domain. Well, that was the plan...
After having to open the firewall to allow the DNS queries to succeed, I
finally got to the point where the Windows system could try and find the
domain controller. Unfortunately, everything I've tried to far hasn't
worked to allow the domain join to succeed.
The current problem is while the _ldap._tcp.dc._msdcs... SRV record is
correctly resolved to the proper name, the (Windows) error dialog box says
"no domain controllers could be contacted." Now, if I open a command
window, I can use nslookup and ping to resolve the name identified in the
error dialog and successfully ping using the same name.
I did check /var/log/messages, /usr/local/samba/var/log/samba,
and /usr/local/samba/var/log/smbd for errors relating to this problem and
there is nothing to be found. However, there were some strange things I
observed.
First, using dig and the computer name I get all the correct (answer)
information from Samba's internal DNS server. However, if I try to do a
reverse lookup (using the IP address) dig does not return any answer. So
this leads me to wonder if Samba's internal DNS server has a reverse lookup
zone defined?
Second, just after I boot up the Windows 8 system (static IP, with the DNS
server identified as the Samba 4 system) and use nslookup to resolve the
samba system name, I have success. However, if I attempt to ping using the
same system name I gave to nslookup, the ping fails saying no A or AAAA
records were available. Very strange as nslookup found and returned the A
record information. What makes this even strange is after a "while" (maybe
10 minutes or so) the ping is able to resolve the name (and do the ping).
I don't know if this is because of something I have done has caused the
name to be entered into the local DNS cache or if it just take a "while"
for the Samba machine to respond "correctly". However, I do note if I
flush the local DNS cache (on the Windows 8 system) I start seeing the ping
failures.
So, bottom line, it appears the domain join is failing because the computer
name is not responding for some reason; and so far I haven't been able to
determine why.
Thanks in advance.
- Mark
More information about the samba-technical
mailing list