[Samba] Fail to join a DC to a Domain

[Francesco Berni]

On 02/01/2016 03:35 PM, Rowland penny wrote:
> On 01/02/16 14:01, Francesco Berni wrote:
>> On 01/30/2016 01:52 PM, Rowland penny wrote:
>>
>>> Your problems seem to start here:
>>>
>>> Server ldap/DC01.MYDOMAIN.NET at MYDOMAIN.NET is not registered with our
>>> KDC:  Miscellaneous failure (see text): Server
>>> (ldap/DC01.MYDOMAIN.NET at MYDOMAIN.NET) unknown
>>>
>>> what is the ipaddress of your first AD DC ?
>>> can you post /etc/resolv.conf, /etc/hosts and /etc/krb5.conf
>>>
>>> Rowland
>>>
>> Hi,
>>
>> i need to anonimize them a bit but i can post them
>>
>>
>> /etc/hosts:
>> 127.0.0.1    localhost
>> <dc1 ip>    dc01.mydomain.net dc01
>> <dc2 ip>    dc02.mydomain.net dc02
>>
>> # The following lines are desirable for IPv6 capable hosts
>> ::1     localhost ip6-localhost ip6-loopback
>> ff02::1 ip6-allnodes
>> ff02::2 ip6-allrouters
>>
>>
>> resolv.conf:
>> domain mydomain.net
>> search mydomain.net
>>
>> # questo e' l'ip del dominio locale, sempre attivo CON samba4
>> #nameserver <dc2 ip>
>>
>> # questo e' l'altro dominio, da abilitare SOLO quando samba4 qui e'
>> fermo
>> nameserver <dc1 ip>
>>
>>
>>
>> this is my krb5.conf:
>> [libdefaults]
>>     default_realm = MYDOMAIN.NET
>>     dns_lookup_realm = false
>>     dns_lookup_kdc = true
>>
>>
>
>
> Remove:
>
> <dc1 ip>    dc01.mydomain.net dc01
>
> From /etc/hosts
>
> set /etc/resolv.conf to this:
>
> search mydomain.net
> nameserver <dc1 ip>
>
> Your /etc/krb5.conf is correct
>
> So, provided that Samba is running on the DC and you don't have a
> firewall in the way, it should work.
>
> I don't suppose you have another kerberos server running on the DC ?
> or, on the second machine you are trying to join ?
>

No i should not have any more.

Thank you very much,
them moment i have some time to work on that i'll come back at you.

-- 
Francesco Berni 
Laboratori Guglielmo Marconi S.p.a. 
web: http://www.labs.it - email: francesco.berni at labs.it