[Samba] Joining windows xp to Samba 4 PDC
Przemek Jagieła
przemek1 at buziaczek.pl
Fri Jul 23 10:00:11 MDT 2010
Welcome
I install Samba 4.0.0 alpha 12 on Ubuntu 9.10 and configured as PDC.
When I want join windows to domain I get error message:
It’s unable to communicate with domain controller for domain firma.local.
Query DNS resource record for the service location (SRV) used to locate
a domain controller for domain firma.local was successful.
The query was for the SRV record for _ldap._tcp.dc._msdcs.firma.local
The query identified the following domain controllers:
Przemek-laptop.firma.local
The most common causes of this error are:
- host (A) records that map the name of the domain controller to IP
addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network
or do not work.
DNS configuration for domain firma.local seem to be correct. I include
configuration file firma.local.zone below.
; -*- zone -*-
; generated by provision.pl
$ORIGIN firma.local.
$TTL 1W
@ IN SOA @ hostmaster (
2010052617 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
IN NS przemek-laptop
IN A 192.168.1.1
;
przemek-laptop IN A 192.168.1.1
gc._msdcs IN CNAME przemek-laptop
7ac2c0f4-6386-4382-81dc-d98b922d777c._msdcs IN CNAME przemek-laptop
;
; global catalog servers
_gc._tcp IN SRV 0 100 3268 przemek-laptop
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 przemek-laptop
_ldap._tcp.gc._msdcs IN SRV 0 100 3268 przemek-laptop
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 3268
przemek-laptop
;
; ldap servers
_ldap._tcp IN SRV 0 100 389 przemek-laptop
_ldap._tcp.dc._msdcs IN SRV 0 100 389 przemek-laptop
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 przemek-laptop
_ldap._tcp.90715785-ce5d-4420-a733-9c8e1c828cc8.domains._msdcs IN SRV 0
100 389 przemek-laptop
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 przemek-laptop
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389
przemek-laptop
;
; krb5 servers
_kerberos._tcp IN SRV 0 100 88 przemek-laptop
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 przemek-laptop
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 przemek-laptop
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88
przemek-laptop
_kerberos._udp IN SRV 0 100 88 przemek-laptop
; MIT kpasswd likes to lookup this name on password change
_kerberos-master._tcp IN SRV 0 100 88 przemek-laptop
_kerberos-master._udp IN SRV 0 100 88 przemek-laptop
;
; kpasswd
_kpasswd._tcp IN SRV 0 100 464 przemek-laptop
_kpasswd._udp IN SRV 0 100 464 przemek-laptop
;
; heimdal 'find realm for host' hack
_kerberos IN TXT FIRMA.LOCAL
I also include captured packet from attempt to connect to domain
www.psalask.cba.pl/packet_samba4.pcap
<http://www.psalask.cba.pl/packet_samba4.pcap>
I saw that on line 6 in packet CLDAP that NetBios Hostname is
\\PRZEMEK-LAPTOP although on smb.conf netbios name is PRZEMEK-LAPTOP. If
I correct net bios name on smb.conf to \\PRZEMEK-LAPTOP then on CLDAP
packet NetBios Hostname is \\\\PRZEMEK-LAPTOP
<file:///%5C%5CPRZEMEK-LAPTOP>.
To compare I include captured packets from connection to the same domain
on Active Directory in Windows 2003
http://psalask.cba.pl/packets_AD_windows2003.pcap
--
Pozdrawiam
Przemysław Jagieła
More information about the samba
mailing list