[Samba] SOLVED--Join Domain error - the ubiquitous "specified domain does not exists or could not be contacted"

Mark b zoogate.1.markbann at spamgourmet.com
Tue Jan 21 20:04:05 UTC 2020 

On 1/16/2020 4:47 PM, Rowland penny via samba wrote:
> On 16/01/2020 21:54, Mark Bannister via samba wrote:
>>
>> On 1/16/2020 1:38 PM, Rowland penny via samba wrote:
>>> On 16/01/2020 18:26, Markb via samba wrote:
>>>> Existing Samba 4 network trying to added a new Windows 10 
>>>> workstation. Getting the  "specified domain does not exists or 
>>>> could not be contacted" error.
>>>> Samba: Version 4.1.9-Zentyal
>>>> Samba as Primary Domain Controller  - simple file sharing
>>>> Server name:  APPSERVER1.local
>>>> Domain Name: LINGROUP
>>>> Win 10 updated to all latest.  SMB1 added in Windows Features
>>>>
>>>> Ipconfig on workstation looks correct  (same server is DNS and DHCP 
>>>> server) except "DNS SUFFIX Serach List" does not included the 
>>>> domain "LINGROUP".  (Not sure if that only happens after joining 
>>>> domain or not.)
>>>> I can manually browse to the server in Explorer and see the server 
>>>> shares and user's home folder (browse to \\APPSERVER1) but the 
>>>> server does not show up in the network neighborhood. Some, but not 
>>>> all, of the workstations do, and one time the backup server showed 
>>>> up but then went away.
>>>> I can ping the server by IP or name APPSERVER or APPSERVER.local (I 
>>>> realize .local is outdated).
>>>>
>>>> I'm not seeing any DNS issues on the server.
>>>> I am NOT an admin but have used Samba in this small office 
>>>> environment for 15+ years so I know enough to be dangerous. Any 
>>>> advice on where to start troubleshooting?
>>>>
>>>> Pertinent Global settings:
>>>>
>>>> [global]
>>>>
>>>> admin users = sysadmin
>>>>
>>>> name resolve order = wins lmhosts hosts bcast
>>>>     dns proxy = yes
>>>> #mcb
>>>>  wins support = yes
>>>>
>>>>    dns proxy = no
>>>>
>>>>
>>>> force create mode = 0770
>>>> force directory mode = 0770
>>>> create mask = 0660
>>>>
>>>> hosts allow = 127.0.0.1 192.168.1. 10.10.10. 192.168.2.
>>>> hosts deny = 0.0.0.0/0
>>>>
>>>>
>>>>
>>>> #### Networking ####
>>>> #AND mask interfaces = 127.0.0.0/8 ens160 lo
>>>>
>>>>    bind interfaces only = yes
>>>>
>>>>  # force use of SMB1, Paradox database requires smb1
>>>>    server max protocol = NT1
>>>>
>>>>
>>>> #### Debugging/Accounting ####
>>>>    log file = /var/log/samba/log.%m
>>>>    max log size = 1000
>>>>    syslog = 0
>>>>   log level = 3
>>>>
>>>>    panic action = /usr/share/samba/panic-action %d
>>>>
>>>>    server role = classic primary domain controller
>>>>    passdb backend = tdbsam
>>>>
>>>>    obey pam restrictions = yes
>>>>    unix password sync = yes
>>>>    passwd program = /usr/bin/passwd %u
>>>>    passwd chat = *Enter\snew\s*\spassword:* %n\n 
>>>> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>>>>    pam password change = yes
>>>>    map to guest = bad user
>>>>
>>>>   security = user
>>>>
>>>>
>>>>
>>>>
>>>> ########## Domains ###########
>>>>
>>>> workgroup = LINGROUP
>>>>
>>>>
>>>> server string = APP Samba %v %h
>>>>  # For Windows 10 client support, uncomment the following line:
>>>> server max protocol = NT1
>>>>
>>>> domain logons = yes
>>>> domain master = yes
>>>> local master = yes
>>>> preferred master = yes
>>>>
>>> Unlikely to be a dns problem, your NT4-style PDC uses NETBios instead.
>>>
>>> Samba 4.1.x went EOL about 4 years ago, so you really should 
>>> consider upgrading.
>>>
>>> You could read this: 
>>> https://wiki.samba.org/index.php/Required_Settings_for_Samba_NT4_Domains 
>>>
>>>
>>> This could be a Windows 10 problem (and probably is), Microsoft is 
>>> doing everything they can to get people to not use SMBv1 and by 
>>> default, not use NT4-style domains, so can I suggest that you start 
>>> planning to upgrade to a Samba AD domain before you have to.
>>>
>>> Rowland
>>>
>>>
>>>
>> Thanks.  Yes, I've read the required settings.  I won't be able to 
>> get rid of SMB1 for a while as we still have a legacy db app that 
>> needs it.  Do you think a newer version of Samba will help? I've 
>> delayed updating the server so I could do that an update Samba.
> It might, but I cannot promise anything, as I said, this is probably a 
> Windows 10 problem. Microsoft has broken NT4-style domains by accident 
> at least twice and they could do it again at anytime. I would 
> seriously look at removing that legacy db while you can, you may come 
> in one morning and your Windows machines will not connect to your 
> NT4-style domain.
>>
>> I did find out why I couldn't see the shares in network 
>> neighborhood.  Somehow nmbd failed to start when I restarted the 
>> server.  Network was running off the backup server.  Hadn't seen that 
>> before.
> Yes, that would cause your problem ;-)
>
> I would take this as a wakeup call.
>
> Rowland
>
I've upgraded to Version 4.7.6-Ubuntu.

