[Samba] Join new DC to domain - advice to upgrade Samba 4.
Rowland penny
rpenny at samba.org
Tue Apr 7 14:07:36 UTC 2020
On 07/04/2020 14:51, Daniel Lopes de Carvalho wrote:
> Hi Rowland, thanks for your email.
>
> The working DC was installed around 2 years ago. It is the reason to
> stick in Stretch. But if I can upgrade the working DC to Buster and
> Samba 4.9.5 without any problem, it is OK to me.
I would upgrade Debian and once you get everything working correctly,
you can use Louis's repo: http://apt.van-belle.nl/
>
>
> Find below the output of samba-tool join command:
>
> samba-tool domain join test.example.domain.br
> <http://test.example.domain.br> DC -U"test/administrator" -d3
>
> Finding a writeable DC for domain 'test.example.domain.br
> <http://test.example.domain.br>'
> resolve_lmhosts: Attempting lmhosts lookup for name
> _ldap._tcp.test.example.domain.br <http://tcp.test.example.domain.br><0x0>
> Found DC adc02.test.example.domain.br
> <http://adc02.test.example.domain.br>
> resolve_lmhosts: Attempting lmhosts lookup for name
> adc02.test.example.domain.br <http://adc02.test.example.domain.br><0x20>
> Password for [test\administrator]:
> Cannot reach a KDC we require to contact
> ldap/adc02.test.example.domain.br@ : kinit for administrator at test
> failed (Cannot contact any KDC for requested realm)
That looks like your problem, for some reason 'adc02.example.domain.br'
cannot be found.
Can you run the attached script on the machine you are trying to join as
a DC and then post the output in a reply to the mailing list, do not
attach it, this mailing list strips attachments.
Rowland
More information about the samba
mailing list