[Samba] Domain join not happening on Debian/Ubuntu machines
Michael Evans
michael.evans at nor-consult.com
Thu Apr 28 18:58:03 UTC 2022
> -----Original Message-----
> From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of
> Rowland Penny via samba
> Sent: Thursday, April 28, 2022 10:55 AM
> To: samba at lists.samba.org
> Cc: Rowland Penny
> Subject: Re: [Samba] Domain join not happening on Debian/Ubuntu machines
>
> There are three things in play here, the Netbios domain, the REALM and
> the DNS domain. The DNS domain is what is after the computers short
> hostname, in your case it sounds like it is 'ap.media.global.loc', the
> REALM is the DNS domain in uppercase 'AP.MEDIA.GLOBAL.LOC'. The
> Netbios
> domain is usually the left hand part of the REALM, but it can be
> anything, but it must be unique.
>
It's currently really easy to miss this in the documentation...
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
There's only a small note near the top
"All AD Domain members must be in the same DNS domain and the Realm must be
the DNS domain in uppercase."
It would be more clear and more concise to have a good example configuration
file and quick comments.
E.G.
[global]
security = ADS
# REALM is DNS domain in ALL UPPER CASE
realm = SAMDOM.EXAMPLE.COM
# workgroup is often, but not always, the left most common name from
REALM
workgroup = SAMDOM
# CIFS / Windows expect to UPPERCASE all DNS names (???)
I'm not sure on the latter, but it seems to be what happens? It might be
reasonable enough to expect lowercase DNS entries / even case insensitive
after so many years of URLs being predominantly lowercase. Thus it would be
nice if the documentation mentioned such things.
More information about the samba
mailing list