[Samba] Joining windows xp to Samba 4 PDC

Przemek Jagieła przemek1 at buziaczek.pl
Fri Jul 23 10:00:11 MDT 2010 

Welcome


I install Samba 4.0.0 alpha 12 on Ubuntu 9.10 and configured as PDC. 
When I want join windows to domain I get error message:

It’s unable to communicate with domain controller for domain firma.local.

Query DNS resource record for the service location (SRV) used to locate 
a domain controller for domain firma.local was successful.

The query was for the SRV record for _ldap._tcp.dc._msdcs.firma.local

The query identified the following domain controllers:

Przemek-laptop.firma.local

The most common causes of this error are:

- host (A) records that map the name of the domain controller to IP 
addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the network 
or do not work.

DNS configuration for domain firma.local seem to be correct. I include 
configuration file firma.local.zone below.

; -*- zone -*-

; generated by provision.pl

$ORIGIN firma.local.

$TTL 1W

@ IN SOA @ hostmaster (

2010052617 ; serial

2D ; refresh

4H ; retry

6W ; expiry

1W ) ; minimum

IN NS przemek-laptop

IN A 192.168.1.1

;

przemek-laptop IN A 192.168.1.1

gc._msdcs IN CNAME przemek-laptop

7ac2c0f4-6386-4382-81dc-d98b922d777c._msdcs IN CNAME przemek-laptop

;

; global catalog servers

_gc._tcp IN SRV 0 100 3268 przemek-laptop

_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 przemek-laptop

_ldap._tcp.gc._msdcs IN SRV 0 100 3268 przemek-laptop

_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 3268 
przemek-laptop

;

; ldap servers

_ldap._tcp IN SRV 0 100 389 przemek-laptop

_ldap._tcp.dc._msdcs IN SRV 0 100 389 przemek-laptop

_ldap._tcp.pdc._msdcs IN SRV 0 100 389 przemek-laptop

_ldap._tcp.90715785-ce5d-4420-a733-9c8e1c828cc8.domains._msdcs IN SRV 0 
100 389 przemek-laptop

_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 przemek-laptop

_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 
przemek-laptop

;

; krb5 servers

_kerberos._tcp IN SRV 0 100 88 przemek-laptop

_kerberos._tcp.dc._msdcs IN SRV 0 100 88 przemek-laptop

_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 przemek-laptop

_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 
przemek-laptop

_kerberos._udp IN SRV 0 100 88 przemek-laptop

; MIT kpasswd likes to lookup this name on password change

_kerberos-master._tcp IN SRV 0 100 88 przemek-laptop

_kerberos-master._udp IN SRV 0 100 88 przemek-laptop

;

; kpasswd

_kpasswd._tcp IN SRV 0 100 464 przemek-laptop

_kpasswd._udp IN SRV 0 100 464 przemek-laptop

;

; heimdal 'find realm for host' hack

_kerberos IN TXT FIRMA.LOCAL

I also include captured packet from attempt to connect to domain 
www.psalask.cba.pl/packet_samba4.pcap 
<http://www.psalask.cba.pl/packet_samba4.pcap>

I saw that on line 6 in packet CLDAP that NetBios Hostname is 
\\PRZEMEK-LAPTOP although on smb.conf netbios name is PRZEMEK-LAPTOP. If 
I correct net bios name on smb.conf to \\PRZEMEK-LAPTOP then on CLDAP 
packet NetBios Hostname is \\\\PRZEMEK-LAPTOP 
<file:///%5C%5CPRZEMEK-LAPTOP>.

To compare I include captured packets from connection to the same domain 
on Active Directory in Windows 2003 
http://psalask.cba.pl/packets_AD_windows2003.pcap


-- 
Pozdrawiam

Przemysław Jagieła

More information about the samba mailing list