[Samba] Unable to join domain

Rowland Penny rpenny at samba.org
Tue Oct 12 08:50:48 UTC 2021 

On Mon, 2021-10-11 at 18:01 -0400, Rob Campbell wrote:
> Maybe I'm confused about the word server.  What constitutes a server
> that makes it impossible for it to join a domain? 

The word 'server' is very broad reaching, but when you combine it with
the word 'standalone', you get a 'standalone server' and this type of
Samba server contains its own user & group database and requires Samba
users and the same users in /etc/passwd. A standalone server is akin to
Windows Home edition and cannot join a domain.

>  fsdc01 was just a samba file server but if I remove the samba
> configuration, can't I then join it to the domain (after following
> the wiki steps of adding a member)?

You should be able to join any Unix computer to an AD domain, provided
it is configured correctly.
 
> 
> What is throwing me off is that it seems to require a subdomain or at
> least, that is how the wiki configuration is designed.  This has to
> be done with a subdomain?  I can't skip the subdomain the subdomain? 

If you have a registered domain, then you can use that, but best
practise is to a subdomain of your registered domain (This isn't just a
Samba best practice, it is also a Microsoft best practice).

> For better clarity I could start over and have my subdomain as
> internal if I need one so it would be internal.test-server.lan and
> then have all the hostnames but I was hoping to have root domain and
> hostnames only and I can see now that due to my naming schema, I
> confused everyone.

You can use just the domain if you wish, but best practice is to use a
subdomain.

>   My bad.

No, just lack of knowledge and we are all guilty of that from time to
time.

>   I did choose dc01 because I figured everything would attach to it
> unless I built a dc02 which I thought about doing further down the
> line just for understanding how things work.

It is another best practice to run multiple AD DC's

> 
> I'll start over with my Debian vm being DC01.INTERNAL.TEST-SERVER.LAN 
> (hostname dc01 and then my Fedora file server can be
> FS01.INTERNAL.TEST-SERVER.LAN.

That sounds a better idea.

Rowland

More information about the samba mailing list