[Samba] new dc does not allow login..?

Rowland penny rpenny at samba.org
Thu Oct 22 19:18:10 UTC 2020 

On 22/10/2020 19:49, Joachim Lindenberg wrote:
> Password for Administrator at SAMBA.LINDENBERG.ONE:
>
> Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for ncacn_ip_tcp:192.168.177.19[49153,sign,target_hostname=cobra.samba.lindenberg.one,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=192.168.177.19] NT_STATUS_LOGON_FAILURE
> ERROR: Connecting to DNS RPC server cobra.samba.lindenberg.one failed with (3221225581, 'The attempted logon is invalid. This is either due to a bad username or authentication information.')
> Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for ncacn_ip_tcp:192.168.177.19[49153,sign,target_hostname=cobra.samba.lindenberg.one,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=192.168.177.19] NT_STATUS_LOGON_FAILURE
> ERROR: Connecting to DNS RPC server cobra.samba.lindenberg.one failed with (3221225581, 'The attempted logon is invalid. This is either due to a bad username or authentication information.')
The above could just be caused by incorrect replication.
>
>
>
>
>
>
> Kerberos SRV _kerberos._tcp.samba.lindenberg.one record verified ok, sample output:
> Server:         192.168.177.18
> Address:        192.168.177.18#53
>
> _kerberos._tcp.samba.lindenberg.one     service = 0 100 88 boa.samba.lindenberg.one.

I take it that boa.samba.lindenberg.one' has the IP '192.168.177.18'

But what is 'boa' ?

> -----------
>         Checking file: /etc/hosts
>
> 127.0.0.1 localhost
> 192.168.177.19 cobra.samba.lindenberg.one cobra
>
> -----------
>
>         Checking file: /etc/resolv.conf
>
> nameserver 192.168.177.18
> search samba.lindenberg.one

You need to change the  '18' to '19'

The DC must use itself as its nameserver

Make the suggested changes and if replication doesn't kick in, try 
adding this to smb.conf:

         dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool

You could also try running these commands:

samba-tool drs showrepl

samba-tool dbcheck

Rowland

More information about the samba mailing list