[Samba] Fwd: net ads join -> "The connection was refused"

Artur Moor digunit24 at gmail.com
Fri Dec 16 11:36:33 UTC 2016 

If I remove 'nmbd bind explicit broadcast = no' then 'smbd' can't start
because samba is running i jailed einvironment.

AD DC is a Windows Server 2016 Standard

Yes there is a firewall but I get the same error if disable the firewall.

2016-12-16 12:27 GMT+01:00 Rowland Penny via samba <samba at lists.samba.org>:

> On Fri, 16 Dec 2016 12:08:05 +0100
> Artur Moor via samba <samba at lists.samba.org> wrote:
>
> > I don't want to join samba as DC, i am trying to join samba as member
> > to AD.
> >
> > My setup ist:
> > DC: dc1.ad.interdekor.com.ua (10.0.140.2)
> > NETBIOS NAME: INTERDEKOR
> >
> > ------------------------
> > SAMBA SERVER: 10.0.140.3
> > ------------------------
> > root at samba:~# uname -nrs
> > FreeBSD samba.ad.interdekor.com.ua 11.0-RELEASE
> >
> > root at samba:~# samba-tool -V
> > 4.4.5
> >
> > root at samba:~# cat /etc/resolv.conf
> > search ad.interdekor.com.ua
> > nameserver 10.0.140.2
> >
> > root at samba:~# cat /etc/krb5.conf
> > [libdefaults]
> >   default_realm = AD.INTERDEKOR.COM.UA
> >   dns_lookup_realm = true
> >   dns_lookup_kdc = true
> >
> > root at samba:~# cat /usr/local/etc/smb4.conf
> > [global]
> >   netbios name = SAMBA
> >   realm = AD.INTERDEKOR.COM.UA
> >   security = ads
> >   workgroup = INTERDEKOR
> >
> >   nmbd bind explicit broadcast = no
> >
> >   use sendfile = true
> >
> >   idmap config * : backend = tdb
> >   idmap config * : range = 60000-69999
> >   idmap config INTERDEKOR : backend = ad
> >   idmap config INTERDEKOR : schema_mode = rfc2307
> >   idmap config INTERDEKOR : range = 10000-59999
> >
> >   winbind separator = +
> >   winbind enum users = yes
> >   winbind enum groups = yes
> >   winbind use default domain = yes
> >   winbind refresh tickets = yes
> >
> >   restrict anonymous = 2
> >
> >   log file = /var/log/samba4/log.%m
> >
> >
>
> Try removing 'nmbd bind explicit broadcast = no', everything else looks
> okay.
> What is the AD DC ?
> Is it running a firewall ?
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list