[Samba] Unable to join the domain, problem with DNS records
Rowland Penny
rowlandpenny at googlemail.com
Thu Jan 9 04:36:27 MST 2014
On 09/01/14 11:03, Luka Goltnik wrote:
>
> On Thu, Jan 9, 2014 at 11:47 AM, Rowland Penny
> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote:
>
> On 09/01/14 10:31, Luka Goltnik wrote:
>> Rowland hello,
>>
>> o.m.s was just my attempt to try and shorten the whole thing o
>> stands for office m stands for mave and s stands for si.
>
> So, lets be clear here, where you have posted o.m.s, we should
> read office.mave.si <http://office.mave.si> ??
>
>
> Yes, that is correct
>
>
> When you attempt to join from a windows 7 client, just what are
> you entering as the realm/workgroup ??
>
>
> I'm entering OFFICE.MAVE.SI <http://OFFICE.MAVE.SI>
> Entering just MAVE.SI <http://MAVE.SI> gives me a completely different
> error:
> "
> An error occurred when DNS was queried for the service location (SRV)
> resource record used to locate an Active Directory Domain Controller
> (AD DC) for domain "MAVE.SI <http://MAVE.SI>".
>
> The error was: "No records found for given DNS query."
> (error code 0x0000251D DNS_INFO_NO_RECORDS)
>
> The query was for the SRV record for _ldap._tcp.dc._msdcs.MAVE.SI
> <http://msdcs.MAVE.SI>
> "
> Which kind of makes sense, since I get this answer from my server:
> # host -t SRV _ldap._tcp.dc._msdcs.MAVE.SI <http://msdcs.MAVE.SI>
> _ldap._tcp.dc._msdcs.MAVE.SI <http://msdcs.MAVE.SI> has no SRV record
>
>> As for files, here they are:
>>
>> /etc/samba/smb.conf
>> # Global parameters
>> [global]
>> workgroup = MAVE.SI <http://MAVE.SI>
>
> I have a feeling that you cannot use a dot in the workgroup name,
> i.e. MAVE_SI would be ok, but MAVE.SI <http://MAVE.SI> as you have
> it wouldn't.
>
>
> I can just change it to MAVE in case that that's the problem. The only
> question is, do I have to go through the whole initialization of samba
> all over again?
>
>>
> Try changing the above file to this: (the default samba4 one)
>
>
> [libdefaults]
> default_realm = OFFICE.MAVE.SI <http://OFFICE.MAVE.SI>
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
> Did that and it Kerberos still works, if I try testing it with kinit
> and klist commands.
>
>
>> ----
>> /etc/hosts
>> # /etc/hosts: Local Host Database
>> #
>> # This file describes a number of aliases-to-address mappings for
>> the for
>> # local hosts that share this file.
>> #
>> # In the presence of the domain name service or NIS, this file
>> may not be
>> # consulted at all; see /etc/host.conf for the resolution order.
>> #
>>
>> # IPv4 and IPv6 localhost aliases
>> 127.0.0.1 localhost
>> ::1 localhost
>> 127.0.0.1 office
>> 127.0.0.1 office.mave.si <http://office.mave.si>
>>
>> 192.168.1.16 office.mave.si <http://office.mave.si> office
>>
>> ----
>
> Hmm, the 127.0.0.1 line should probably be just '127.0.0.1 office'
>
>
> I removed the other one now.
>
>> cat /etc/resolv.conf
>> # Generated by net-scripts for interface lo
>> domain mave.si <http://mave.si>
>>
>>
> And here is probably your main problem, it is not pointing to your
> samba dns server, it should be:
>
> search mave.si <http://mave.si>
> domain <http://mave.si>mave.si <http://mave.si>
> nameserver 127.0.0.1
>
>
> And did this as well.
>
> But I still have the same problem joining client to domain as I did
> before.
>
>
> Regards,
> Luka
Hi, did you alter smb.conf in any way ??
I would have expected the [global] part to look like this:
[global]
workgroup = MAVE.SI
realm = office.mave.si
netbios name = OFFICE
server role = active directory domain controller
dns forwarder = 193.2.1.66
idmap_ldb:use rfc2307 = yes
Rowland
More information about the samba
mailing list