[Samba] Fresh ad installation - Win2022 can't join
lists at zxt10d.de
lists at zxt10d.de
Thu Jan 4 07:16:44 UTC 2024
Good morning, and a Happy New Year 🙂
I'd like to setup a test-enviroment, based on Debian Bookworm and mjt's
4.19.3 packages.
samba is running as a Hyper-V vm, its ip is 192.168.178.37, its name is
dc.augusta.domain.tld
My idea is to use this dc for two networks (192.168.178.0/24 and
192.168.180.0/24) and for testing one Windows 2022 server
(192.168.178.34/24).
I used these two guides:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
https://wiki.samba.org/index.php/DNS_Administration
Plus I added an computer-account by using "samba-tool computer add %name%"
So far, so good ... ?
When trying to add the Windows 2022 server to the domain I get this
error message (in german):
Beim Abfragen von DNS über den Ressourceneintrag der
Dienstidentifizierung (SRV), der zur Suche eines Active
Directory-Domänencontrollers (AD DC) für die Domäne "augusta.domain.tld"
verwendet wird, ist ein Fehler aufgetreten.
Fehler: "Bei der DNS-Abfrage wurden keine Einträge gefunden."
(Fehlercode 0x0000251D DNS_INFO_NO_RECORDS)
Es handelt sich um die Abfrage des Dienstidentifizierungseintrags für
_ldap._tcp.dc._msdcs.augusta.domain.tld.
So: what did I wrong, or what is missing?
Thanks in advance!
Torsten
Dig on the Windows machine:
dig dc.augusta.domain.tld
; <<>> DiG 9.10 <<>> dc.augusta.domain.tld
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21685
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;dc.augusta.domain.tld. IN A
;; ANSWER SECTION:
dc.augusta.domain.tld. 900 IN A 192.168.178.37
;; AUTHORITY SECTION:
augusta.domain.tld. 3600 IN SOA dc.augusta.domain.tld.
hostmaster.augusta.domain.tld. 1 900 600 86400 3600
;; Query time: 0 msec
;; SERVER: 192.168.178.37#53(192.168.178.37)
;; WHEN: Thu Jan 04 07:32:04 Mitteleuropõische Zeit 2024
;; MSG SIZE rcvd: 108
samba-tool on the dc:
root at dc:/home/torsten# samba-tool dns zonelist dc.augusta.domain.tld
Password for [administrator at AUGUSTA.domain.tld]:
7 zone(s) found
pszZoneName : 178.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pszZoneName : 0.99.10.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pszZoneName : 180.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pszZoneName : 168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pszZoneName : 192.168.178.37.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pszZoneName : augusta.domain.tld
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pszZoneName : _msdcs.augusta.domain.tld
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.augusta.domain.tld
root at dc:/home/torsten# samba-tool dns zoneinfo dc.augusta.domain.tld
_msdcs.augusta.domain.tld
Password for [administrator at AUGUSTA.domain.tld]:
pszZoneName : _msdcs.augusta.domain.tld
dwZoneType : DNS_ZONE_TYPE_PRIMARY
fReverse : FALSE
fAllowUpdate : DNS_ZONE_UPDATE_SECURE
fPaused : FALSE
fShutdown : FALSE
fAutoCreated : FALSE
fUseDatabase : TRUE
pszDataFile : None
