[Samba] Samba4 join existing domain

Andreas Jacobi andreasjacobi85 at gmail.com
Tue Mar 23 05:44:49 MDT 2010


I got the DNS resolv working. I edited /etc/nsswitch.conf and moved "dns"
further to the left in the list, before it was just right to
[NOTFOUND=return].

hosts:      files dns mdns4_minimal [NOTFOUND=return] mdns4


Regards Andreas



2010/3/22 Andreas Jacobi <andreasjacobi85 at gmail.com>

> Ok I tried some settings in krb5.conf and I got it to work. I had to
> specify the ip address of the kdc and not fqdn.
> Seems there is something wrong with my windows dns. Do you need to do
> anything special with windows dns to get it to work with linux and samba?
> As it is now I have only installed it and the dc service on the same
> windows computer, no other configuration.
>
>
> Regards Andreas
>
> 2010/3/21 Andrew Bartlett <abartlet at samba.org>
>
> On Wed, 2010-03-17 at 12:05 +0100, Andreas Jacobi wrote:
>> > Hello,
>> >
>> > I get this error message when i try to join my Samba4 server to an
>> existing
>> > domain:
>> >
>> > """
>> > >./net vampire domain.local -Uadmin --realm=domain.local
>> > Password for [WORKGROUP\admin]:
>> > Become DC [(null)] of Domain[DOMAIN]/[domain.local]
>> > Promotion Partner is Server[dc1.domain.local] from
>> > Site[Default-First-Site-Name]
>> > Options:crossRef behavior_version[2]
>> >             schema object_version[30]
>> >             domain behavior_version[2]
>> >             domain w2k3_update_revision[8]
>> > Failed to bind uuid "uuid-number" - NT_STATUS_INVALID_PARAMETER
>> > libnet_BecomeDC() failed - NT_STATUS_INVALID_PARAMETER
>> > Vampire of domain failed: NT_STATUS_INVALID_PARAMETER
>> > return code = -1
>> > """
>> >
>> > The primary DC is a Windows Server 2003 and it also acts as DNS server.
>> >
>> > What could be the cause of this? Has it something to do with me using
>> > Windows as DNS server?
>>
>> I think that you don't have your /etc/krb5.conf set up correctly.
>> Ensure that:
>>
>> [libdefaults]
>>  default_realm = DOMAIN.LOCAL
>>  dns_lookup_realm = true
>>  dns_lookup_kdc = true
>>
>> is set, and then try a 'kinit administrator' to check that this works
>> first.
>>
>> Also perhaps turn up the debug level (add -d3 for example).
>>
>> Andrew Bartlett
>> --
>> Andrew Bartlett
>> http://samba.org/~abartlet/ <http://samba.org/%7Eabartlet/>
>> Authentication Developer, Samba Team           http://samba.org
>> Samba Developer, Cisco Inc.
>>
>
>


More information about the samba mailing list