[Samba] Windows 7 Pro/64 unable to contact domain controller

Tue Aug 26 15:09:26 MDT 2014

On 26/08/14 04:42 PM, Gregory Sloop wrote:
> Re: [Samba] Windows 7 Pro/64 unable to contact domain controller
>
>
> *GD> On 26/08/14 12:26 PM, Gary Dale wrote:
> >> I have a number of systems running Windows 7/pro 64bit connecting to a
> >> Debian/Wheezy Samba DC. After one was rebooted today, I was unable to
> >> log on with a domain account, with the usual message about being
> >> unable to connect to a domain controller.
>
> >> After logging on with a local account, I tried rejoining the domain
> >> but was unable - again Windows complained that it can't contact the
> >> domain controller. Re-did the Window registry settings change to allow
> >> Win7 to connect to an NT-style domain but still no luck. Same when I
> >> turned off the firewall. Rebooted multiple times in the process.
>
> >> I can connect to network shares on the Samba DC (3.6.6) and can
> >> connect with SWAT using the NetBIOS name but others can't connect to
> >> shares on this computer.
>
> >> Any ideas?
>
> GD> The Samba logs show absolutely nothing happening which suggests that
> GD> Windows is accurate when it says it can't find or connect to a login
> GD> server / domain controller.
>
> GD> I've been through all the Google searches I can think of and haven't
> GD> found much beyond the local security policy and local registry 
> changes.
>
> GD> I can connect to shares on the computer only when I use a local 
> account.
>
> *This sounds a lot like DNS that isn't operating as you'd expect. 
> [i.e. A DNS query doesn't return the correct address for the server, 
> or perhaps any address at all.]
>
> What's handling DNS for the problem workstation, and is it handing out 
> answers properly. [A rogue DHCP server which pollutes DNS could cause 
> it too.]
>
> -Greg
The DNS is handled through a D-Link DIR-825 router, although it doesn't 
do it properly. I've pointed it to the PDC for WINS (a manual setting 
that it has). I've tried the router with the Advanced DNS turned on 
(which it was until yesterday, when I tracked that "feature" to an 
intermittent time-out error with database connections).

When I turned it off, name resolution seemed to be working fine for the 
local computers. This was tried with both OpenDNS and the DNS servers 
provided by the ISP.

I turned it back on several hours ago but that doesn't seem to make 
things any better.

The problem only seems to be affecting this one machine. there are 8 
other workstations that seem to have no problems with domain logins.