[Samba] changing server role = standalone server to 'member server'

steve steve at steve-ss.com
Thu Apr 3 14:31:24 MDT 2014


On Thu, 2014-04-03 at 15:16 -0400, Carl Wilhelm Soderstrom wrote:
> On 04/02 11:18 , steve wrote:
> > You don't want to join the domain as another DC I don't think. 
> 
> Thanks for your clarification.
> Almost all the configuration help I find on the web for Samba v4 seems to
> be for setting up the Samba server as the AD server, rather than how to join
> it to an existing AD server.
> 
> > To join
> > as a member server you need a minimal smb.conf:
> > 
> > [global]
> > workgroup = EXAMPLE
> > realm = EXAMPLE.COM
> > security = ADS
> > kerberos method = system keytab
> > 
> > now join:
> > net ads join -UAdministrator
> > 
> > That's it.
> 
> Thanks. That *mostly* worked. I did get this error:
> 
> root at samba-4:/etc/samba# net ads join -U administrator 
> Enter administrator's password:
> Using short domain name -- EXAMPLEAD
> Joined 'SAMBA-4' to dns domain 'ad.example.com'
> DNS update failed: NT_STATUS_UNSUCCESSFUL

OK
The fqdn of the machine you are joining is not sent over the net
command. It's a good idea to get it registered in DNS as there are
untold errors awaiting you if you do not. . .
-unjoin the domain:
net ads leave -UAdministrator
-remove the keytab:
rm /etc/krb5.keytab
-add fqdn and hostname to /etc/hosts:
127.0.0.1 hostname.domain.name hostname localhost
-ensure that the machine has a static IP
-ensure the primary dns is set to the IP of the DC
-rejoin

Good luck
Steve



More information about the samba mailing list