[Samba] Problems joining station in domain
L.P.H. van Belle
belle at bazuin.nl
Wed Aug 28 15:13:19 UTC 2019
Hai Marcio,
________________________________
Van: Marcio Demetrio Bacci [mailto:marciobacci at gmail.com]
Verzonden: woensdag 28 augustus 2019 15:57
Aan: L.P.H. van Belle; sambalist
Onderwerp: Re: [Samba] Problems joining station in domain
Hi,
>What is in /etc/ldap/ldap.conf
>Does it have : TLS_REQCERT allow ?
>If not add it.
Do I add this to all DC's?
Yes, but as Andrew did say, we could/should use an other setting these days.
He confirmed its still a bug in the DNS partitioning.
What i hoped it to try to "upgrade" you internal DNS to bind9_dlz
And with doing that, avoid this bug.
I suggest you read:
Then we are left with the 2 possible workarounds as mentions in the list before.
See: https://www.spinics.net/lists/samba/msg158588.html
Adjust the code of samba a bit.
Dennis pointed out, and option to upgrade/create partitions on w2k3 before the joins.
Found here: https://lists.samba.org/archive/samba/2019-July/224515.html
But as far i know that server is gone.
>You installed a new server, why did you not choose debian buster but installed debian stretch?
Because our Debian distribution is customized and packaged according to the institution's security rules. I depend on making this distribution available in Debian 10.
Well ok, i can only respect this.
Then i strongly suggeset you also read the subject on the list : TLS_REQCERT and Samba AD DC
Because if you have security rules, then this should not be an option, and you should have your own CA running.
Sso far, (office is closing), untill tomorrow.
Greetz,
Louis
More information about the samba
mailing list