[Samba] After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command
Jonathan S. Fisher
jonathan at springventuregroup.com
Sat Dec 12 16:26:05 UTC 2015
FYI, we never got this working. Oddly enough, when we used Zentyal to join,
it works just fine. Some mysteries....
On Wed, Dec 9, 2015 at 1:03 PM, Jonathan S. Fisher <
jonathan at springventuregroup.com> wrote:
> Here's a random question... would it matter if our domain has trust
> relationships setup?
>
> *Jonathan S. Fisher*
> *VP - Information Technology*
> *Spring Venture Group*
>
> On Wed, Dec 9, 2015 at 9:34 AM, mathias dufresne <infractory at gmail.com>
> wrote:
>
>> Hi Jonathan,
>>
>> You wrote:
>> domain windows.corp.springventuregroup.com
>> search windows.corp.*pringventuregroupcom*
>> nameserver 192.168.127.131
>> nameserver 192.168.112.4
>>
>> Is this a typo error when copying the content or is it a content error in
>> your resolv.conf?
>>
>> If you really have that "search" line in your resolv.conf it would be
>> logical that rsetarting Samba services you get the error "unable to resolve
>> host freeradius" as it will be extended in:
>> freeradius.windows.corp.pringventuregroupcom
>> rather than:
>> freeradius.windows.corp.springventuregroup.com
>>
>> If this is not a typo error I would check the "resolvconf" configuration
>> or remove the use of that tool (temporarily or not) on that box.
>>
>> If this is not a typo, I'm puzzled...
>>
>> Hoping for you to get a solution,
>>
>> mathias
>>
>> 2015-12-07 19:04 GMT+01:00 Jonathan S. Fisher <
>> jonathan at springventuregroup.com>:
>>
>>> Hey Rowland, be kind and avoid passive aggressive comments. I'm just
>>> looking to try and get this to work, thanks. If I knew everything
>>> already,
>>> I wouldn't be here asking questions and trying to solve my own problem. I
>>> appreciate your help so far, but if you don't have anything nice say,
>>> please just ignore this thread.
>>>
>>> So:
>>> jonathan.fisher at freeradius:~$ sudo hostname -y
>>> hostname: Local domain name not set
>>> jonathan.fisher at freeradius:~$ sudo hostname -d
>>> windows.corp.springventuregroup.com
>>> jonathan.fisher at freeradius:~$ sudo hostname -f
>>> freeradius.windows.corp.springventuregroup.com
>>>
>>> Unfortunately, since this box is an LXC container, I can't run the syctl
>>> command:
>>> jonathan.fisher at freeradius:~$ sysctl -w kernel.domainname="
>>> windows.corp.XXX.com"
>>> sysctl: permission denied on key 'kernel.domainname'
>>>
>>> We're good here:
>>> jonathan.fisher at freeradius:~$ cat /etc/hostname
>>> freeradiusjonathan.fisher at freeradius:~$
>>>
>>> So I added
>>> dns proxy = true
>>>
>>> No dice, same output as before.
>>>
>>> Made this change:
>>> jonathan.fisher at freeradius:~$ cat /etc/resolv.conf
>>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by
>>> resolvconf(8)
>>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
>>> domain windows.corp.springventuregroup.com
>>> search windows.corp.pringventuregroupcom
>>> nameserver 192.168.127.131
>>> nameserver 192.168.112.4
>>>
>>> Also the same output, but this message popped up after restarting samba:
>>> jonathan.fisher at freeradius:~$ sudo service sernet-samba-winbindd
>>> restart &&
>>> sudo service sernet-samba-nmbd restart && sudo service sernet-samba-smbd
>>> restart
>>> sudo: unable to resolve host freeradius
>>> Shutting down SAMBA winbindd : *
>>> Starting SAMBA winbindd : *
>>> sudo: unable to resolve host freeradius
>>> Shutting down SAMBA nmbd : *
>>> Starting SAMBA nmbd : *
>>> sudo: unable to resolve host freeradius
>>> Shutting down SAMBA smbd : *
>>> Starting SAMBA smbd : *
>>>
>>> No idea if that's relevant...
>>>
>>> So I undid the resolv.conf change, and here's the output of testparam:
>>>
>>> jonathan.fisher at freeradius:~$ testparm -v | grep net
>>> Load smb config files from /etc/samba/smb.conf
>>> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
>>> Loaded services file OK.
>>> Server role: ROLE_DOMAIN_MEMBER
>>>
>>> Press enter to see a dump of your service definitions
>>>
>>> netbios name = FREERADIUS
>>> netbios aliases =
>>> netbios scope =
>>> disable netbios = No
>>> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon,
>>> lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6,
>>> backupkey,
>>> dnsserver
>>>
>>> Sigh... thanks. I'm appreciate your patience and your help.
>>>
>>>
>>> On Fri, Dec 4, 2015 at 3:33 AM, Rowland penny <rpenny at samba.org> wrote:
>>>
>>> > On 04/12/15 09:21, Sven Schwedas wrote:
>>> >
>>> >> On 2015-12-04 10:11, Rowland penny wrote:
>>> >>
>>> >>> I still think it is his weird dns setup, were he has a dnsmasq server
>>> >>> replicating what the DCs know (or is supposed to). I think the sheer
>>> >>> fact that he didn't know what lmhosts is, says a lot.
>>> >>>
>>> >> We're using such a setup in production without any problems. How about
>>> >> less wild blind guessing and user shaming, and more actual help?
>>> >>
>>> >>
>>> >>
>>> >>
>>> > Sven, you may be using a similar system, but it isn't recommended. The
>>> OP
>>> > is having problems getting a Samba domain member working, I have tried
>>> to
>>> > point him in the direction of a known working set up, once he has this
>>> > working, what he does with it, is up to him. He may be able to use the
>>> > dnsmasq server, I don't know, but if he has a working system and it
>>> stops
>>> > working when he adds in the dnsmasq server, he will know where to look,
>>> > won't he!
>>> >
>>> >
>>> > Rowland
>>> >
>>> > --
>>> > To unsubscribe from this list go to the following URL and read the
>>> > instructions: https://lists.samba.org/mailman/options/samba
>>> >
>>>
>>> --
>>> Email Confidentiality Notice: The information contained in this
>>> transmission is confidential, proprietary or privileged and may be
>>> subject
>>> to protection under the law, including the Health Insurance Portability
>>> and
>>> Accountability Act (HIPAA). The message is intended for the sole use of
>>> the
>>> individual or entity to whom it is addressed. If you are not the intended
>>> recipient, you are notified that any use, distribution or copying of the
>>> message is strictly prohibited and may subject you to criminal or civil
>>> penalties. If you received this transmission in error, please contact the
>>> sender immediately by replying to this email and delete the material from
>>> any computer.
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>
>>
>
--
Email Confidentiality Notice: The information contained in this
transmission is confidential, proprietary or privileged and may be subject
to protection under the law, including the Health Insurance Portability and
Accountability Act (HIPAA). The message is intended for the sole use of the
individual or entity to whom it is addressed. If you are not the intended
recipient, you are notified that any use, distribution or copying of the
message is strictly prohibited and may subject you to criminal or civil
penalties. If you received this transmission in error, please contact the
sender immediately by replying to this email and delete the material from
any computer.
More information about the samba
mailing list