[Samba] Cannot join Windows XP Pro to new Samba 4 AD

dahopkins at comcast.net dahopkins at comcast.net
Wed Jul 24 09:11:53 MDT 2013 

Figures ... I had to restart samba after adding the zone. Now adding A and PTR records appears to work correctly. 

----- Original Message -----
From: dahopkins at comcast.net 
To: "L.P.H. van Belle" <belle at bazuin.nl> 
Cc: samba at lists.samba.org 
Sent: Wednesday, July 24, 2013 10:55:40 AM 
Subject: Re: [Samba] Cannot join Windows XP Pro to new Samba 4 AD 

I checked and the Windows XP systems have unique SIDS, so I can hopefully rule out that issue. 

So .. since it is just a few commands to rebuild the domain, I deleted the data in private, restarted my ldap and re-ran the classicupgrade command. Then, after disabling the dns, smb and restarting, I tested dns. However, while I can resolve the hostname to an IP address, the reverse lookup doesn't work. Should it? 

/usr/local/samba/etc> nslookup ncssamba1 
Server: 10.179.2.25 
Address: 10.179.2.25#53 

Name: ncssamba1.ncs.k12.de.us 
Address: 10.179.2.25 

/usr/local/samba/etc> nslookup 10.179.2.25 
Server: 10.179.2.25 
Address: 10.179.2.25#53 

Non-authoritative answer: 
*** Can't find 25.2.179.10.in-addr.arpa.: No answer 

Authoritative answers can be found from: 
10.in-addr.arpa 
origin = doverkdc001.k12.de.us 
mail addr = hostmaster.k12.de.us 
serial = 179241 
refresh = 900 

So I tried to add the zone, but still it does not resolve correctly 

/usr/local/samba/etc> samba-tool dns zonecreate ncssamba1.ncs.k12.de.us 179.10.in-addr.arpa 
Zone 179.10.in-addr.arpa created successfully 
/usr/local/samba/etc> samba-tool dns add ncssamba1.ncs.k12.de.us 179.10.in-addr.arpa 25.2 PTR ncssamba1 
Record added successfully 
/usr/local/samba/etc> nslookup 10.179.2.25 
Server: 10.179.2.25 
Address: 10.179.2.25#53 

Non-authoritative answer: 
*** Can't find 25.2.179.10.in-addr.arpa.: No answer 

Authoritative answers can be found from: 
10.in-addr.arpa 
origin = doverkdc001.k12.de.us 
mail addr = hostmaster.k12.de.us 
serial = 179242 
refresh = 900 
retry = 600 
expire = 86400 
minimum = 3600 

What am I doing incorrectly? How do I get the reverse lookups to work so that ncssamba1 is authoritative for the 10.179 range? 

Sincerely, 
Dave Hopkins 
Newark Charter School 

----- Original Message ----- 
From: dahopkins at comcast.net 
To: "L.P.H. van Belle" <belle at bazuin.nl> 
Cc: samba at lists.samba.org 
Sent: Wednesday, July 24, 2013 7:54:04 AM 
Subject: Re: [Samba] Cannot join Windows XP Pro to new Samba 4 AD 

Thanks! I have the Windows systems using a centralized time server but they were imaged. I'll check on the issue with the SID since I didn't do the images. 

----- Original Message ----- 
From: "L.P.H. van Belle" <belle at bazuin.nl> 
To: dahopkins at comcast.net 
Cc: samba at lists.samba.org 
Sent: Wednesday, July 24, 2013 3:49:05 AM 
Subject: RE: [Samba] Cannot join Windows XP Pro to new Samba 4 AD 

im thinking.. 


Time problems, OR, u used an XP image, which was not syspreped on all your pc's. 
( aka, all your pc's have the same SID ) 

Yes, for samba3 this was not a problem, samba4 it is. 

Louis 


>-----Oorspronkelijk bericht----- 
>Van: dahopkins at comcast.net 
>[mailto:samba-bounces at lists.samba.org] Namens dahopkins at comcast.net 
>Verzonden: dinsdag 23 juli 2013 22:58 
>Aan: samba at lists.samba.org 
>Onderwerp: [Samba] Cannot join Windows XP Pro to new Samba 4 AD 
> 
>I have upgraded my Samba3+LDAP system to Samba 4 following the 
>instructions given here: 
>https://wiki.samba.org/index.php/Samba4/samba-tool/domain/class 
>icupgrade/HOWTO 
> 
>I did this on a test server (so I also moved the ldap 
>database, installed openldap, etc). 
> 
>The installation passes all the simple tests suggested here: 
>https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Testing_conn 
>ectivity_to_your_Samba_AD_DC 
> 
>However, when I attempt to join a Windows XP Pro system to the 
>domain, I get an RCP error. Also, if I attempt to log onto a 
>system that was already joined, I am prompted for a password 
>change and then I get a message about the domain not being available. 
> 
>Both of the Windows systems had the registry changes that were 
>once required for Samba3 (signorseal in particular). 
> 
>I have not been able to find any information about the RPC 
>error that makes sense. Some have suggested adding entries 
>such as https://lists.samba.org/archive/samba/2013-January/171216.html 
> 
>If anyone has any suggestions for troubleshooting, I'd 
>appreciate the advice. 
> 
>Sincerely, 
>Dave Hopkins 
>Newark Charter School 
>-- 
>To unsubscribe from this list go to the following URL and read the 
>instructions: https://lists.samba.org/mailman/options/samba 
> 
> 

-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 
-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list