[Samba] Unable to join domain
Rowland Penny
rpenny at samba.org
Mon Oct 11 18:19:03 UTC 2021
On Mon, 2021-10-11 at 13:52 -0400, Rob Campbell via samba wrote:
> fsdc02:
> /etc/hosts:
> 127.0.0.1 localhost
> ::1 localhost
> 10.0.0.10 fsdc02.dc01.test-server.lan fsdc02 DC02
Why is there 'DC02' at the end ? you should remove it.
>
> # systemctl start smbd nmbd winbind
> Failed to start smbd.service: Unit smbd.service is masked.
> Failed to start nmbd.service: Unit nmbd.service is masked.
> Failed to start winbind.service: Unit winbind.service is masked.
Unmask 'winbind', but you shouldn't start Samba until you have joined
the domain.
>
> # net ads join -U administrator
> Enter administrator's password:
> Using short domain name -- DC01
Is 'DC01' your netbios domain name (aka workgroup) ?
> Joined 'FSDC02' to dns domain 'dc01.test-server.lan'
It has joined the domain.
> DNS Update for fsdc02.dc01.test-server.lan failed:
> ERROR_DNS_UPDATE_FAILED
> DNS update failed: NT_STATUS_UNSUCCESSFUL
You have dns problems, fix /etc/hosts, check that /etc/hostname only
contains 'fsdc02'
>
> [Mon Oct 11 12:51:56] [root at fsdc02~$] netstat -tulpn | egrep
> 'samba|smb|nmb|winbind'
> [Mon Oct 11 12:51:58] [root at fsdc02~$]
>
> [Mon Oct 11 12:51:58] [root at fsdc02~$] host dc01.test-server.lan
> dc01.test-server.lan has address 10.0.0.13
> [Mon Oct 11 12:56:02] [root at fsdc02~$] host 10.0.0.13
> 13.0.0.10.in-addr.arpa domain name pointer dc01.test-server.lan.
>
> /etc/resolv.conf
> nameserver 10.0.0.13
> search dc01.test-server.lan
>
> On the first dc I used internal samba for DNS.
Properly set up, this would be okay.
> On the second dc, I pointed
> to the first for DNS. Do I need to run an additional DNS server?
If you are running a second DC, you are running an additional dns
server, every Samba DC runs the internal dns server. Also every Samba
DC should use its own ipaddress for its nameserver.
> I'm able
> to resolve internal and external hosts.
>
> I tried to mimic the wiki so SAMDOM = DC01 & DC1 = DC1 & EXAMPLE.COM
> =
> TEST-SERVER.LAN just so I can keep everything in order because I was
> getting confused with all my other attempts. I want my domain just
> to be
> test-server.lan and then DC01 would be the first and FSDC02 would be
> the
> second but just to get this working so that I understood, I tried to
> mimic
> the wiki.
That is NEVER going to work, every DC and domain member in the domain
must use the same dns domain name, in your case, this seems to be
'test-server.lan'. The realm would then be the dns domain in uppercase
'TEST-SERVER.LAN'.
>
> I wanted DC01 to be test-server.lan so host test-server.lan and host
> dc01.test-server.lan would resolve the same and fsdc02 would resolve
> to
> fsdc02.test-server.lan and dc02.test-server.lan.
I would get the domain working correctly before adding CNAME records
(which is what you seem to want to do), though there is little reason
to do this.
Rowland
More information about the samba
mailing list