[Samba] Can login but can't add a machine to AD.

Cathryn Mataga cathryn at junglevision.com
Sat Jul 21 07:51:51 UTC 2018 

I'm finally moving to ad, after way way too long. I did the classic 
upgrade, and my existing PC's all can log in fine. I can make new user 
accounts, and log in on those machines fine. My ddns (with bindz) seems 
to be working, and I do see

new ip addresses pop up in there.

The problem is I can't add a new Windows machine to the domain. When I 
trying joining the domain from Windows 10, I get


"The following domain  controllers were identified by the query:

dc1.junglevision.junglevision.com

However no domain controllers could be contacted.


I can telnet to dc1.junglevision.junglevision.com 389 and I see 
something connect. And I'll see samba logs when this happens. When I try 
to join, nothing shows up in log.samba.

I've tried monkeying with firewall settings, but I don't think it's 
that, but maybe I'm missing something? I do notice that 
junglevision.junglevision.com and dc1.junglevision.junglevision.com are 
now resolving to both ip's. Is this bad?



[root at junglevision etc]# cat hosts
127.0.0.1   localhost
192.168.1.145 dc1.junglevision.junglevision.com
50.79.209.145 junglevision.junglevision.com
50.79.209.145 junglevision
[root at junglevision etc]# cat resolv.conf
# Generated by NetworkManager
domain junglevision.junglevision.com
search junglevision.com junglevision.junglevision.com
nameserver 50.79.209.145
nameserver 50.79.209.146
[root at junglevision etc]# cat samba/smb.conf
# Global parameters
[global]
     netbios name = JUNGLEVISION
     realm = JUNGLEVISION.JUNGLEVISION.COM
     server role = active directory domain controller
     server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbindd, ntp_signd, kcc, dnsupdate
     workgroup = JUNGLEVISION
     idmap_ldb:use rfc2307 = yes
     template shell = /bin/bash
     template homedir = /home/%U
     hosts allow = 127.0.0.0/8 50.79.209.144/28 192.168.1.0/24
     hosts deny = 0.0.0.0/0
     interfaces = 50.79.209.145/28 127.0.0.1/8 192.168.1.145/24
     bind interfaces only = yes
     log level = 5


[netlogon]
     path = /var/lib/samba/sysvol/junglevision.junglevision.com/scripts
     read only = No

[sysvol]
     path = /var/lib/samba/sysvol
     read only = No

[root at junglevision etc]# cat krb5.conf
[libdefaults]
     default_realm = JUNGLEVISION.JUNGLEVISION.COM
     dns_lookup_realm = false
     dns_lookup_kdc = true

More information about the samba mailing list