[Samba] Strange nslookup results and can´t join ad domain
Knut Kroeger
tontal at gmx.net
Tue Nov 21 21:41:06 GMT 2006
Geir A. Myrestrand schrieb:
> Knut Kroeger wrote:
>
>> Hello to all,
>> first, I would join a win2003 domain running in hybrid mode. It´s a
>> SuSE 10.0 Linux box with samba 3.0.23d from sernet. I successfully got
>> a kerberos ticket with kinit, klist schows me the result. But I can´t
>> join the ad domain. After entering "net ads join -U
>> Administrator at REALM" and the admin pw I´ve got this error message
>> after a few minutes(!): utils/net_ads.c:ads_startup ads_connect:
>> Operations error
>> The logfiles offers that there might be an error with the name
>> resolution: cannot resolve host: _ldap._tcp.dc._msdcs.REALM
>> As reported I´ve tested this with nslookup: No result on the Linuxbox,
>> but it works on XP clients on the same subnet (?). I´ve checked twice
>> the configuration of the dns on the XP machine an the Linuxbox:
>> Identical.
>> I would be happy if there is anybody with a hint to solve this.
>
>
> Is REALM the name of your Kerberos realm?
Yes. REALM ist identical to the ad domain.
>
> You may want to verify your DNS registration:
>
> Verify DNS registration for domain controllers using the nslookup command
> http://technet2.microsoft.com/WindowsServer/en/library/b6879c0b-cff7-438d-a7f3-0715456dcefb1033.mspx?mfr=true
Keeping in mind that the Win2003 DC wasn´t setup by myself I´ll give
this a chance.
>
>
> I add the domain controllers to my /etc/hosts file too, ensuring that I
> can resolve the IP address using both the hostname and the FQDN for the
> domain controller.
I´ve tried this too, still no success. Still I wonder why nslookup works
on XP and Linux don´t....
BTW: nslookup hostname.REALM works on both but not
_ldap._tcp.dc._msdcs.REALM, this works only on XP...
Thanxs to Geir
More information about the samba
mailing list