[Samba] Unable to join domain?

Dan Egli dan at newideatest.site
Sat Feb 6 22:58:48 UTC 2021 

Forgot one test:

  # samba-tool dns zonecreate 192.168.10.3 10.168.182.in-addr.arpa -k yes
Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for 
ncacn_ip_tcp:192.168.10.3[49153,sign,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=192.168.10.3] 
NT_STATUS_INVALID_PARAMETER
ERROR: Connecting to DNS RPC server 192.168.10.3 failed with 
(3221225485, 'An invalid parameter was passed to a service or function.')

On 2/6/2021 3:45 PM, Rowland penny via samba wrote:
> On 06/02/2021 22:27, Dan Egli wrote:
>>
>> On 2/6/2021 1:51 PM, Rowland penny via samba wrote:
>>> On 06/02/2021 20:43, Dan Egli wrote:
>>>> I tried the -k, and no go. If I just put -k at the end it says -k 
>>>> needs a paramater. Looking in the man page it says -k KERBEROS, so 
>>>> I did, and now samba-tool says "samba-tool dns zonecreate: error: 
>>>> invalid -k option value: KERBEROS"
>>>>
>>>> I am completely unfamiliar with Kerberos, so if this is a stupid 
>>>> mistake, forgive me.
>>>
>>>
>>> No, it is not a stupid question, for 'KERBEROS' read 'no|yes|auto', 
>>> so to use kerberos with your command you need a ticket (which will 
>>> be 'krb5cc_0' in /tmp) and to add '-k yes' to the command.
>>>
>>> Rowland
>>>
>>
>> Well, I tried with -k yes and still not working:
>>
>> #  samba-tool dns zonecreate janus.eglifamily.name 
>> 10.168.192.in-addr.arpa -k yes
>> Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for 
>> ncacn_ip_tcp:2600:100e:b1df:d0d3:20c:29ff:fed0:8fed[49153,sign,target_hostname=janus.eglifamily.name,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=2600:100e:b1df:d0d3:20c:29ff:fed0:8fed] 
>> NT_STATUS_UNSUCCESSFUL
>> ERROR: Connecting to DNS RPC server janus.eglifamily.name failed with 
>> (3221225473, '{Operation Failed} The requested operation was 
>> unsuccessful.')
>>
>> # klist
>> Ticket cache: FILE:/tmp/krb5cc_0
>> Default principal: Administrator at EGLIFAMILY.NAME
>>
>> Valid starting     Expires            Service principal
>> 02/06/21 13:12:17  02/06/21 23:12:17 
>> krbtgt/EGLIFAMILY.NAME at EGLIFAMILY.NAME
>>         renew until 02/07/21 13:12:10
>> 02/06/21 15:25:06  02/06/21 23:12:17 
>> host/JANUS.EGLIFAMILY.NAME at EGLIFAMILY.NAME
>>
>> I'm open to the next suggestion.
>
>
> Have you set this DC to use itself as its nameserver ?
>
> I would check your DNS settings.
>
> Try replacing  the server name 'janus.eglifamily.name' with the DC's 
> ipaddress and if that fails replace the '-k yes' with -UAdministrator 
> and see if the password works.
>
> Rowland
>
>
>

More information about the samba mailing list