[Samba] Few questions about members
Steve Campbell
campbell at cnpapers.com
Thu Jun 5 08:35:37 MDT 2014
On 6/4/2014 4:05 PM, steve wrote:
> On Wed, 2014-06-04 at 15:57 -0400, Steve Campbell wrote:
>> On 6/4/2014 3:37 PM, Steve Campbell wrote:
>>> On 6/4/2014 3:13 PM, steve wrote:
>>>> On Wed, 2014-06-04 at 12:22 -0400, Steve Campbell wrote:
>>>>> Top posting now because the original was useless.
>>>>>
>>>>> When we try to join a member to the domain, the following results
>>>>> are given:
>>>>>
>>>>> # /usr/local/samba/bin/net ads join -U administrator
>>>>> Enter administrator's password:
>>>>> Using short domain name -- TS
>>>>> Joined 'MEMBER1' to dns domain 'ts.mystuff.com'
>>>>> DNS Update for member1.ts.mystuff.com failed: ERROR_DNS_UPDATE_FAILED
>>>>> DNS update failed: NT_STATUS_UNSUCCESSFUL
>>>>>
>>>>> DNS seems to work as expected, though. The previous tests showed
>>>>> working
>>>>> DNS.
>>>> That's the worrying part. Samba still issues tickets even with the wrong
>>>> (or no) dns registered in AD.
>>>>> We have even added the A record for the server manually.
>>>>>
>>>>> # host -t A member1.ts.mystuff.com
>>>>> member1.ts.mystuff.com has address 192.9.200.84
>>>> Hi
>>>> It doesn't matter if you add the record or not. It is the machine you
>>>> are joining which HAS to send it's own ID. The best (only way we've
>>>> found at least) way to do this is in /etc/hosts
>>>> 127.0.0.1 member1.ts.mystuff.com member1 localhost
>>>>
>>>> If you're dhcp, you'll also need some way to update the dns on the DC
>>>> although worryingly, as we just said, you can still get tickets with the
>>>> wrong or no IP in AD.
>>>> HTH
>>>> Steve
>>>>
>>>>
>>> Does it have to be localhost? I didn't install this machine, and just
>>> discovered the person who put Centos on only used "Storage" as the
>>> hostname (not fully qualified). I don't think it matters in this venue
>>> what the real hostname is as long as the Netbios name matches what you
>>> put in the host file.
>>>
>>> So, now that I know things must be in hosts (I presume it needs to be
>>> that way on the AD as well?), do I need to do anything like Un"join"
>>> and then re"join" the member?
>>>
>>> Any thing that clues us in helps, so I'm sure you've helped a bit.
>>>
>>> steve
>> My hosts file now has this line in it:
>>
>> 127.0.0.1 localhost localhost.localdomain localhost4
>> localhost4.localdomain4 member1.ts.mystuff.com member1
>>
>> I seemed to recall that each line in hosts could only have 4 names, but
>> left the default installed names on the localhost line.
>>
>> I stopped and restarted smbd, nmbd, and winbindd to no avail. I then
>> tried rejoining as a member with no benefits.
> Please help us to help you. We have already given you the correct line
> for /etc/hosts. Why not use that?
>
>
So frustrating...for me and most likely all of you to have to keep
seeing my name pop up on the list... but
I'm now following this page:
https://wiki.samba.org/index.php/Setup_and_configure_file_shares
When I get to the section SeDiskOperatorPrivilege, I'm getting the
following error:
]# /usr/local/samba/bin/net rpc rights grant 'TS/Domain Admins'
SeDiskOperatorPrivilege -Uadministrator
Enter administrator's password:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_IO_TIMEOUT
I thought maybe I had the "Domain Admins" wrong, but after trying a few
other commands, I get basically the same thing. Googling only tells me
this is a common error for about 487 different things, and none ever
seem to provide solutions.
System restarts and restarting smbd, nmbd, and winbindd doesn't change
the error.
Does this sound familiar to anyone else?
steve campbell
More information about the samba
mailing list