[Samba] Logins differ for ip/DNS on ad dc

Rowland Penny rpenny at samba.org
Sun Nov 6 14:23:39 UTC 2016


On Sun, 6 Nov 2016 15:05:39 +0100
Maximilian Kirchner via samba <samba at lists.samba.org> wrote:

> >
> > This sounds like a dns problem, are your windows machines using the
> > DC as their nameserver ?
> >
> 
> yes they are using the server as dns. DNS is done through bind9 and
> implemented in samba via bind9_dlz. All looks fine:
> $ host -t A smb.wie
> smb.wie has address 192.168.1.50
> $ host -t SRV _kerberos._udp.smb.wie
> _kerberos._udp.smb.wie has SRV record 0 100 88 srv.smb.wie.
> $ host -t SRV _ldap._tcp.smb.wie
> _ldap._tcp.smb.wie has SRV record 0 100 389 srv.smb.wie.

These look like they are being run on the DC, what about from the
windows clients ?

> 
> And thanks for your explanation on rid / ad but it seems to me like
> it is not relevant here - I am using only one server for everything
> (I know it is not advised to do so).

It is your DC and you can do as you wish, I think I should point out
that SME is moving towards what you are doing. There are technical
reasons why it is not recommended to use the DC as a fileserver, but if
you can work around these, there is no reason not to use the DC as a
fileserver. One of the main, visible, problems is that winbind on a DC
only uses the uidNumber & gidNumber attributes, you have to use the
'template' lines in smb.conf.

Can you post your bind9 conf files, there may be something relevant
there.

Rowland



More information about the samba mailing list