[Samba] I can't login into my Linux client with Samba DC users.

Rowland Penny rpenny at samba.org
Wed Jul 14 11:01:55 UTC 2021 

On Wed, 2021-07-14 at 10:41 +0000, Jason Long wrote:
> Thank you.
> 
> As you see:
> # samba-tool domain info 192.168.56.7
> Forest           : mydomain.z
> Domain           : mydomain.z
> Netbios domain   : MYDOMAIN
> DC name          : mydc.mydomain.z
> DC netbios name  : MYDC
> Server site      : Default-First-Site-Name
> Client site      : Default-First-Site-Name
> 
> If my configuration is wrong, then how can I fix it?
> 
> 
> 
> 
> 
> On Monday, July 12, 2021, 11:29:30 PM GMT+4:30, Rowland Penny via
> samba <samba at lists.samba.org> wrote: 
> 
> 
> 
> 
> 
> On Mon, 2021-07-12 at 18:44 +0000, Jason Long via samba wrote:
> > Hello,
> > I had a thread with the name "I can't join my Linux client to my
> > Samba DC." and I joined my Linux client to my Samba DC, but I can't
> > login into my Linux client with my Samba DC users.
> > I have a Samba DC as below:
> > 
> > 
> > # samba-tool domain info 192.168.56.7
> > Forest          : mydomain.z
> > Domain          : mydomain.z
> > Netbios domain  : MYDOMAIN
> > DC name          : mydc.mydomain.z
> > DC netbios name  : MYDC
> > Server site      : Default-First-Site-Name
> > Client site      : Default-First-Site-Name
> > 
> > 
> > 
> > 
> > And I want to join my Linux client to my Samba DC. The content of
> > "smb.conf" file on my Linux client is:
> > 
> > 
> > [global]
> >     workgroup = MYDC
> >     security = ADS
> >     realm = MYDC.MYDOMAIN.Z
> 
> Your realm isn't 'MYDC.MYDOMAIN.Z' , from what you have posted, your
> realm should be 'MYDOMAIN.Z'
> 
> Also, I doubt that your workgroup name is 'MYDC' as this appears to
> be
> your DCs short hostname. If your workgroup (aka NetBios domain name)
> is
> the same as your DC's short hostname, then I suggest you fix this
> 

You have set your workgroup to 'MYDC' and you also posted 'DC netbios
name  : MYDC', you also posted 'Netbios domain  : MYDOMAIN', another
name for 'Netbios domain' is 'workgroup'.
'DC netbios name' != 'Netbios domain'

You also seem to be using the DC's FQDN for the realm, it should be the
dns domain in uppercase, which in your case seems to be 'MYDOMAIN.Z'

Rowland

More information about the samba mailing list