[Samba] CentOS 7.8 samba member server does not join and populate with correct FQDN

Rowland penny rpenny at samba.org
Wed Jun 17 16:03:32 UTC 2020


On 17/06/2020 16:30, centos via samba wrote:
> Joining member Centos 7.8 Linux server with 4.10.4-10.el7 or higher appears to ignore client FQDN when AD domain does not match client domain name.  For example Active Directory Domain is ad1.testdomain.com and the client member server FQDN is  testhost.clients.testdomain.com.  When joining the domain  DNSHostName attribute in AD shows testhost.ad1.testdomain.com when it should be testhost.clients.testdomain.com.  This also makes ServicePrincipalNames incorrect in AD.  This join has been working correctly for years with last version working correctly being 4.9.1-10.el7_7.  I have other software that relies on this clients FQDN as it looks in ldap for the correct name.  Nothing changed on the join command(net ads join ad1.testdomain.com -U admin%somepassword --no-dns-updates) or config files. Unfortunately I'm stuck in an environment where the client FQDN does not match the FQDN of Active Directory.

ER, no, if it was working, it was working incorrectly.

AD relies on a few things, two of these are DNS and Kerberos. Kerberos 
uses a REALM and this is the dns domain in uppercase, so the clients 
should be in the same dns domain.

I think you will find it is now working correctly.

Rowland





More information about the samba mailing list