[Samba] Samba as an active directory

commandline at protonmail.com commandline at protonmail.com
Sat Jul 4 12:47:32 UTC 2020


After a few attempts I now have my first Samba installed and running as active directory (on Debian-Turnkey)

Topics I struggle with are not Samba itself, yet.

I seek help to clarify wat is failing,what I did wrong or did not do yet.

1. Joining the domain: fails to resolve SRV type record for \_ldap.\_tcp.dc.\_msdcs.<domain> (typos here are mine, correct on machine)

2. Fail of 1 is because the response for the SRV record is serving the SOA and the response does not arrive at the client. I see the request resolved correctly on the AD-BindNLZ send back to the DNS server and from the DNS server to the client. However, on the client it becomes a non-existent Domain reply. The firewall on MSw10 is enabled but I do not understand why it would filter a reply. Such was not documented on Samba.org so I did not investigate yet.

3. To enable federation i prefer to work with Kerberos. However, using Server Manager it complains on auth about 1 here but also about kerberos. The krb5.conf file is present in /etc and as default. I had assumed Kerberos would be enabled by default on AD role for Samba4.

4. Connect using Server Manager fail because of 1 also. See also 2 and 3. While on latest MS Windows 10 I could not find Server Manager anywhere under 'options and features' the install happened manually.

I hope you are able to assist.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 489 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20200704/452115a0/signature.sig>

More information about the samba mailing list