[Samba] After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command

Wed Dec 2 12:08:58 UTC 2015

Can't you just disable dnsmasq service?

You don't seem to be too much confident in that tool and you have DNS
issue...

dnsmasq has most certainly a good reason to exist. I just don't know it. In
IT for work we generally don't need such tool as infrastructures of
companies are meant to be stable. As the clients configuration.

So I would start with dnsmasq removal, then I would [learn how to]
configure manually this client, then I would re-run test, starting with
small tests (DNS with dig/nslookup, kinit...)

2015-12-01 21:40 GMT+01:00 Jonathan S. Fisher <
jonathan at springventuregroup.com>:

> So everything with the hostname with now resolving correctly, without the
> 127.0.1.1 hack anymore. We just had to make sure DHCP was handing out the
> correct domain, which it is now:
>
> $ hostname -d
> windows.corp.XXX.com
> $ hostname -f
> freeradius.windows.corp.XXX.com
>
> I deleted all the shared secrets, removed the computer from AD and
> rejoined... but of course, we're still getting the exact same issue... :(
> It's still trying to query the wrong DNS entry.
>
>
> On Tue, Dec 1, 2015 at 12:12 PM, Rowland Penny <
> rowlandpenny241155 at gmail.com
> > wrote:
>
> > On 01/12/15 17:27, Jonathan S. Fisher wrote:
> >
> >> It isn't running, one of the first things I do when setting up a new DC
> is
> >>>
> >> to remove nscd if it is installed.
> >> Ah ok... well this isn't a DC, just a member... is NSCD ok to run as a
> >> member? Otherwise I can remove it.
> >>
> >
> > I would remove it, everything dns wise should come from an AD DC
> >
> >
> >> you get a caching dnsmasq server as standard
> >>>
> >> Not on ubuntu server...  There is no dnsmasq package installed nor is it
> >> in
> >> ps -ef
> >>
> >
> > Ah, so no GUI then, ok in this case you probably wont have Network
> Manager
> > installed either.
> >
> > If you have to have that 127.0.1.1 line in /etc/hosts, you have dns
> >>>
> >> problems.
> >> I'll try to figure out how to get the client to have a FQDN without the
> >> line in /etc/hosts
> >>
> >
> > If this machine is going to be a fileserver, you would probably be better
> > using a fixed ip, but if you going to have other Unix domain members
> using
> > dhcp, you need to sort this problem.
> >
> >
> >> I really am starting to hate Active Directory...
> >>
> >
> > I just hate microsoft, it cuts out the middle man :-D
> >
> > Rowland
> >
> >
> >> On Tue, Dec 1, 2015 at 11:22 AM, Rowland Penny <
> >> rowlandpenny241155 at gmail.com
> >>
> >>> wrote:
> >>> On 01/12/15 17:09, Jonathan S. Fisher wrote:
> >>>
> >>> So your client did no DNS lookups?? That's crazy. Could they be cached?
> >>> (Can you disable nscd if you have it running and try again?)
> >>>
> >>>
> >>> It isn't running, one of the first things I do when setting up a new DC
> >>> is
> >>> to remove nscd if it is installed.
> >>>
> >>>
> >>> Why, in your deity's name, why?????
> >>>>
> >>> I'm starting my own caliphate. Seems to be all the rage these days.
> >>>
> >>> Dnsmasq isn't running locally... it's the main DNS server at
> >>> 192.168.127.129. At one time I guess we were running Bind, but he
> >>> switched
> >>> to dnsmasq for simplicity. If there's a legit reason why Windows needs
> to
> >>> handle 100% of the DNS and DHCP for the network... well that's a little
> >>> scary of a thought. Are these things in no way interoperable?
> >>>
> >>>
> >>> On Ubuntu, you get a caching dnsmasq server as standard, this is
> >>> controlled by Network Manager, this shouldn't be running on an AD
> client
> >>> (note this is only from my experience, it seems to interfere with AD
> >>> dns).
> >>>
> >>> DHCP doesn't need to be running on the DC, but it needs to give your
> >>> client the required info, see my previous post for what mine sends.
> >>> Your AD clients need to use your AD DCs as their DNS servers, anything
> >>> your DCs don't know about i.e. google should be forwarded to a DNS
> server
> >>> that does i.e. your dnsmasq machine
> >>>
> >>> Your problem isn't that net is using the workgroup name, it is that
> your
> >>> machine doesn't seem to know who it is and where the DCs are :-)
> >>>
> >>>
> >>> Mind you, until you get 'hostname -f' to return your FQDN, it will not
> >>>>
> >>> work correctly.
> >>> Well this "works" right now with what I put into /etc/hosts. Are you
> >>> saying it has to work purely from dhcp?
> >>>
> >>>
> >>>
> >>> If you have to have that 127.0.1.1 line in /etc/hosts, you have dns
> >>> problems.
> >>>
> >>> Rowland
> >>>
> >>>
> >>>
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
>
> --
> Email Confidentiality Notice: The information contained in this
> transmission is confidential, proprietary or privileged and may be subject
> to protection under the law, including the Health Insurance Portability and
> Accountability Act (HIPAA). The message is intended for the sole use of the
> individual or entity to whom it is addressed. If you are not the intended
> recipient, you are notified that any use, distribution or copying of the
> message is strictly prohibited and may subject you to criminal or civil
> penalties. If you received this transmission in error, please contact the
> sender immediately by replying to this email and delete the material from
> any computer.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>