[Samba] Unable to join the domain, problem with DNS records

Rowland Penny rowlandpenny at googlemail.com
Thu Jan 9 04:46:32 MST 2014 

On 09/01/14 11:44, Luka Goltnik wrote:
> Hi!
>
> No I haven't, but I'm happy to report that I just got it working! :-)
> You were right, the problem was the dot in the workgroup name. So I 
> deleted all the files and did the whole samba configuration again and 
> I'm happy to report, I managed to join the client computer to the 
> domain. I couldn't be more happy right now!
>
> Thank you very much for your help! ;-)
>
> Now off to setting up file shares and users. :-)
>
> Best wishes,
> Luka
>
>
> On Thu, Jan 9, 2014 at 12:36 PM, Rowland Penny 
> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote:
>
>     On 09/01/14 11:03, Luka Goltnik wrote:
>>
>>     On Thu, Jan 9, 2014 at 11:47 AM, Rowland Penny
>>     <rowlandpenny at googlemail.com
>>     <mailto:rowlandpenny at googlemail.com>> wrote:
>>
>>         On 09/01/14 10:31, Luka Goltnik wrote:
>>>         Rowland hello,
>>>
>>>         o.m.s was just my attempt to try and shorten the whole thing
>>>         o stands for office m stands for mave and s stands for si.
>>
>>         So, lets be clear here, where you have posted o.m.s, we
>>         should read office.mave.si <http://office.mave.si> ??
>>
>>
>>     Yes, that is correct
>>
>>
>>         When you attempt to join from a windows 7 client, just what
>>         are you entering as the realm/workgroup ??
>>
>>
>>     I'm entering OFFICE.MAVE.SI <http://OFFICE.MAVE.SI>
>>     Entering just MAVE.SI <http://MAVE.SI> gives me a completely
>>     different error:
>>     "
>>     An error occurred when DNS was queried for the service location
>>     (SRV) resource record used to locate an Active Directory Domain
>>     Controller (AD DC) for domain "MAVE.SI <http://MAVE.SI>".
>>
>>     The error was: "No records found for given DNS query."
>>     (error code 0x0000251D DNS_INFO_NO_RECORDS)
>>
>>     The query was for the SRV record for _ldap._tcp.dc._msdcs.MAVE.SI
>>     <http://msdcs.MAVE.SI>
>>     "
>>     Which kind of makes sense, since I get this answer from my server:
>>      # host -t SRV _ldap._tcp.dc._msdcs.MAVE.SI <http://msdcs.MAVE.SI>
>>     _ldap._tcp.dc._msdcs.MAVE.SI <http://msdcs.MAVE.SI> has no SRV record
>>
>>>         As for files, here they are:
>>>
>>>          /etc/samba/smb.conf
>>>         # Global parameters
>>>         [global]
>>>                 workgroup = MAVE.SI <http://MAVE.SI>
>>
>>         I have a feeling that you cannot use a dot in the workgroup
>>         name, i.e. MAVE_SI would be ok, but MAVE.SI <http://MAVE.SI>
>>         as you have it wouldn't.
>>
>>
>>     I can just change it to MAVE in case that that's the problem. The
>>     only question is, do I have to go through the whole
>>     initialization of samba all over again?
>>
>>>
>>         Try changing the above file to this: (the default samba4 one)
>>
>>
>>         [libdefaults]
>>                 default_realm = OFFICE.MAVE.SI <http://OFFICE.MAVE.SI>
>>                 dns_lookup_realm = false
>>                 dns_lookup_kdc = true
>>
>>
>>     Did that and it Kerberos still works, if I try testing it with
>>     kinit and klist commands.
>>
>>
>>>         ----
>>>         /etc/hosts
>>>         # /etc/hosts: Local Host Database
>>>         #
>>>         # This file describes a number of aliases-to-address
>>>         mappings for the for
>>>         # local hosts that share this file.
>>>         #
>>>         # In the presence of the domain name service or NIS, this
>>>         file may not be
>>>         # consulted at all; see /etc/host.conf for the resolution order.
>>>         #
>>>
>>>         # IPv4 and IPv6 localhost aliases
>>>         127.0.0.1       localhost
>>>         ::1             localhost
>>>         127.0.0.1       office
>>>         127.0.0.1 office.mave.si <http://office.mave.si>
>>>
>>>         192.168.1.16 office.mave.si <http://office.mave.si>  office
>>>
>>>         ----
>>
>>         Hmm, the 127.0.0.1 line should probably be just '127.0.0.1   
>>         office'
>>
>>
>>     I removed the other one now.
>>
>>>         cat /etc/resolv.conf
>>>         # Generated by net-scripts for interface lo
>>>         domain mave.si <http://mave.si>
>>>
>>>
>>         And here is probably your main problem, it is not pointing to
>>         your samba dns server, it should be:
>>
>>         search mave.si <http://mave.si>
>>         domain <http://mave.si>mave.si <http://mave.si>
>>         nameserver 127.0.0.1
>>
>>
>>     And did this as well.
>>
>>     But I still have the same problem joining client to domain as I
>>     did before.
>>
>>
>>     Regards,
>>     Luka
>
>     Hi, did you alter smb.conf in any way ??
>
>     I would have expected the [global] part to look like this:
>
>     [global]
>             workgroup = MAVE.SI <http://MAVE.SI>
>             realm = office.mave.si <http://office.mave.si>
>
>             netbios name = OFFICE
>             server role = active directory domain controller
>             dns forwarder = 193.2.1.66
>             idmap_ldb:use rfc2307 = yes
>
>     Rowland
>
>
Glad you got it work, perhaps this should be somewhere on the wiki ??

Rowland

More information about the samba mailing list