[Samba] Samba AD DC DNS issue after upgrade

Thaddeus Waldner thadwald at hotmail.com
Mon Aug 19 12:58:42 UTC 2024


Hi,

I upgraded my DC and file server from ubuntu 22.04 to 24.04 and then also upgraded Samba from 4.14 to 4.21.

Now the only user that can log in is Administrator.

Adding the min protocol = NT1 lines enables users to log in but file server logins fail with "incorrect password" message

Systemctl status samba-ad-dc shows the following line


/usr/sbin/samba_dnsupdate: ERROR(runtime): Record already exists; record could not be added. zone[nds.newdaleschool.com] name[_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones] [WERR_DNS_ERROR_RECORD_ALREADY_EXISTS] - (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')

kinit fails with the following error: (anonymized)


kinit: Cannot find KDC for realm “SAMDOM.EXAMPLE.COM" while getting initial credentials



smb.conf: (anynymized)


# Global parameters

[global]

dns forwarder = 8.8.8.8

# netbios name = DC1

realm = SAMDOM.EXAMPLE.COM

server role = active directory domain controller

workgroup = SAMDOM

idmap_ldb:use rfc2307 = yes


template shell = /bin/bash

template homedir = /home/%U

log level = 3

log file = /var/log/samba/%m.log


bind interfaces only = yes

interfaces = lo ens160


# client min protocol = NT1

# server min protocol = NT1

# ntlm auth = yes

# lanman auth = yes


[sysvol]

path = /var/lib/samba/sysvol

read only = No


[netlogon]

path = /var/lib/samba/sysvol/samdom.example.com/scripts

read only = No



More information about the samba mailing list