[Samba] Samba DC to Samba NT4 Domain Trust
Rowland penny
rpenny at samba.org
Tue Nov 5 19:28:18 UTC 2019
On 05/11/2019 19:06, Vex Mage wrote:
>
>
>
>
> Collected config --- 2019-11-05-10:26 -----------
>
> Hostname: samba4
> DNS Domain: sambaad.engr.ucsb.edu <http://sambaad.engr.ucsb.edu>
> FQDN: samba4.sambaad.engr.ucsb.edu <http://samba4.sambaad.engr.ucsb.edu>
> ipaddress: 128.111.27.62 192.168.0.235
>
> -----------
>
> Kerberos SRV _kerberos._tcp.sambaad.engr.ucsb.edu
> <http://tcp.sambaad.engr.ucsb.edu> record verified ok, sample output:
> Server: 128.111.41.10
> Address: 128.111.41.10#53
>
> Non-authoritative answer:
> _kerberos._tcp.sambaad.engr.ucsb.edu
> <http://tcp.sambaad.engr.ucsb.edu> service = 0 100 88
> samba4.sambaad.engr.ucsb.edu <http://samba4.sambaad.engr.ucsb.edu>.
>
> Authoritative answers can be found from:
> sambaad.engr.ucsb.edu <http://sambaad.engr.ucsb.edu> nameserver =
> samba4.sambaad.engr.ucsb.edu <http://samba4.sambaad.engr.ucsb.edu>.
> samba4.sambaad.engr.ucsb.edu <http://samba4.sambaad.engr.ucsb.edu>
> internet address = 192.168.0.235
> Samba is running as an AD DC
>
> -----------
> Checking file: /etc/os-release
>
> PRETTY_NAME="Debian GNU/Linux 10 (buster)"
> NAME="Debian GNU/Linux"
> VERSION_ID="10"
> VERSION="10 (buster)"
> VERSION_CODENAME=buster
> ID=debian
> HOME_URL="https://www.debian.org/"
> SUPPORT_URL="https://www.debian.org/support"
> BUG_REPORT_URL="https://bugs.debian.org/"
>
> -----------
>
>
> This computer is running Debian 10.1 x86_64
>
> -----------
> running command : ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> group default qlen 1000
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo
> inet6 ::1/128 scope host
> 2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
> link/ether d2:fa:77:37:bc:a2 brd ff:ff:ff:ff:ff:ff
> inet 128.111.27.62/24 <http://128.111.27.62/24> brd 128.111.27.255
> scope global dynamic ens18
> valid_lft 603001sec preferred_lft 603001sec
> inet6 fe80::d0fa:77ff:fe37:bca2/64 scope link
> 3: ens19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
> link/ether 02:3b:df:ce:61:19 brd ff:ff:ff:ff:ff:ff
> inet 192.168.0.235/24 <http://192.168.0.235/24> brd 192.168.0.255
> scope global dynamic ens19
> valid_lft 478sec preferred_lft 478sec
> inet6 fe80::3b:dfff:fece:6119/64 scope link
>
> -----------
> Checking file: /etc/hosts
>
> 127.0.0.1 localhost
> 127.0.1.1 sambaad.engr.ucsb.edu <http://sambaad.engr.ucsb.edu> sambaad
Change 127.0.1.1 line to:
128.111.27.62 samba4.sambaad.engr.ucsb.edu samba4
>
> # The following lines are desirable for IPv6 capable hosts
> ::1 localhost ip6-localhost ip6-loopback
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
>
> -----------
>
> Checking file: /etc/resolv.conf
>
> domain engr.ucsb.edu <http://engr.ucsb.edu>
> search engr.ucsb.edu <http://engr.ucsb.edu>
Remove the 'domain' line
Change the search line to:
search sambaad.engr.ucsb.edu
> nameserver 128.111.41.10
Change the nameserver IP to '128.111.27.62' which appears to be the IP
of your AD DC, the DC is supposed to use itself as its nameserver.
Add these two lines to the smb.conf file on the AD DC:
interfaces = ens18 128.111.27.62/24
bind interfaces only = yes
Rowland
More information about the samba
mailing list