[Samba] I can't join my Linux client to my Samba DC.

Jason Long hack3rcon at yahoo.com
Tue Jun 1 14:36:37 UTC 2021 

Thank you.
My Samba DC has a DHCP server too.
My "/etc/hosts" file contents is:

# cat /etc/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

And I modified "/etc/resolv.conf" file as below:

# cat /etc/resolv.conf
search mydomain.z
nameserver 192.168.56.7

And edited "smb.conf" file as below:

[global]
   workgroup = MYDOMAIN
   security = ADS
# realm = MYDC.MYDOMAIN.Z
   realm = MYDOMAIN.Z

And tried to join my Linux client to my Samba DC, but I got below error:

# net ads join -U administrator
Enter administrator's password:
Using short domain name -- MYDOMAIN
Joined 'CLIENT' to dns domain 'mydomain.z'
No DNS domain configured for client. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER





On Tuesday, June 1, 2021, 05:34:50 PM GMT+4:30, Rowland penny via samba <samba at lists.samba.org> wrote: 





On 01/06/2021 13:11, Jason Long wrote:
> Hello,
> I changed "workgroup" to "MYDOMAIN" and I got below error:
>
> # net ads join -U administrator
> Enter administrator's password:
> Failed to join domain: failed to find DC for domain MYDOMAIN - The object was not found.
>
> Then, I changed "workgroup" to "MYDOMAIN.Z" and I got below error:
>
> # net ads join -U administrator
> Enter administrator's password:
> Failed to join domain: failed to find DC for domain MYDOMAIN.Z - {Operation Failed} The requested operation was unsuccessful.
>
>
> Why?


>From what you posted, your dns domain is 'mydomain.z' , so your realm 
must be 'MYDOMAIN.Z' , but the workgroup (also known as the Netbios 
Domain name) is usually the left hand part of the realm (it doesn't have 
to be, it can be anything), so in this case it could be 'MYDOMAIN'. Your 
workgroup depends on what you set when provisioning your AD domain and, 
from what you posted, it is 'MYDOMAIN', so provided you have these lines 
in smb.conf:

workgroup = MYDOMAIN
realm = MYDOMAIN.Z
security = ADS

The join should work, provided that your clients dns is set correctly 
and it sounds like yours may not be.

Your /etc/resolv.conf should look similar to this:

search mydomain.z
nameserver 192.168.0.10

Where '192.168.0.10' is the ipaddress of your AD DC

/etc/hostname should just contain the short hostname of the client

/etc/hosts uses different lines depending on the OS and whether you use 
dhcp or not

If using dhcp you may just need '127.0.0.1 localhost'

If you have, by default, '127.0.1.1' or '127.0.0.53' you will need the 
'127.0' IP followed by 'FQDN hostname' , for example:

127.0.0.53 client.domain.tld client

If you have a fixed IP, you will need a line similar to this:

192.168.0.153 client.domain.tld client

Where '192.168.0.153' is the clients ipaddress.

If unsure about any of this, just post your /etc/resolv.conf, 
/etc/hostname and /etc/hosts


Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list