[Samba] DC join failed
Epsilon Minus
theepsilonminus at gmail.com
Thu Sep 19 01:33:54 UTC 2019
I responde behind your question! thanks for your colaboration!
El mié., 18 sept. 2019 a las 4:40, Rowland penny via samba
(<samba at lists.samba.org>) escribió:
>
> On 18/09/2019 03:51, Epsilon Minus via samba wrote:
> > I relive this chain of mails because I had no way to go. Thank you
> > all for the excellent help in this mailing.
> >
> > At the time I assumed that the problem was the very battered Windows
> > AD. I received it as an inheritance and I was trying these months to
> > solve problem by problem.
> >
> > I am sure that I have the problem in Windows, but other windows can be
> > added without problem, the problem is with samba. I don't know how to
> > debug this problem anymore.
> >
> > You are currently migrated, with domain a forest level 2008 R2. A
> > newly migrated server, remove old ADs with problems and I currently
> > have only one. At this time I proceeded to prepare a new Samba and
> > when doing a join I have the following error (I saw that this problem
> > had several but none published a solution):
> >
> > samba-tool domain join conylec.local DC -U "CONYLEC\administrador" --debug 3
> > lpcfg_load: refreshing parameters from /etc/samba/smb.conf
> >
> > Finding a writeable DC for domain 'conylec.local'
> > resolve_lmhosts: Attempting lmhosts lookup for name
> > _ldap._tcp.conylec.local<0x0>
> > Found DC AD01.conylec.local
> > resolve_lmhosts: Attempting lmhosts lookup for name AD01.conylec.local<0x20>
> > Password for [CONYLEC\administrador]:
> > Cannot reach a KDC we require to contact (null) : kinit for
> > administrador at CONYLEC failed (Cannot contact any KDC for requested
> > realm)
> >
> > SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT for
> > ldap/AD01.conylec.local failed (next[ntlmssp]):
> > NT_STATUS_NO_LOGON_SERVERS
>
> Your problems seem to start here, it cannot seem to find the KDC.
>
> What OS is this ?
oot at DC01:/var/lib/samba/private# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
> What Samba version ?
root at DC01:/var/lib/samba/private# samba -V
Version 4.7.6-Ubuntu
> Can you post the contents of:
> /etc/hostname
root at DC01:/var/lib/samba/private# cat /etc/hostname
DC01
> /etc/hosts
root at DC01:/var/lib/samba/private# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# --- BEGIN PVE ---
192.168.1.233 DC01.conylec.local DC01
# --- END PVE ---
> /etc/resolv.conf
root at DC01:/var/lib/samba/private# cat /etc/resolv.conf
# --- BEGIN PVE ---
search conylec.local
nameserver 192.168.1.244 (AD01 windows)
# --- END PVE ---
> /etc/krb5.conf
root at DC01:/var/lib/samba/private# cat /etc/krb5.conf
[libdefaults]
default_realm = CONYLEC.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
> and the output of the following commands:
>
> hostname -s
root at DC01:/var/lib/samba/private# hostname -s
DC01
> hostname -d
root at DC01:/var/lib/samba/private# hostname -d
conylec.local
> hostname -i
root at DC01:/var/lib/samba/private# hostname -i
192.168.1.233
> hostname -I
root at DC01:/var/lib/samba/private# hostname -I
192.168.1.233
> In the mean time, can you check how the DNS server is set up on the
> Windows DC ?
Is the same
> Try reading this:
>
> https://support.microsoft.com/en-gb/help/817470/how-to-reconfigure-an-msdcs-subdomain-to-a-forest-wide-dns-application
Thanks, now i read this post.
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list