[Samba] Error when joining new DC

Peter Mittermayer samba.lists at outlook.com
Tue Dec 17 08:04:27 UTC 2024


If not using sssd, how do you join the clients to the domain? We are not using GPO, only user authentication and DNS.

Due to security restrictions we are not able to install Samba packages on all the clients. Sssd is the simplest solution, and the only one recommended and officially supported by RedHat.

Br


________________________________
From: samba <samba-bounces at lists.samba.org> on behalf of Rowland Penny via samba <samba at lists.samba.org>
Sent: Tuesday, December 17, 2024 8:43:52 AM
To: samba at lists.samba.org <samba at lists.samba.org>
Cc: Rowland Penny <rpenny at samba.org>
Subject: Re: [Samba] Error when joining new DC

On Tue, 17 Dec 2024 05:54:55 +0000
Peter Mittermayer via samba <samba at lists.samba.org> wrote:

> AFAIK sssd on RHEL is by default doing dyndny updates and it needs to
> be disabled in the config. Same for a Windows.

That is easy to fix, there is no reason to use sssd with Samba, it is
pointless, so, on redhat:
systemctl stop sssd
systemctl disable sssd

>
> Instead of client configuration which can be changed by any sysadmin
> I prefer to deny DNS updates centrally, where I have control.

As I said, Linux doesn't do them and you can use a GPO to stop any
Windows clients doing them, but you really should have the 'tkey' line
active in your named.conf.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba


More information about the samba mailing list