[Samba] What is wrong in my Samba setup?

Jason Long hack3rcon at yahoo.com
Sat May 1 09:17:31 UTC 2021 

Thank you so much.
I couldn't use "--realm=JASON.COM" because the "Jason.com" domain is reserved by someone and it cause conflict. Am I right?
If I'm not the owner of "Jason.com", but I want my local domain name to be "JASON.COM", then I must use a prefix name like "HOME.JASON.COM". Am I right?






On Thursday, April 29, 2021, 07:00:09 PM GMT+4:30, L.P.H. van Belle via samba <samba at lists.samba.org> wrote: 





Bit same as Rowland said, how i see it. 

IF your domain is internet registered and you have your own public IP on it. 
samba-tool domain provision --server-role=dc --use-rfc2307 
--dns-backend=SAMBA_INTERNAL --realm=JASON.COM --domain=JASON 
--adminpass=mypassword
Then thats fine. (note my small change in there. 

If its running internally in private IP range. 
samba-tool domain provision --server-role=dc --use-rfc2307 
--dns-backend=SAMBA_INTERNAL --realm=HOME.JASON.COM --domain=JASON 
--adminpass=mypassword


I advice you to read this one BEFORE you set it all up. 

https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/naming-conventions-for-computer-domain-site-ou 



Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Jason Long via samba
> Verzonden: donderdag 29 april 2021 15:43
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] What is wrong in my Samba setup?
> 
> If I want to have a domain with the name "Jason.com", then is 
> below command OK?
> 
> # samba-tool domain provision --server-role=dc --use-rfc2307 
> --dns-backend=SAMBA_INTERNAL --realm=JASON.COM --domain=jason 
> --adminpass=mypassword
> 
> 
> 
> 
> 
> On Thursday, April 29, 2021, 05:57:21 PM GMT+4:30, Jason Long 
> via samba <samba at lists.samba.org> wrote: 
> 
> 
> 
> 
> 
> Thank you.
> Problem solved:
> 
> # host -t SRV _ldap._tcp.mydomain.z
> _ldap._tcp.mydomain.z has SRV record 0 100 389 mydc.mydomain.z.
> # host -t A mydc.mydomain.z
> mydc.mydomain.z has address 192.168.56.7
> 
> 
> 
> In the below lines, the realm must have suffix, but Domain must not?
> 
> Realm [MYDOMAIN.Z]:  MYDOMAIN.Z
> Domain [MYDOMAIN]:  MYDOMAIN
> 
> 
> 
> 
> On Thursday, April 29, 2021, 05:49:17 PM GMT+4:30, Rowland 
> penny via samba <samba at lists.samba.org> wrote: 
> 
> 
> 
> 
> 
> On 29/04/2021 14:14, L.P.H. van Belle via samba wrote:
>> >
> >> -----Oorspronkelijk bericht-----
> >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> >> Jason Long via samba
> >> Verzonden: donderdag 29 april 2021 14:13
> >> Aan: samba at lists.samba.org
> >> Onderwerp: [Samba] What is wrong in my Samba setup?
> >>
> > .......  Remove a part, but from here..
> >
> >> The contents of the "/etc/krb5.conf" file is:
> >>
> >> [libdefaults]
> >>      default_realm = MYDOMAIN.Z
> >>      dns_lookup_realm = false
> >>      dns_lookup_kdc = true
> >>
> >>
> > Remove from here untill..
> >> [realms]
> >> MYDOMAIN.Z = {
> >>      default_domain = mydomain.z
> >> }
> >>
> >>
> >> [domain_realm]
> >>      mydc = MYDOMAIN.Z
> >>
> > ..You are HERE
> >
> >> The Samba service is running without any error.
> >>
> >> I have some questions:
> >>
> >> 1- What is realm?
> > A Kerberos realm is the domain over which a Kerberos 
> authentication server
> > has the authority to authenticate a user, host or service.
> > A realm name is often, but not always the upper case version
> > of the name of the DNS domain over which it presides.
> >
> >> 2- When I want to verifying DNS, I got below error:
> > Yes,
> >> # host -t SRV _ldap._tcp.mydomain.mydomain.z.
> >> Host _ldap._tcp.mydomain.mydomain.z. not found: 3(NXDOMAIN)
> >>
> >> # host -t SRV _kerberos._tcp.mydomain.mydomain.z.
> >> Host _kerberos._tcp.mydomain.mydomain.z. not found: 3(NXDOMAIN)
> >>
> >> # host -t A mydc._tcp.mydomain.mydomain.z.
> >> Host mydc._tcp.mydomain.mydomain.z. not found: 3(NXDOMAIN)
> >>
> >>
> >> Which part of my configuration is wrong?
> > /etc/resolv.conf
> > search mydomain.mydomain.z
> > nameserver 192.168.56.7
> 
> 
> His realm is 'MYDOMAIN.Z' so his search domain should be 
> 'search mydomain.z'
> 
> Rowland
> 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list