[Samba] Problems after PC is joined to the domain - Samba 4

Theodotos Andreou theo at ubuntucy.org
Wed Jun 4 04:34:20 MDT 2014 

On 06/03/2014 01:18 PM, steve wrote:
> On Tue, 2014-06-03 at 08:38 +0300, Theodotos Andreou wrote:
>
>> OK I followed the guide blindly:
>>
>> # grep 127 /etc/hosts
>> 127.0.1.1	MYPCNAME.dom.forest.int MYPCNAME localhost
>>
>> # cat /etc/hostname
>> MYPCNAME.dom.forest.int
>>
>> # grep hosts /etc/nsswitch.conf
>> hosts:          files dns
>>
>> # cat /etc/krb5.conf
>> [libdefaults]
>>           default_realm = DOM.FOREST.INT
>>           dns_lookup_realm = false
>>           dns_lookup_kdc = true
>>
>>
>> The network interface is configured for DHCP
>>
>> I don't think /etc/krb5.conf does anything useful because (correct me if
>> I am wrong) samba 4 has its own kerberos implementation?
> You are wrong. /etc/krb5.conf does useful things because Samba4 has its
> own Kerberos implementation.
>
>> I still get the same behavior:
>>
>> # hostname -d
>> dom.forest.int
>>
>> # domainname
>> (none)
>>
>> Now what?
> Still wrong. Look again. You're close, but not close enough.
>
> What do you have at:
> /etc/resolv.conf
> /etc/samba/smb.conf
>
> Is nscd running?
> ping MYPCNAME
> ping mypcname
> getent hosts MYPCNAME
> etc.
>
> HTH
> Steve
>
>
resolv.conf:

# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
search dom.forest.int

Ubuntu is using the dnsmasq-base on all recent version hence the 
127.0.0.1 above

smb.conf:

# cat /etc/samba/smb.conf
  [global]

    netbios name = MYPCNAME
    workgroup = DOM
    security = ADS
    realm = DOM.FOREST.INT
    encrypt passwords = yes

    idmap config *:backend = tdb
    idmap config *:range = 70001-80000
    idmap config DOM:backend = ad
    idmap config DOM:schema_mode = rfc2307
    idmap config DOM:range = 500-40000

    winbind nss info = rfc2307
    winbind trusted domains only = no
    winbind use default domain = yes
    winbind enum users  = yes
    winbind enum groups = yes
    kerberos method = system keytab

ping replies correctly in the PC hostname for both lower case and 
uppercase. Also true for other computers in the network

getent replies correctly as well

nscd is not installed (It is not mentioned in the guide).
So probably the problem is nscd? Should I install it?

More information about the samba mailing list