[Samba] Unable to join domain

Rowland Penny rpenny at samba.org
Tue Oct 5 20:55:38 UTC 2021 

On Tue, 2021-10-05 at 16:10 -0400, Rob Campbell wrote:
> I added to the existing smb.conf that was created from running the
> provisioning.  So if that is not the proper file (minus the shares),
> I don't know what is. 
Try reading this:
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member

and this:
https://wiki.samba.org/index.php/Idmap_config_rid

>  Here were my steps to prepare for this configuration:
> 
>  1. systemctl stop named
>  2. systemctl stop dnsmasq

You can use named or dnsmasq on Unix domain member, provided named or
dnsmasq forwards your AD domain requests to the DC. You cannot use
both.

>  3. systemctl stop smb
>  4. systemctl stop samba
>  5. rm -rf /etc/samba/smb.conf
>  6. rm -rf /etc/krb5.conf
>  7. for file in `locate *.tdb`;do rm -rf $file;done
>  8. for file in `locate *.ldb`;do rm -rf $file;done
>  9. netstat -tulpn (to see if any of the ports I'll be needing is
> already in use.  If so, I would stop the service or completely remove
> it.)
> 10. systemctl stop systemd-resolved
> 
> Then I went through the wiki. 

It depends on how you want to run Samba, as a DC with a separate
fileserver (Unix domain member) or as a DC/filserver.

>  I didn't add my shares to smb.conf until I was able to complete all
> the steps in the wiki.  After I was able to complete the steps
> successfully, I added my shares, restarted samba and tested that I
> was able to access the shares.  I then set up rules to map the shares
> on my workstations to see if that worked and it worked.
> 
> To my knowledge, the only things I can't do is authenticate from
> another host (kinit anyuser).  There is probably more that isn't
> right but I haven't tried anything else yet.  I am able to see
> everything from cockpit too and I've tried setting everything up from
> there in the beginning and that was a major fail.
> 
> If I can figure out how to install Ubuntu or some other distro on a
> vm hosted on a headless server, I can try again.  I think that
> mention about Redhat/Fedora should be mentioned in the wiki.  Is that
> something that will be resolved in the near future?  

I wouldn't hold my breath waiting, it has been a problem for a long
time and whilst work does get done, it is slow going.

> Is there a workaround in the near future where some extra steps are
> needed to make it work? 

It does work already, I am typing this on a Debian 10 Unix domain
member running Samba 4.14.7

Rowland

More information about the samba mailing list