[Samba] Samba 4.0.7 DC in Windows 2003R2 AD

Garth Keesler garthk at gdcjk.com
Tue Jul 9 08:44:00 MDT 2013

Yes, the Samba server was joined to an existing Win2003R2 AD raised to 
the Forest Domain level following the steps outlined at 

Both DCs are on a local LAN so there is no FW between them and I checked 
that the 2003 server has no FW running.

Let me know what else I can provide.


On 07/09/2013 08:51 AM, Daniel Müller wrote:
> Did you join your samba4 to w 2003R2 AD domain?
> Is it a firewall feature?
> -----------------------------------------------
> EDV Daniel Müller
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Garth Keesler
> Gesendet: Dienstag, 9. Juli 2013 14:43
> An: samba at lists.samba.org
> Betreff: [Samba] Samba 4.0.7 DC in Windows 2003R2 AD
>    Greetings,
> The ultimate goal is a full implementation of Samba4/OpenChange/SOGo but
> that onion has too many layers to shoot for the whole thing at once. So,
> I've added a Samba/Ubuntu12.04 DC to the AD and want to get it totally
> correct before proceeding with OC. I have two questions (at the moment):
> First, PAM is not included on the Samba DC and I need to know if it is a
> requirement. The docs say that, if you want to use it, just rebuild after
> installing the necessary PAM libs but there are a fairly large number of
> various flavors of PAM libraries and I could use some help selecting the
> right set.
> Second, the Samba DC is using the internal DNS and one-way sync from the PDC
> seems to be working but not the other way and I always get the following
> error when running one of the DNS tests that the docs indicate should be
> run.
> root at sambadc:~# samba-tool dns query sambadc mydomain.com @ ALL -Uadmin
> GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5'
> registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend
> 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend
> 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend
> 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:sambadc[,sign]
> Password for [mydomain\admin]:
> ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE')
>     File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 175, in _run
>       return self.run(*args, **kwargs)
>     File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", line
> 974, in run
>       None, record_type, select_flags, None, None)
> If I need to include additional info/files, let me know and I'll do so.
> Any help greatly appreciated.
> Thanx,
> Garth
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list