[Samba] Fwd: Samba4 as AD server

Morgan Blackthorne stormerider at gmail.com
Thu Nov 20 03:41:37 MST 2014

So I set up two of my three Linode servers in the Texas datacenter as
Samba4 domain controllers. (One to provision the domain, and one joining
it.) These have IPTables in place that allow my home IP address to access
any protocol/port, and 53 is allowed from everywhere for both tcp and udp.
The domain that I configured is AD.WINDSOFSTORM.NET, and I have delegated
NS records for that subdomain to the two servers that are running Samba
(using the Samba internal DNS server). My understanding, although this was
not covered explicitly in any of the docs that I found, was that this would
be sufficient for DNS purposes so that I would not have to repoint my
workstation to use those servers directly for DNS resolution; the requests
for anything under that subdomain will get properly routed there instead by
the normal internet DNS architecture.

However, I am unable to join the domain. Looking at the logs, I don't see
anything going on. I tried just manually connecting to \\
sage.windsofstorm.net, the PDC, and I got "Windows cannot access this
share". But I can use netcat to reach the server over UDP 139/TCP 389/etc.
Is there something that I need to specify given that the server is on a
different network than my home network? (I can't set up a VPN to their
internal network at this point in time as I already have a VPN in place for
work. Maybe down the line.)

I'm a little confused as to what I should be checking at this point. All
the guides I've found seem to indicate that it should "just work" at this

