[Samba] Few questions about members

Thu Jun 5 08:42:17 MDT 2014

On 6/5/2014 10:35 AM, Steve Campbell wrote:
>
> On 6/4/2014 4:05 PM, steve wrote:
>> On Wed, 2014-06-04 at 15:57 -0400, Steve Campbell wrote:
>>> On 6/4/2014 3:37 PM, Steve Campbell wrote:
>>>> On 6/4/2014 3:13 PM, steve wrote:
>>>>> On Wed, 2014-06-04 at 12:22 -0400, Steve Campbell wrote:
>>>>>> Top posting now because the original was useless.
>>>>>>
>>>>>> When we try to join a member to the domain, the following results
>>>>>> are given:
>>>>>>
>>>>>> # /usr/local/samba/bin/net ads join -U administrator
>>>>>> Enter administrator's password:
>>>>>> Using short domain name -- TS
>>>>>> Joined 'MEMBER1' to dns domain 'ts.mystuff.com'
>>>>>> DNS Update for member1.ts.mystuff.com failed: 
>>>>>> ERROR_DNS_UPDATE_FAILED
>>>>>> DNS update failed: NT_STATUS_UNSUCCESSFUL
>>>>>>
>>>>>> DNS seems to work as expected, though. The previous tests showed
>>>>>> working
>>>>>> DNS.
>>>>> That's the worrying part. Samba still issues tickets even with the 
>>>>> wrong
>>>>> (or no) dns registered in AD.
>>>>>> We have even added the A record for the server manually.
>>>>>>
>>>>>> # host -t A member1.ts.mystuff.com
>>>>>> member1.ts.mystuff.com has address 192.9.200.84
>>>>> Hi
>>>>> It doesn't matter if you add the record or not. It is the machine you
>>>>> are joining which HAS to send it's own ID. The best (only way we've
>>>>> found at least) way to do this is in /etc/hosts
>>>>> 127.0.0.1 member1.ts.mystuff.com member1 localhost
>>>>>
>>>>> If you're dhcp, you'll also need some way to update the dns on the DC
>>>>> although worryingly, as we just said, you can still get tickets 
>>>>> with the
>>>>> wrong or no IP in AD.
>>>>> HTH
>>>>> Steve
>>>>>
>>>>>
>>>> Does it have to be localhost? I didn't install this machine, and just
>>>> discovered the person who put Centos on only used "Storage" as the
>>>> hostname (not fully qualified). I don't think it matters in this venue
>>>> what the real hostname is as long as the Netbios name matches what you
>>>> put in the host file.
>>>>
>>>> So, now that I know things must be in hosts (I presume it needs to be
>>>> that way on the AD as well?), do I need to do anything like Un"join"
>>>> and then re"join" the member?
>>>>
>>>> Any thing that clues us in helps, so I'm sure you've helped a bit.
>>>>
>>>> steve
>>> My hosts file now has this line in it:
>>>
>>> 127.0.0.1   localhost localhost.localdomain localhost4
>>> localhost4.localdomain4 member1.ts.mystuff.com member1
>>>
>>> I seemed to recall that each line in hosts could only have 4 names, but
>>> left the default installed names on the localhost line.
>>>
>>> I stopped and restarted smbd, nmbd, and winbindd to no avail. I then
>>> tried rejoining as a member with no benefits.
>> Please help us to help you. We have already given you the correct line
>> for /etc/hosts. Why not use that?
>>
>>
> So frustrating...for me and most likely all of you to have to keep 
> seeing my name pop up on the list... but
>
> I'm now following this page:
>
> https://wiki.samba.org/index.php/Setup_and_configure_file_shares
>
> When I get to the section SeDiskOperatorPrivilege, I'm getting the 
> following error:
>
> ]# /usr/local/samba/bin/net rpc rights grant 'TS/Domain Admins' 
> SeDiskOperatorPrivilege -Uadministrator
> Enter administrator's password:
> Could not connect to server 127.0.0.1
> Connection failed: NT_STATUS_IO_TIMEOUT
>
> I thought maybe I had the "Domain Admins" wrong, but after trying a 
> few other commands, I get basically the same thing. Googling only 
> tells me this is a common error for about 487 different things, and 
> none ever seem to provide solutions.
>
> System restarts and restarting smbd, nmbd, and winbindd doesn't change 
> the error.
>
> Does this sound familiar to anyone else?
>
> steve campbell
Something is also changing my /etc/resolv.conf file. I suspect it is 
during a reboot. I have the ifcfg file set to no for NetworkManager and 
NetworkManager does not start at boot time.

steve