[Samba] attempt to join WIN7 to 4.1 DC fails
Tiago Ribeiro
shasty at gmail.com
Sat Apr 12 16:54:42 MDT 2014
> Em 12/04/2014, às 17:02, Brandon <lakeb at sonic.net> escreveu:
>
> When I attempt to join my WIN7x64 ultimate clients to the samba 4.1 DC,
> the join request fails with the error message:
>
> "This operation is only allowed on the primary domain controller of the domain."
>
> ----------------
>
> Samba is running on a clean install of Slackware 14.1
>
> ----------------
>
> 'net ads lookup' returns:
>
> Information for Domain Controller: (the_correct_IP)
>
> Response Type: LOGON_SAM_LOGON_RESPONSE_EX
> GUID: (bunch_of_characters_and_hyphens)
> Flags:
> Is a PDC: yes
> Is a GC of the forest: yes
> Is an LDAP server: yes
> Supports DS: yes
> Is running a KDC: yes
> Is running time services: yes
> Is the closest DC: yes
> Is writable: yes
> Has a hardware clock: yes
> Is a non-domain NC serviced by LDAP server: no
> Is NT6 DC that has some secrets: no
> Is NT6 DC that has all secrets: no
> Forest: lac.internal
> Domain: lac.internal
> Domain Controller: garcon.lac.internal
> Pre-Win2k Domain: LAC
> Pre-Win2k Hostname: GARCON
> Server Site Name : Default-First-Site-Name
> Client Site Name : Default-First-Site-Name
> NT Version: 5
> LMNT Token: ffff
> LM20 Token: ffff
>
> ----------------
>
> DNS and DHCP are working great.
>
> ----------------
>
> 'samba-tool dbcheck' returns 0 errors
>
> ----------------
>
> 'samba-tool testparm' returns:
>
> Press enter to see a dump of your service definitions
>
> # Global parameters
> [global]
> workgroup = LAC
> realm = LAC.INTERNAL
> netbios name = GARCON
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate
>
> [netlogon]
> path = /var/lib/samba/sysvol/lac.internal/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> 'samba-tool domain level show' returns:
>
> Domain and forest function level for domain 'DC=lac,DC=internal'
>
> Forest function level: (Windows) 2003
> Domain function level: (Windows) 2003
> Lowest function level of a DC: (Windows) 2008 R2
>
> ----------------
>
> I'm pretty new to this, so lets start with the stupid mistakes someone who is
> following internet guides could make.
>
> Thanks in advance everyone.
>
I now you say DNS is ok, but can make one test?
From your station you can ping to host garcon.lac.internal?
More information about the samba
mailing list