[Samba] Fail to join a DC to a Domain
Rowland penny
rpenny at samba.org
Mon Feb 1 14:35:46 UTC 2016
On 01/02/16 14:01, Francesco Berni wrote:
> On 01/30/2016 01:52 PM, Rowland penny wrote:
>
>> Your problems seem to start here:
>>
>> Server ldap/DC01.MYDOMAIN.NET at MYDOMAIN.NET is not registered with our
>> KDC: Miscellaneous failure (see text): Server
>> (ldap/DC01.MYDOMAIN.NET at MYDOMAIN.NET) unknown
>>
>> what is the ipaddress of your first AD DC ?
>> can you post /etc/resolv.conf, /etc/hosts and /etc/krb5.conf
>>
>> Rowland
>>
> Hi,
>
> i need to anonimize them a bit but i can post them
>
>
> /etc/hosts:
> 127.0.0.1 localhost
> <dc1 ip> dc01.mydomain.net dc01
> <dc2 ip> dc02.mydomain.net dc02
>
> # The following lines are desirable for IPv6 capable hosts
> ::1 localhost ip6-localhost ip6-loopback
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
>
>
> resolv.conf:
> domain mydomain.net
> search mydomain.net
>
> # questo e' l'ip del dominio locale, sempre attivo CON samba4
> #nameserver <dc2 ip>
>
> # questo e' l'altro dominio, da abilitare SOLO quando samba4 qui e' fermo
> nameserver <dc1 ip>
>
>
>
> this is my krb5.conf:
> [libdefaults]
> default_realm = MYDOMAIN.NET
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
Remove:
<dc1 ip> dc01.mydomain.net dc01
From /etc/hosts
set /etc/resolv.conf to this:
search mydomain.net
nameserver <dc1 ip>
Your /etc/krb5.conf is correct
So, provided that Samba is running on the DC and you don't have a
firewall in the way, it should work.
I don't suppose you have another kerberos server running on the DC ? or,
on the second machine you are trying to join ?
Rowland
More information about the samba
mailing list