[Samba] Problems joining Samba 4 in the domain

Marcio Demetrio Bacci marciobacci at gmail.com
Mon Aug 12 18:52:11 UTC 2019 

Hi

As described in (
https://wiki.samba.org/index.php/Distribution-specific_Package_Installation)
I haven't installed the follows packages: libpam-winbind libnss-winbind
libpam-krb5

Can this be the problem?

Márcio Bacci

Em seg, 12 de ago de 2019 às 15:42, Marcio Demetrio Bacci <
marciobacci at gmail.com> escreveu:

> Hi,
>
> I have restarted, but it didn't solve the problem.
>
> /etc/init.d/samba-ad-dc status
>   samba-ad-dc.service - Samba AD Daemon
>    Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled;
> vendor preset: enabled)
>    Active: active (running) since Mon 2019-08-12 15:32:18 -03; 9s ago
>      Docs: man:samba(8)
>            man:samba(7)
>            man:smb.conf(5)
>  Main PID: 575 (samba)
>    Status: "smbd: ready to serve connections..."
>     Tasks: 22 (limit: 4915)
>    CGroup: /system.slice/samba-ad-dc.service
>            ├─575 /usr/sbin/samba
>            ├─634 /usr/sbin/samba
>            ├─635 /usr/sbin/samba
>            ├─636 /usr/sbin/samba
>            ├─637 /usr/sbin/smbd -D --option=server role check:inhibit=yes
> --foreground
>            ├─638 /usr/sbin/samba
>            ├─639 /usr/sbin/samba
>            ├─640 /usr/sbin/samba
>            ├─641 /usr/sbin/samba
>            ├─642 /usr/sbin/samba
>            ├─643 /usr/sbin/samba
>            ├─644 /usr/sbin/samba
>            ├─645 /usr/sbin/samba
>            ├─646 /usr/sbin/samba
>            ├─647 /usr/sbin/winbindd -D --option=server role
> check:inhibit=yes --foreground
>            ├─648 /usr/sbin/samba
>            ├─653 /usr/sbin/winbindd -D --option=server role
> check:inhibit=yes --foreground
>            ├─654 /usr/sbin/smbd -D --option=server role check:inhibit=yes
> --foreground
>            ├─655 /usr/sbin/smbd -D --option=server role check:inhibit=yes
> --foreground
>            ├─658 /usr/sbin/winbindd -D --option=server role
> check:inhibit=yes --foreground
>            ├─659 /usr/sbin/winbindd -D --option=server role
> check:inhibit=yes --foreground
>            └─660 /usr/sbin/smbd -D --option=server role check:inhibit=yes
> --foreground
>
> ago 12 15:32:21 samba4-new-dc samba[646]: [2019/08/12 15:32:21.359025,  0]
> ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
> ago 12 15:32:21 samba4-new-dc samba[646]:   /usr/sbin/samba_dnsupdate:
> NTLMSSP Sign/Seal - Initialising with flags:
> ago 12 15:32:21 samba4-new-dc samba[646]: [2019/08/12 15:32:21.359054,  0]
> ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
> ago 12 15:32:21 samba4-new-dc samba[646]:   /usr/sbin/samba_dnsupdate: Got
> NTLMSSP neg_flags=0x62088215
> ago 12 15:32:21 samba4-new-dc samba[646]: [2019/08/12 15:32:21.362538,  0]
> ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
> ago 12 15:32:21 samba4-new-dc samba[646]:   /usr/sbin/samba_dnsupdate:
> NTLMSSP Sign/Seal - Initialising with flags:
> ago 12 15:32:21 samba4-new-dc samba[646]: [2019/08/12 15:32:21.362590,  0]
> ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
> ago 12 15:32:21 samba4-new-dc samba[646]:   /usr/sbin/samba_dnsupdate: Got
> NTLMSSP neg_flags=0x62088215
> ago 12 15:32:21 samba4-new-dc samba[646]: [2019/08/12 15:32:21.390860,  0]
> ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
> ago 12 15:32:21 samba4-new-dc samba[646]:   /usr/sbin/samba_dnsupdate:
> ERROR: Record already exists
>
>
> Follows my smb.conf:
>
> cat /etc/samba/smb.conf
> # Global parameters
> [global]
> netbios name = SAMBA4-NEW-DC
> realm = EMPRESA.COM.BR
> workgroup = EMPRESA
> log level = 3
> server role = active directory domain controller
>     dns forwarder = 192.168.1.1 192.168.1.2
>     dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool
>
> [netlogon]
> path = /var/lib/samba/sysvol/empresa.com.br/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
>
> Regards,
>
> Márcio Bacci
>
> Em seg, 12 de ago de 2019 às 15:11, Rowland penny via samba <
> samba at lists.samba.org> escreveu:
>
>> On 12/08/2019 18:56, Marcio Demetrio Bacci wrote:
>> > Hi,
>> >
>> > I have downgraded samba 4.7 (van-belle repository) to 4.5.16 from the
>> > Debian 9 repository and was able to put it in the domain.
>> >
>> > root at samba4-new-dc:/etc/samba# samba -V
>> > Version 4.5.16-Debian
>> >
>> > samba-tool domain join empresa.com.br <http://empresa.com.br> DC -k
>> > yes -d 3 --server=samba4-dc1.empresa.com.br
>> > <http://samba4-dc1.empresa.com.br>
>> >
>> >
>> ####################################################################################
>>
>> >
>> >
>> > However, I verified that the DNS records msdcs.empresa.com.br
>> > <http://msdcs.empresa.com.br> and empresa.com.br
>> > <http://empresa.com.br> (ldap, kerberos, gc, tcp, udp) were not
>> > updated with the information of the new DC.
>>
>> Try restarting Samba, this should force samba_dnsupdate to run and
>> hopefully fill in the gaps, if all else fails, reboot.
>>
>> Rowland
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>

More information about the samba mailing list