[Samba] After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command

Jonathan S. Fisher jonathan at springventuregroup.com
Mon Nov 30 20:01:56 UTC 2015

Hey guys,

I've successfully joined the domain with "sudo net ads join -k". However,
when I try to run this: "sudo net rpc info" I get this error: "Unable to
find a suitable server for domain WINDOWS"

I dumped the DNS requests and it looks like the problem is that it's asking
for ldap entries under the workgroup name, not the FQDN:

>From Wireshark:

_ldap._tcp.pdc._msdcs.WINDOWS: type SRV, class IN
Name: _ldap._tcp.pdc._msdcs.WINDOWS

Ok great, so if I dig that with the command: "dig
_ldap._tcp.pdc._msdcs.WINDOWS"  dig times out. If I dig the FQDN: "dig
_ldap._tcp.pdc._msdcs.WINDOWS.CORP.XXX.COM" I get a response instantly.

Is this a problem with my windows domain controller (how do I make it
respond to those queries)? Or is this a problem with my samba setup?

Samba version:  4.2.5-SerNet-Ubuntu-8.trusty

Here is my smb.conf:

domain master=no
local master=no
preferred master=no
load printers=no
printcap name=/dev/null
disable spoolss=yes
idmap backend=tdb
idmap uid=10000-99999
idmap gid=10000-99999
winbind enum users=yes
winbind enum groups=yes
winbind use default domain=yes
winbind nested groups=yes
winbind refresh tickets=yes
winbind offline logon=yes
template shell=/bin/false
client use spnego=yes
client ntlmv2 auth=yes
encrypt passwords=yes
restrict anonymous=2
log file=/var/log/samba/samba.log
log level=2
dcerpc endpoint servers=remote
wins support=no

Email Confidentiality Notice: The information contained in this 
transmission is confidential, proprietary or privileged and may be subject 
to protection under the law, including the Health Insurance Portability and 
Accountability Act (HIPAA). The message is intended for the sole use of the 
individual or entity to whom it is addressed. If you are not the intended 
recipient, you are notified that any use, distribution or copying of the 
message is strictly prohibited and may subject you to criminal or civil 
penalties. If you received this transmission in error, please contact the 
sender immediately by replying to this email and delete the material from 
any computer.

More information about the samba mailing list