[Samba] Changing IP Scope on a Samba DC
Rowland penny
rpenny at samba.org
Fri Sep 4 08:00:10 UTC 2020
On 04/09/2020 00:11, Peter Pollock wrote:
> Samba seems to have provisioned OK, but kinit cannot find the realm
> and I have some records missing that I don't know how to fix:
>
> itadmin at dc01:~$ kinit administrator at INTERNAL.KCS
> kinit: Cannot find KDC for realm "INTERNAL.KCS" while getting initial
> credentials
> itadmin at dc01:~$ host -t SRV _ldap._tcp.internal.kcs
> Host _ldap._tcp.internal.kcs not found: 3(NXDOMAIN)
> itadmin at dc01:~$ host -t SRV _kerberos._udp.internal.kcs
> Host _kerberos._udp.internal.kcs not found: 3(NXDOMAIN)
> itadmin at dc01:~$ host -t A dc01.internal.kcs
> dc01.internal.kcs has address 192.168.4.5
>
> Where do I start?
>
> Here's the output from the provisioning:
>
> sudo samba-tool domain provision --use-rfc2307 --realm=internal.kcs
> --domain=internal --dns-backend=BIND9_DLZ
I hope this is a test domain (or one that you can lose), I would run the
command again but add '--adminpass=xxxxxxxxxx'
Where you replace all the 'x's with a complex password, you sort of need
to know the Administrator password.
Remove the smb.conf and reprovision ;-)
When you get the domain up again, alter /etc/resolv.conf to use the DC's
ipaddress as the first nameserver.
You might also find this useful:
https://github.com/thctlo/samba4/blob/master/full-howto-Ubuntu18.04-samba-AD_DC.txt
Rowland
More information about the samba
mailing list