[Samba] samba PDC problems

___cliff rayman___ cliff at genwax.com
Thu Dec 12 19:44:53 GMT 2002


John H Terpstra wrote:

>On Wed, 11 Dec 2002, ___cliff rayman___ wrote:
>
>  
>
>>John H Terpstra wrote:
>>
>> On Thu, 12 Dec 2002, Bradley W. Langhorst wrote:
>>
>>You might try to set a more DNS friendly domain name. ie: One without the
>>'.' in it. Could be a problem.
>>
>>ok - i tried GENWAXTEST.  didn't help.  i also removed the netbios name and tried both
>>at the same time. no luck.
>>    
>>
>
>Are you using LDAP? If so, then you need to put all user and
>machine accounts into the LDAP database.
>
nope - not using LDAP.  thought about it, but i have little experience 
with it,
and i did not want to move up on too many technology fronts at one time.

>
>  
>
>>the servers fully qualified name is MARS.GENWAX.TEST.
>>test is like com or org or net.  i use my own root names all the
>>time for testing.
>>    
>>
>
>Providing you are not using LDAP for Samba, use in smb.conf:
>
>	workgroup = genwax
>	netbios name = mars
>
ok - is genwax.test not a good idea for some reason.  are the dots 
restricted in win XP??

>
>Also, first stop samba, the remove your secrets.tdb file. Also, remove the
>browse.dat (and if you have one, wins.dat), then restart samba, wait at
>least 5 minutes before you try to get your MS Windows client to join the
>domain.
>
>Also, I strongly recommend that you run Samba as your WINS server and set
>in the MS Windows Client TCP/IP config, the IP address of your samba
>server for the WINS primary _and_ secondary addresses.
>
>To enable WINS serving in samba in smb.conf [globals]:
>	wins support = yes
>
i think this was the key.  as soon as i added this and modified the 
windows XP machine
to point to it, the error message disappeared.

>
>Also, restart the MS Windows machine, and when you log on as the local
>administrator, do NOT try to browse the network before you join the
>domain.
>
>Additionally, I presume you already have a root account in your smbpasswd
>file. You will need to use the 'Administrator' account to join the domain,
>and give it the password you entered when you added 'root' to smbpasswd.
>
>Let's see how that goes.
>
very well.  thank you very much for the help.  and thanks to everyone 
else who
assisted on this project.  i think the key was the wins server, although 
i followed serveral
suggestions at the same time, i had tried them at various points 
previously.  i believe giving the
XP PRO box a wins server to look at, stopped it from trying to search 
for the info
it needed.

>
>- John T.
>  
>
i'm leaving the rest of this post so that others who have the same 
trouble will find
it and the solution in a single post.

thanks again!!

>  
>
>>here are some excerps from the ms help files:
>>---- snip -----
>>         Error:  This computer could not locate a domain controller for the
>>         Active Directory domain displayed in the error message because the
>>         Domain Name System (DNS) servers used by this computer for name
>>         resolution failed to look up the service (SRV) resource record.
>>         Cause:  The DNS SRV resource record is not registered in DNS.
>>---- snip -----
>>
>>then:
>>         Active Directory uses Domain Name System (DNS) to locate domain
>>         controllers, enabling computers joining the network to obtain a
>>         domain controller, and then begin the process of network
>>         authentication.
>>         Computers joining an Active Directory domain must satisfy the
>>         following three DNS requirements:
>>           The computer must be configured with the IP address of a preferred DNS server.
>>(OK - and DNS works fine)
>>
>>           The _ldap._tcp.dc._msdcs.DNSDomainName service (SRV) resource record must exist
>>in DNS. (NOPE-don't have this)
>>---- snip ----
>>then:
>>            set type=srv
>>            _ldap._tcp.dc._msdcs.example.microsoft.com
>>           Server:  dc1.example.microsoft.com
>>           Address:  10.0.0.14
>>
>>           _ldap._tcp.dc._msdcs.example.microsoft.com   SRV service location
>>                     priority       = 0
>>                     weight         = 0
>>
>>                     port           = 389
>>                     svr hostname   = dc1.example.microsoft.com
>>           _ldap._tcp.dc._msdcs.example.microsoft.com   SRV service location
>>                     priority       = 0
>>
>>                     weight         = 0
>>                     port           = 389
>>                     svr hostname   = dc2.example.microsoft.com
>>---- snip ----
>>
>>port 389 in my /etc/services file is ldap.  i am not sure what is causing it to want
>>to do ldap on my computer and not on anyone else's.
>>
>>the server is mars.genwax.test.  the win XP pro SP1 client that i am trying to join to
>>the domain is hpvec2.genwax.test.  when i try to join it to the domain by either
>>using the wizard or the change button, this is the only interaction with the server
>>that i see via tcpdump:
>>
>> 22:38:00.439236 hpvec2.genwax.test.1064 > mars.genwax.test.domain:  16+ SRV ? _ldap._tcp.dc._msdcs.GENWAX.TEST. (50)
>>22:38:00.439664 mars.genwax.test.domain > hpvec2.genwax.test.1064:  16 NXDomain*- 0/1/0 (101) (DF)
>>
>>i need to get this solved, so let me know if there is anything
>>else i can provide that will help.
>>
>>
>>    
>>

-- 
___cliff rayman___cliff at genwax.com___http://www.genwax.com/






More information about the samba mailing list