[Samba] After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command
mathias dufresne
infractory at gmail.com
Wed Dec 9 15:34:02 UTC 2015
Hi Jonathan,
You wrote:
domain windows.corp.springventuregroup.com
search windows.corp.*pringventuregroupcom*
nameserver 192.168.127.131
nameserver 192.168.112.4
Is this a typo error when copying the content or is it a content error in
your resolv.conf?
If you really have that "search" line in your resolv.conf it would be
logical that rsetarting Samba services you get the error "unable to resolve
host freeradius" as it will be extended in:
freeradius.windows.corp.pringventuregroupcom
rather than:
freeradius.windows.corp.springventuregroup.com
If this is not a typo error I would check the "resolvconf" configuration or
remove the use of that tool (temporarily or not) on that box.
If this is not a typo, I'm puzzled...
Hoping for you to get a solution,
mathias
2015-12-07 19:04 GMT+01:00 Jonathan S. Fisher <
jonathan at springventuregroup.com>:
> Hey Rowland, be kind and avoid passive aggressive comments. I'm just
> looking to try and get this to work, thanks. If I knew everything already,
> I wouldn't be here asking questions and trying to solve my own problem. I
> appreciate your help so far, but if you don't have anything nice say,
> please just ignore this thread.
>
> So:
> jonathan.fisher at freeradius:~$ sudo hostname -y
> hostname: Local domain name not set
> jonathan.fisher at freeradius:~$ sudo hostname -d
> windows.corp.springventuregroup.com
> jonathan.fisher at freeradius:~$ sudo hostname -f
> freeradius.windows.corp.springventuregroup.com
>
> Unfortunately, since this box is an LXC container, I can't run the syctl
> command:
> jonathan.fisher at freeradius:~$ sysctl -w kernel.domainname="
> windows.corp.XXX.com"
> sysctl: permission denied on key 'kernel.domainname'
>
> We're good here:
> jonathan.fisher at freeradius:~$ cat /etc/hostname
> freeradiusjonathan.fisher at freeradius:~$
>
> So I added
> dns proxy = true
>
> No dice, same output as before.
>
> Made this change:
> jonathan.fisher at freeradius:~$ cat /etc/resolv.conf
> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by
> resolvconf(8)
> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
> domain windows.corp.springventuregroup.com
> search windows.corp.pringventuregroupcom
> nameserver 192.168.127.131
> nameserver 192.168.112.4
>
> Also the same output, but this message popped up after restarting samba:
> jonathan.fisher at freeradius:~$ sudo service sernet-samba-winbindd restart
> &&
> sudo service sernet-samba-nmbd restart && sudo service sernet-samba-smbd
> restart
> sudo: unable to resolve host freeradius
> Shutting down SAMBA winbindd : *
> Starting SAMBA winbindd : *
> sudo: unable to resolve host freeradius
> Shutting down SAMBA nmbd : *
> Starting SAMBA nmbd : *
> sudo: unable to resolve host freeradius
> Shutting down SAMBA smbd : *
> Starting SAMBA smbd : *
>
> No idea if that's relevant...
>
> So I undid the resolv.conf change, and here's the output of testparam:
>
> jonathan.fisher at freeradius:~$ testparm -v | grep net
> Load smb config files from /etc/samba/smb.conf
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> Loaded services file OK.
> Server role: ROLE_DOMAIN_MEMBER
>
> Press enter to see a dump of your service definitions
>
> netbios name = FREERADIUS
> netbios aliases =
> netbios scope =
> disable netbios = No
> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon,
> lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey,
> dnsserver
>
> Sigh... thanks. I'm appreciate your patience and your help.
>
>
> On Fri, Dec 4, 2015 at 3:33 AM, Rowland penny <rpenny at samba.org> wrote:
>
> > On 04/12/15 09:21, Sven Schwedas wrote:
> >
> >> On 2015-12-04 10:11, Rowland penny wrote:
> >>
> >>> I still think it is his weird dns setup, were he has a dnsmasq server
> >>> replicating what the DCs know (or is supposed to). I think the sheer
> >>> fact that he didn't know what lmhosts is, says a lot.
> >>>
> >> We're using such a setup in production without any problems. How about
> >> less wild blind guessing and user shaming, and more actual help?
> >>
> >>
> >>
> >>
> > Sven, you may be using a similar system, but it isn't recommended. The OP
> > is having problems getting a Samba domain member working, I have tried to
> > point him in the direction of a known working set up, once he has this
> > working, what he does with it, is up to him. He may be able to use the
> > dnsmasq server, I don't know, but if he has a working system and it stops
> > working when he adds in the dnsmasq server, he will know where to look,
> > won't he!
> >
> >
> > Rowland
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
>
> --
> Email Confidentiality Notice: The information contained in this
> transmission is confidential, proprietary or privileged and may be subject
> to protection under the law, including the Health Insurance Portability and
> Accountability Act (HIPAA). The message is intended for the sole use of the
> individual or entity to whom it is addressed. If you are not the intended
> recipient, you are notified that any use, distribution or copying of the
> message is strictly prohibited and may subject you to criminal or civil
> penalties. If you received this transmission in error, please contact the
> sender immediately by replying to this email and delete the material from
> any computer.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list