[Samba] Problem after join Windows Serwer 2022 DC to Samba AD
Programnet
tomeks at programnet.eu
Fri Dec 20 13:02:05 UTC 2024
Thanks for you replay.
W dniu 20.12.2024 o 13:27, Rowland Penny via samba pisze:
> On Fri, 20 Dec 2024 12:18:45 +0100
> Programnet via samba<samba at lists.samba.org> wrote:
>
>> I am testing the addition of a Windows Server 2022 DC to an AD based
>> on a Samba DC according to
>> https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_add_windows_active_directory.html#samba-add-windows-active-directory
> What version of Samba are you using and on what OS ?
4.21.2
> Have you raised the functional level to 2016 ?
My level: 2016
>> . It seems to be added to the domain correctly. When I check with the
>> command: nslookup -type=SRV _ldap._tcp.wenus.local, it shows all DCs,
> Please do not use '.local' as a TLD, not even in sanitisation, it is
> confusing because '.local' is reserved for mdns.
I am aware of the .local domain. However, my implementation is over 15
years old, and back then, some guides recommended it. Changing it now is
very difficult.
>
>> including the new one. However, when I query using the command:
>> Get-ADDomainController -Filter * | Select-Object Name, HostName, I
>> don’t see the new controller.
> What does 'samba-tool computer show $DC_HOSTNAME
> --attributes=name,dNSHostName' display ?
# samba-tool computer show DC2022 --attributes=name,dNSHostName
dn: CN=DC2022,OU=Domain Controllers,DC=wenus,DC=local
name: DC2022
dNSHostName: dc2022.wenus.local
>
>> I also noticed that the SPN DNS/dc2022.wenus.local for the new DC
>> hasn’t been created.
> I wouldn't worry about that. none of my DCs have that SPN
But you have acount eq dns-dc1 with SPN dns. I have this user account
for DC Samba
# Get-ADUser -Filter {ServicePrincipalName -ne "$null"} -Property
ServicePrincipalName | Select Name, ServicePrincipalName
Name ServicePrincipalName
krbtgt {kadmin/changepw}
dns-DC1 {DNS/dc1.wenus.local}
dns-DC2 {DNS/dc2.wenus.local}
>
> Rowland
>
>
>
More information about the samba
mailing list