[Samba] I can't login into my Linux client with Samba DC users.

Rowland Penny rpenny at samba.org
Wed Jul 14 12:26:42 UTC 2021 

On Wed, 2021-07-14 at 13:22 +0200, L.P.H. van Belle via samba wrote:
> > 1- Why Windows client working with it without any problem?
> Because when the join the primary DNS domain is always correct
> And you most probely did set the ip's of the DC's as resolvers for
> them. 
> 
> You asked this before and we asked info before.. 
> Im still waiting.. (thats why i also didnt reply before).. 

You should have seen what I wrote before deleting it!

> 
> Most probley your error is in the resolving order. 

Could be, but doubtful.

> Run this on 1 DC and 1 member. 
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh
> 
> DONT change the structures of the setup when you anonymize it. 
> 
> Now this :  samba-tool domain info 192.168.56.7
> Why are you not using : samba-tool domain info hostname.fqdn
> Im just wondering.

Because it works and 'samba-tool domain info --help' returns:

Usage: samba-tool domain info <ip_address> [options]

> So my advice is, try to avoid testing with ipnumbers and start
> testing with FQDN's. 
> This will help in finding/and later avoiding resolving problems. 
> 
> 
> Greetz, 
> 
> Louis
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> > Jason Long via samba
> > Verzonden: woensdag 14 juli 2021 13:09
> > Aan: sambalist; Rowland Penny
> > Onderwerp: Re: [Samba] I can't login into my Linux client 
> > with Samba DC users.
> > 
> > Thanks.
> > 1- Why Windows client working with it without any problem?
> > 2- How can I fix it?
> > 
> > 
> > 
> > 
> > 
> > 
> > On Wednesday, July 14, 2021, 03:32:21 PM GMT+4:30, Rowland 
> > Penny via samba <samba at lists.samba.org> wrote: 
> > 
> > 
> > 
> > 
> > 
> > On Wed, 2021-07-14 at 10:41 +0000, Jason Long wrote:
> > > Thank you.
> > > 
> > > As you see:
> > > # samba-tool domain info 192.168.56.7
> > > Forest          : mydomain.z
> > > Domain          : mydomain.z
> > > Netbios domain  : MYDOMAIN
> > > DC name          : mydc.mydomain.z
> > > DC netbios name  : MYDC
> > > Server site      : Default-First-Site-Name
> > > Client site      : Default-First-Site-Name
> > > 
> > > If my configuration is wrong, then how can I fix it?
> > > 
> > > 
> > > 
> > > 
> > > 
> > > On Monday, July 12, 2021, 11:29:30 PM GMT+4:30, Rowland Penny via
> > > samba <samba at lists.samba.org> wrote: 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > On Mon, 2021-07-12 at 18:44 +0000, Jason Long via samba wrote:
> > > > Hello,
> > > > I had a thread with the name "I can't join my Linux client to
> > > > my
> > > > Samba DC." and I joined my Linux client to my Samba DC, 
> > but I can't
> > > > login into my Linux client with my Samba DC users.
> > > > I have a Samba DC as below:
> > > > 
> > > > 
> > > > # samba-tool domain info 192.168.56.7
> > > > Forest          : mydomain.z
> > > > Domain          : mydomain.z
> > > > Netbios domain  : MYDOMAIN
> > > > DC name          : mydc.mydomain.z
> > > > DC netbios name  : MYDC
> > > > Server site      : Default-First-Site-Name
> > > > Client site      : Default-First-Site-Name
> > > > 
> > > > 
> > > > 
> > > > 
> > > > And I want to join my Linux client to my Samba DC. The content
> > > > of
> > > > "smb.conf" file on my Linux client is:
> > > > 
> > > > 
> > > > [global]
> > > >     workgroup = MYDC
> > > >     security = ADS
> > > >     realm = MYDC.MYDOMAIN.Z
> > > 
> > > Your realm isn't 'MYDC.MYDOMAIN.Z' , from what you have posted,
> > > your
> > > realm should be 'MYDOMAIN.Z'
> > > 
> > > Also, I doubt that your workgroup name is 'MYDC' as this appears
> > > to
> > > be
> > > your DCs short hostname. If your workgroup (aka NetBios domain
> > > name)
> > > is
> > > the same as your DC's short hostname, then I suggest you fix this
> > > 
> > 
> > You have set your workgroup to 'MYDC' and you also posted 'DC
> > netbios
> > name  : MYDC', you also posted 'Netbios domain  : MYDOMAIN',
> > another
> > name for 'Netbios domain' is 'workgroup'.
> > 'DC netbios name' != 'Netbios domain'
> > 
> > You also seem to be using the DC's FQDN for the realm, it 
> > should be the
> > dns domain in uppercase, which in your case seems to be
> > 'MYDOMAIN.Z'
> > 
> > 
> > Rowland
> > 
> > 
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> > 
> 
>

More information about the samba mailing list