[Samba] nslookup from Windows resolves domain and pdc correctly but still gets cannot contact on samba 3.2.5-4 on lenny

John H Terpstra jht at samba.org
Wed Apr 28 09:38:08 MDT 2010 

On 04/28/2010 06:55 AM, Siju George wrote:
> Hi,
> 
> I have installed
> 
> ii  samba                                 2:3.2.5-4lenny9            a
> LanManager-like file and printer server for Unix
> ii  samba-common                          2:3.2.5-4lenny9
> Samba common files used by both the server and the client
> 
> On Debian Lenny and i am sharing directories to Windows Users successfully.
> 
> I configured it as a PDC with the following configuration.
> 
> 
> 
> [global]
>        workgroup = HIFXNX
>        netbios name = HIFXNXDC
>        server string = HIFXNX Domain Controller, PHP Development
> Server, Subversion Server, DNS Server
>        interfaces = 172.16.2.0/255.255.255.255

Can this really work?  Note the size of the netmask!

Maybe better:
	interfaces = interface_name

If necessary to restrict IP address range, us the "hosts allow" parameter.

- John T.

>        bind interfaces only = Yes
>        obey pam restrictions = Yes
>        passdb backend = tdbsam
>        pam password change = Yes
>        passwd program = /usr/bin/passwd %u
>        passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>        unix password sync = Yes
>        syslog = 0
>        log file = /var/log/samba/log.%m
>        max log size = 1000
>        name resolve order = lmhosts host wins bcast
>        add user script = /usr/sbin/adduser --quiet
> --disabled-password --gecos "" %u
>        add group script = /usr/sbin/addgroup --force-badname %g
>        add machine script = /usr/sbin/useradd -g machines -c "%u
> machine account" -d /var/lib/samba -s /bin/false %u
>        domain logons = Yes
>        os level = 33
>        preferred master = Auto
>        domain master = Yes
>        dns proxy = No
>        panic action = /usr/share/samba/panic-action %d
> 
> [homes]
>        comment = Home Directories
>        valid users = %S
>        create mask = 0700
>        directory mask = 0700
>        browseable = No
> 
> [netlogon]
>        comment = Network Logon Service
>        path = /home/samba/netlogon
>        guest ok = Yes
>        share modes = No
> 
> 
> I can get the domain & domain controller resolved using DNS from the
> Windows XP machine.
> 
> 
> C:\Documents and Settings\secure>nslookup hifxnx.local
> Server:  hifxpms.hifxchn2.local
> Address:  172.16.2.26
> 
> Name:    hifxnx.local
> Address:  172.16.2.0
> 
> C:\Documents and Settings\secure>nslookup hifxnxdc.hifxnx.local
> Server:  hifxpms.hifxchn2.local
> Address:  172.16.2.26
> 
> Name:    hifxnxdc.hifxnx.local
> Address:  172.16.2.0
> 
> C:\Documents and Settings\secure>ipconfig /all
> Windows IP Configuration
> 
>        Host Name . . . . . . . . . . . . : winxsp2-vm
>        Primary Dns Suffix  . . . . . . . :
>        Node Type . . . . . . . . . . . . : Unknown
>        IP Routing Enabled. . . . . . . . : No
>        WINS Proxy Enabled. . . . . . . . : No
> 
> Ethernet adapter Local Area Connection:
> 
>        Connection-specific DNS Suffix  . :
>        Description . . . . . . . . . . . : AMD PCNET Family PCI
> Ethernet Adapter
>        Physical Address. . . . . . . . . : 08-00-27-DE-AB-29
>        Dhcp Enabled. . . . . . . . . . . : No
>        IP Address. . . . . . . . . . . . : 172.16.2.51
>        Subnet Mask . . . . . . . . . . . : 255.240.0.0
>        Default Gateway . . . . . . . . . : 172.17.1.0
>        DNS Servers . . . . . . . . . . . : 172.16.2.26
>                                            172.17.1.0
> 
> But when I try to join the domain from the Windows XP machine.
> I get the error
> 
> "A Domain Controller for the domain hifxnx.local could not be contacted"
> 
> and the debug log file dcdiag.txt contains these details.
> 
> The following error occurred when DNS was queried for the service
> location (SRV) resource record used to locate a domain controller for
> domain hifxnx.local:
> 
> The error was: "DNS name does not exist."
> (error code 0x0000232B RCODE_NAME_ERROR)
> 
> The query was for the SRV record for _ldap._tcp.dc._msdcs.hifxnx.local
> 
> Common causes of this error include the following:
> 
> - The DNS SRV record is not registered in DNS.
> 
> - One or more of the following zones do not include delegation to its
> child zone:
> 
> hifxnx.local
> local
> . (the root zone)
> 
> For information about correcting this problem, click Help
> 
> It will be great if some one can point out the problem to me :-)
> 
> Thanks
> 
> --Siju

More information about the samba mailing list