[Samba] DNS Help Request

Rowland Penny rpenny at samba.org
Fri Sep 9 19:33:03 UTC 2022


On Fri, 2022-09-09 at 15:16 -0400, Rob Campbell wrote:
> DC02 is not a DC.  Initially I was going to make it a DC but I
> changed my
> mind.
> 
> cat /etc/samba/smb.conf
> cat /etc/samba/smb.conf
> [global]
> security = ADS
> workgroup = HOME
> realm = HOME.ROB-CAMPBELL.LAN
> 
> log file = /var/log/samba/%m.log
> log level = 1
> idmap config * : backend = autorid
> idmap config * : range = 10000-9999999
> idmap config * : rangesize = 200000
> 
> username map = /etc/samba/user.map
> 
> template shell = /bin/bash
> template homedir = /home/%U
> 
> There is a log being created /var/log/samba/%m.log:
> 
> [2022/09/09 15:14:39.261894,  0]
> ../../source4/smbd/server.c:644(binary_smbd_main)
>   samba version 4.13.13-Debian started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2020
> [2022/09/09 15:14:39.306210,  0]
> ../../source4/smbd/server.c:874(binary_smbd_main)
>   At this time the 'samba' binary should only be used for either:
>   'server role = active directory domain controller' or to access the
> ntvfs
> file server with 'server services = +smb' or the rpc proxy with
> 'dcerpc
> endpoint servers = remote'

You appear to be trying to start the 'samba' binary. you should join
the domain with 'net ads join -Uadministrator' or 'samba-tool domain
join <your_dnsdomain> MEMBER -Uadministrator', then once joined, start
smbd and winbind, you can aso optional start nmbd.

>   You should start smbd/nmbd/winbindd instead for domain member and
> standalone file server tasks
> [2022/09/09 15:14:39.306319,  0]
> ../../lib/util/become_daemon.c:121(exit_daemon)
>   exit_daemon: daemon failed to start: Samba detected misconfigured
> 'server
> role' and exited. Check logs for details, error code 22
> 
> I haven't tried to join because DNS doesn't seem to be working and
> verifying dns is towards the beginning of the wiki.
> 
> nslookup DC01.home.server-name.lan
> ;; connection timed out; no servers could be reached

Well it wouldn't, you should be using 'nslookup dc01.home.rob-
campbell.lan' provided your dns domain is 'home.rob-campbell.lan',
which it should be because your realm is 'HOME.ROB-CAMPBELL.LAN'.
> 
> nslookup 10.0.0.10
> ;; connection timed out; no servers could be reached

Have you set up a reverse zone in AD ?

Rowland





More information about the samba mailing list