Added these keys:

|HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters 
DomainCompatibilityMode = 1 DNSNameResolutionRequired = 0 |

Output of windows netlog when failing:

01/21/2020 13:52:41:010 NetpValidateName: checking to see if 'APP633' is 
valid as type 1 name
01/21/2020 13:52:41:010 NetpCheckNetBiosNameNotInUse for 'APP633' 
[MACHINE] returned 0x0
01/21/2020 13:52:41:010 NetpValidateName: name 'APP633' is valid for type 1
01/21/2020 13:52:41:010 
-----------------------------------------------------------------
01/21/2020 13:52:41:010 NetpValidateName: checking to see if 'APP633' is 
valid as type 5 name
01/21/2020 13:52:41:010 NetpValidateName: name 'APP633' is valid for type 5
01/21/2020 13:52:41:025 
-----------------------------------------------------------------
01/21/2020 13:52:41:025 NetpValidateName: checking to see if 'LINGROUP' 
is valid as type 3 name
01/21/2020 13:52:41:025 NetpCheckDomainNameIsValid [ Exists ] for 
'LINGROUP' returned 0x0
01/21/2020 13:52:41:025 NetpValidateName: name 'LINGROUP' is valid for 
type 3
01/21/2020 13:52:49:339 
-----------------------------------------------------------------
01/21/2020 13:52:49:339 NetpDoDomainJoin
01/21/2020 13:52:49:339 NetpDoDomainJoin: using current computer names
01/21/2020 13:52:49:339 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) 
returned 0x0
01/21/2020 13:52:49:339 NetpDoDomainJoin: 
NetpGetComputerNameEx(DnsHostName) returned 0x0
01/21/2020 13:52:49:339 NetpMachineValidToJoin: 'APP633'
01/21/2020 13:52:49:339 NetpMachineValidToJoin: status: 0x0
01/21/2020 13:52:49:339 NetpJoinDomain
01/21/2020 13:52:49:339     HostName: APP633
01/21/2020 13:52:49:339     NetbiosName: APP633
01/21/2020 13:52:49:339     Domain: LINGROUP
01/21/2020 13:52:49:339     MachineAccountOU: (NULL)
01/21/2020 13:52:49:339     Account: LINGROUP\sysadmin
01/21/2020 13:52:49:339     Options: 0x25
01/21/2020 13:52:49:355 NetpValidateName: checking to see if 'LINGROUP' 
is valid as type 3 name
01/21/2020 13:52:49:417 NetpCheckDomainNameIsValid [ Exists ] for 
'LINGROUP' returned 0x0
01/21/2020 13:52:49:417 NetpValidateName: name 'LINGROUP' is valid for 
type 3
01/21/2020 13:52:49:417 NetpDsGetDcName: trying to find DC in domain 
'LINGROUP', flags: 0x40001010
01/21/2020 13:53:04:408 NetpDsGetDcName: failed to find a DC in the 
specified domain: 0x54b, last error is 0x0
01/21/2020 13:53:04:408 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x54b
01/21/2020 13:53:04:408 NetpJoinDomainOnDs: Function exits with status 
of: 0x54b
01/21/2020 13:53:04:408 NetpJoinDomainOnDs: NetpResetIDNEncoding on 
'(null)': 0x0
01/21/2020 13:53:04:408 NetpDoDomainJoin: status: 0x54b
01/21/2020 13:53:04:408 
-----------------------------------------------------------------
01/21/2020 13:53:04:408 NetpDoDomainJoin
01/21/2020 13:53:04:408 NetpDoDomainJoin: using current computer names
01/21/2020 13:53:04:408 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) 
returned 0x0
01/21/2020 13:53:04:408 NetpDoDomainJoin: 
NetpGetComputerNameEx(DnsHostName) returned 0x0
01/21/2020 13:53:04:408 NetpMachineValidToJoin: 'APP633'
01/21/2020 13:53:04:408 NetpMachineValidToJoin: status: 0x0
01/21/2020 13:53:04:408 NetpJoinDomain
01/21/2020 13:53:04:408     HostName: APP633
01/21/2020 13:53:04:408     NetbiosName: APP633
01/21/2020 13:53:04:408     Domain: LINGROUP
01/21/2020 13:53:04:408     MachineAccountOU: (NULL)
01/21/2020 13:53:04:408     Account: LINGROUP\sysadmin
01/21/2020 13:53:04:408     Options: 0x27
01/21/2020 13:53:04:423 NetpValidateName: checking to see if 'LINGROUP' 
is valid as type 3 name
01/21/2020 13:53:04:486 NetpCheckDomainNameIsValid [ Exists ] for 
'LINGROUP' returned 0x0
01/21/2020 13:53:04:486 NetpValidateName: name 'LINGROUP' is valid for 
type 3
01/21/2020 13:53:04:486 NetpDsGetDcName: trying to find DC in domain 
'LINGROUP', flags: 0x40001010
01/21/2020 13:53:04:486 NetpDsGetDcName: failed to find a DC in the 
specified domain: 0x54b, last error is 0x0
01/21/2020 13:53:04:486 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x54b
01/21/2020 13:53:04:486 NetpJoinDomainOnDs: Function exits with status 
of: 0x54b
01/21/2020 13:53:04:486 NetpJoinDomainOnDs: NetpResetIDNEncoding on 
'(null)': 0x0
01/21/2020 13:53:04:486 NetpDoDomainJoin: status: 0x54b


>
>

More information about the samba mailing list