[Samba] Can I use net ads join without DNS

andy.marr at bt.com andy.marr at bt.com
Wed Sep 16 08:10:38 MDT 2009 

Hi Samba people

I'm trying to join a Solari10 server using Samba Version 3.0.33 server
to an ADS. But the ADS is not in DNS.

I thought I could get round this by putting the ADS IP in the servers
local hosts file, and telling the krb5.conf not to use dns but it
doesn't seem to work. 

1. Can it be done ?
2. If it can how ?

Output of my net join ads, still seems to be using DNS 
[root at fgukshppay001] # /usr/sfw/sbin/net ads join -U admandymarr -d3
[2009/09/16 15:01:42, 3] param/loadparm.c:(5055)
  lp_load: refreshing parameters
[2009/09/16 15:01:42, 3] param/loadparm.c:(1440)
  Initialising global parameters
[2009/09/16 15:01:42, 3] param/params.c:(572)
  params.c:pm_process() - Processing configuration file
"/etc/sfw/smb.conf"
[2009/09/16 15:01:42, 3] param/loadparm.c:(3794)
  Processing section "[global]"
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=10.193.69.100 bcast=10.193.69.255
nmask=255.255.255.0
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=10.193.69.101 bcast=10.193.69.255
nmask=255.255.255.0
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=172.30.61.177 bcast=172.30.61.255
nmask=255.255.255.0
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=172.30.61.178 bcast=172.30.61.255
nmask=255.255.255.0
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=10.193.69.102 bcast=10.193.69.255
nmask=255.255.255.0
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=172.30.61.179 bcast=172.30.61.255
nmask=255.255.255.0
[2009/09/16 15:01:42, 2] lib/interface.c:(81)
  added interface ip=192.168.1.2 bcast=192.168.1.255 nmask=255.255.255.0
[2009/09/16 15:01:42, 3] libsmb/namequery.c:(1495)
  get_dc_list: preferred server list: ", *"
[2009/09/16 15:01:42, 3] libads/dns.c:(303)
  ads_dns_lookup_srv: Failed to resolve
_ldap._tcp.dc._msdcs.FGPREPROD.COM (Error 0)
[2009/09/16 15:01:42, 3] libads/dns.c:(363)
  ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL)
[2009/09/16 15:01:42, 3] libsmb/namequery.c:(1495)
  get_dc_list: preferred server list: ", *"
[2009/09/16 15:01:42, 3] libsmb/namequery.c:(966)
  resolve_lmhosts: Attempting lmhosts lookup for name
FGPREPROD.COM<0x1c>
[2009/09/16 15:01:42, 3] libsmb/namequery.c:(863)
  resolve_wins: Attempting wins lookup for name FGPREPROD.COM<0x1c>
[2009/09/16 15:01:42, 3] libsmb/namequery.c:(866)
  resolve_wins: WINS server resolution selected and no WINS servers
listed.
[2009/09/16 15:01:42, 3] libsmb/namequery.c:(805)
  name_resolve_bcast: Attempting broadcast lookup for name
FGPREPROD.COM<0x1c>
[2009/09/16 15:01:48, 3] libsmb/namequery.c:(1495)
  get_dc_list: preferred server list: ", *"
[2009/09/16 15:01:48, 3] libsmb/namequery.c:(966)
  resolve_lmhosts: Attempting lmhosts lookup for name FGPREPROD<0x1c>
[2009/09/16 15:01:48, 3] libsmb/namequery.c:(863)
  resolve_wins: Attempting wins lookup for name FGPREPROD<0x1c>
[2009/09/16 15:01:48, 3] libsmb/namequery.c:(866)
  resolve_wins: WINS server resolution selected and no WINS servers
listed.
[2009/09/16 15:01:48, 3] libsmb/namequery.c:(805)
  name_resolve_bcast: Attempting broadcast lookup for name
FGPREPROD<0x1c>
[2009/09/16 15:01:55, 3] libsmb/namequery_dc.c:(162)
  Could not look up dc's for domain FGPREPROD
admandymarr's password:
[2009/09/16 15:02:00, 3] libsmb/namequery.c:(1495)
  get_dc_list: preferred server list: ", *"
[2009/09/16 15:02:00, 3] libads/dns.c:(303)
  ads_dns_lookup_srv: Failed to resolve
_ldap._tcp.dc._msdcs.FGPREPROD.COM (Error 0)
[2009/09/16 15:02:00, 3] libads/dns.c:(363)
  ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL)
[2009/09/16 15:02:00, 3] libsmb/namequery.c:(1495)
  get_dc_list: preferred server list: ", *"
[2009/09/16 15:02:00, 3] libsmb/namequery.c:(966)
  resolve_lmhosts: Attempting lmhosts lookup for name
FGPREPROD.COM<0x1c>
[2009/09/16 15:02:00, 3] libsmb/namequery.c:(863)
  resolve_wins: Attempting wins lookup for name FGPREPROD.COM<0x1c>
[2009/09/16 15:02:00, 3] libsmb/namequery.c:(866)
  resolve_wins: WINS server resolution selected and no WINS servers
listed.
[2009/09/16 15:02:00, 3] libsmb/namequery.c:(805)
  name_resolve_bcast: Attempting broadcast lookup for name
FGPREPROD.COM<0x1c>
[2009/09/16 15:02:06, 0] utils/net_ads.c:(286)
  ads_connect: No logon servers
[2009/09/16 15:02:06, 1] utils/net_ads.c:(1470)
  error on ads_startup: No logon servers
Failed to join domain: No logon servers
[2009/09/16 15:02:06, 2] utils/net.c:(1075)
  return code = -1



My krb5.conf
[libdefaults]
default_realm = FGPREPROD.COM
dns_lookup_realm = false
dns_lookup_kdc = false

[realms]
FGPREPROD.COM = {
kdc = fgukcbradc001.XXDOMAINXX.com
admin_server = fgukcbradc001.XXDOMAINXX.com
}

[domain_realm]
.fgpreprod.com = FGPREPROD.COM
.subdomain.fgpreprod.com = FGPREPROD.COM

[logging]
default = FILE:/var/krb5/kdc.log
kdc = FILE:/var/krb5/kdc.log
kdc_rotate = {
period = 1d
version = 10
}

[appdefaults]
kinit = {
renewable = true
forwardable= true
}


My smb.conf
[global]
        workgroup = FGPREPROD
        server string =  Samba Server

        security = ADS
        realm = FGPREPROD.COM

        encrypt passwords = yes
        log level = 3
        log file = /var/samba/log/log.%m
        max log size = 250
        printcap name = /dev/null
        template shell = /bin/bash

[lswwusers]
   comment = lswwusers
   path = /mirror/livesww/users
   valid users = admandymarr smbtest
   public = yes
   browseable = yes
   read only = yes


Entery in my  /etc/hosts for the ADS server

10.193.33.133   fgukcbradc001.XXMYDOMAINXX.com fgpreprod.com
FGPREPROD.COM


XXMYDOMAINXX has replace the domain I'm working in, just incase they are
not happy about me posting internal info on the net :-(



Many thanks
Andy

More information about the samba mailing list