[Samba] Unable to join domain
Rob Campbell
robcampbell08105 at gmail.com
Fri Oct 8 15:32:38 UTC 2021
Now, setting up my fedora server as a member to be the file server is the
same process or can I add it another way? Is the cockpit-ad-dc app usable
for this activity? Or do I need to do this on my Fedora server (FSDC02):
1. systemctl stop samba
2. systemctl stop smb
3. ps ax | egrep "samba|smbd|nmbd|winbindd"
4. kill anything that is running above
5. mv /etc/samba/smb.conf /etc/samba/smb.conf-202110081030
6. rm /etc/krb5.conf
7. for file in `locate *.ldb`;do rm -rf $file;done
8. for file in `locate *.tdb`;do rm -rf $file;done
9. samba-tool domain provision --server-role=dc --use-rfc2307
--dns-backend=SAMBA_INTERNAL --realm=TEST-SERVER.LAN --domain=DC02
--adminpass="Password"
10. Follow the rest of the steps in the wiki I've been using.
Just doing this won't connect the two right? I'll still need to join
FSDC02 to TEST-SERVER.LAN.
I guess I should use this.
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In all things, Be Intentional.
On Fri, Oct 8, 2021 at 3:18 AM Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Thu, 2021-10-07 at 21:35 -0400, Rob Campbell wrote:
> > I created a new vm and was able to get through the wiki
> > successfully. A few notes.
> >
> > samba-tool dns zonecreate <Your-AD-DNS-Server-IP-or-hostname>
> > 0.99.10.in-addr.arpa didn't work. I needed to do samba-tool dns
> > zonecreate <Your-AD-DNS-Server-IP-or-hostname> 0.99.10.in-addr.arpa
> > -U Administrator. I was logged into the server as root but it tries
> > to authenticate as the user you're logged in with.
>
> I will find and fix that.
>
> >
> > There is an issue using Fedora as the PDC but can I use it as a DC or
> > at least a file server? If so, is there a specific wiki for that?
> >
>
> No such thing as a PDC in AD, all AD DC's are equal, it is just that
> some of them can have FSMO roles. There are numerous issues with using
> MIT kerberos with a Samba AD DC, which is why it is marked
> experimental, but you can use the fedora packages for a Unix domain
> member or standalone server.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list