[Samba] File server joined to a samba domain accessed by windows 10-11 clients, works via ip no via dns name

Tue Dec 6 22:09:08 UTC 2022

Interesting...

I left the domain and did not delete the user account and I go this

The domain name "NET" might be a NetBIOS domain name.  If this is the case,
verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the
following information can help you troubleshoot your DNS configuration.

An error occurred when DNS was queried for the service location (SRV)
resource record used to locate an Active Directory Domain Controller (AD
DC) for domain "NET".

The error was: "No records found for given DNS query."
(error code 0x0000251D DNS_INFO_NO_RECORDS)

The query was for the SRV record for _ldap._tcp.dc._msdcs.NET

I went into dns and this record _ldap._tcp.dc._msdcs.NET.domain-name.com
does exist
Additionally I checked the dns records on the workstation are pointed at
the dc's and internet is working.

I am going try and join another workstation in our lab.

Travis Wenks
Rose City Solutions
travis at rosecitysolutions.com
503-821-7000

On Tue, Dec 6, 2022 at 1:25 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:

>
>
> On 06/12/2022 20:58, Travis Wenks via samba wrote:
> > Hi all,
> > First, thank you for such an amazing project!
> >
> > Second an apology for an extremely long post, I tried to add all the
> info I
> > could think of so this is a quick fix!
> >
> > I support multiple client sites that we built samba dc’s from source.
> >
> > I wrote a quick script to update our client dc’s. As it has no sanity
> > checks or safety’s to not destroy data I will not post a functional copy
> of
> > it here. If anyone would like it I would be glad to email it to anyone
> who
> > wants it.
> >
> > Here is the issue, we started updating 5 sites and once those were done
> we
> > started getting reports of network drives failing.
> >
> > If a user is in a group and that group defines the permissions to access
> a
> > share they cannot access it. If the ip address is used it works fine.
> >
> > So if a user is a member of a group this is the behavior,
> >
> > \\file-server.domain\share
> > Fails
> > \\file-server\share
> > Fails also, but
> > \\ip-of-file-server\share
> > works fine
> >
>
> Sounds like kerberos is failing, but NTLM is working. Try getting the
> windows machine to leave the domain and rejoin, this will rewrite the
> machines kerberos ticket.
>
> Have you considered using Debian ? Bullseye now comes with Samba 4.17.3
> from backports, this will save you having to build it yourself.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>