[Samba] Logins differ for ip/DNS on ad dc

Rowland Penny rpenny at samba.org
Sun Nov 6 14:23:39 UTC 2016

On Sun, 6 Nov 2016 15:05:39 +0100
Maximilian Kirchner via samba <samba at lists.samba.org> wrote:

> >
> > This sounds like a dns problem, are your windows machines using the
> > DC as their nameserver ?
> >
> yes they are using the server as dns. DNS is done through bind9 and
> implemented in samba via bind9_dlz. All looks fine:
> $ host -t A smb.wie
> smb.wie has address
> $ host -t SRV _kerberos._udp.smb.wie
> _kerberos._udp.smb.wie has SRV record 0 100 88 srv.smb.wie.
> $ host -t SRV _ldap._tcp.smb.wie
> _ldap._tcp.smb.wie has SRV record 0 100 389 srv.smb.wie.

These look like they are being run on the DC, what about from the
windows clients ?

> And thanks for your explanation on rid / ad but it seems to me like
> it is not relevant here - I am using only one server for everything
> (I know it is not advised to do so).

It is your DC and you can do as you wish, I think I should point out
that SME is moving towards what you are doing. There are technical
reasons why it is not recommended to use the DC as a fileserver, but if
you can work around these, there is no reason not to use the DC as a
fileserver. One of the main, visible, problems is that winbind on a DC
only uses the uidNumber & gidNumber attributes, you have to use the
'template' lines in smb.conf.

Can you post your bind9 conf files, there may be something relevant


More information about the samba mailing list