aipMasters : []
fSecureSecondaries : DNS_ZONE_SECSECURE_NO_XFER
fNotifyLevel : DNS_ZONE_NOTIFY_LIST_ONLY
aipSecondaries : []
aipNotify : []
fUseWins : FALSE
fUseNbstat : FALSE
fAging : FALSE
dwNoRefreshInterval : 72
dwRefreshInterval : 72
dwAvailForScavengeTime : 0
aipScavengeServers : []
dwRpcStructureVersion : 0x2
dwForwarderTimeout : 0
fForwarderSlave : 0
aipLocalMasters : []
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.augusta.domain.tld
pwszZoneDn :
DC=_msdcs.augusta.domain.tld,CN=MicrosoftDNS,DC=ForestDnsZones,DC=augusta,DC=domain,DC=tld
dwLastSuccessfulSoaCheck : 0
dwLastSuccessfulXfr : 0
fQueuedForBackgroundLoad : FALSE
fBackgroundLoadInProgress : FALSE
fReadOnlyZone : FALSE
dwLastXfrAttempt : 0
dwLastXfrResult : 0
root at dc:/home/torsten# samba-tool dns serverinfo dc.augusta.domain.tld
Password for [administrator at AUGUSTA.domain.tld]:
dwVersion : 0xece0205
fBootMethod : DNS_BOOT_METHOD_DIRECTORY
fAdminConfigured : FALSE
fAllowUpdate : TRUE
fDsAvailable : TRUE
pszServerName : DC.augusta.domain.tld
pszDsContainer :
CN=MicrosoftDNS,DC=DomainDnsZones,DC=augusta,DC=domain,DC=tld
aipServerAddrs :
['2003:d1:bf47:a200:215:5dff:feb2:1901', '192.168.178.37']
aipListenAddrs :
['2003:d1:bf47:a200:215:5dff:feb2:1901', '192.168.178.37']
aipForwarders : []
dwLogLevel : 0
dwDebugLevel : 0
dwForwardTimeout : 3
dwRpcPrototol : 0x5
dwNameCheckFlag : DNS_ALLOW_MULTIBYTE_NAMES
cAddressAnswerLimit : 0
dwRecursionRetry : 3
dwRecursionTimeout : 8
dwMaxCacheTtl : 86400
dwDsPollingInterval : 180
dwScavengingInterval : 168
dwDefaultRefreshInterval : 72
dwDefaultNoRefreshInterval : 72
fAutoReverseZones : FALSE
fAutoCacheUpdate : FALSE
fRecurseAfterForwarding : FALSE
fForwardDelegations : TRUE
fNoRecursion : FALSE
fSecureResponses : FALSE
fRoundRobin : TRUE
fLocalNetPriority : FALSE
fBindSecondaries : FALSE
fWriteAuthorityNs : FALSE
fStrictFileParsing : FALSE
fLooseWildcarding : FALSE
fDefaultAgingState : FALSE
dwRpcStructureVersion : 0x2
aipLogFilter : []
pwszLogFilePath : None
pszDomainName : augusta.domain.tld
pszForestName : augusta.domain.tld
pszDomainDirectoryPartition :
DC=DomainDnsZones,DC=augusta,DC=domain,DC=tld
pszForestDirectoryPartition :
DC=ForestDnsZones,DC=augusta,DC=domain,DC=tld
dwLocalNetPriorityNetMask : 0xff
dwLastScavengeTime : 0
dwEventLogLevel : 4
dwLogFileMaxSize : 0
dwDsForestVersion : 4
dwDsDomainVersion : 4
dwDsDsaVersion : 4
fReadOnlyDC : FALSE
root at dc:/home/torsten# samba-tool dns zoneinfo dc.augusta.domain.tld
178.168.192.in-addr.arpa
Password for [administrator at AUGUSTA.domain.tld]:
pszZoneName : 178.168.192.in-addr.arpa
dwZoneType : DNS_ZONE_TYPE_PRIMARY
fReverse : TRUE
fAllowUpdate : DNS_ZONE_UPDATE_SECURE
fPaused : FALSE
fShutdown : FALSE
fAutoCreated : FALSE
fUseDatabase : TRUE
pszDataFile : None
aipMasters : []
fSecureSecondaries : DNS_ZONE_SECSECURE_NO_XFER
fNotifyLevel : DNS_ZONE_NOTIFY_LIST_ONLY
aipSecondaries : []
aipNotify : []
fUseWins : FALSE
fUseNbstat : FALSE
fAging : FALSE
dwNoRefreshInterval : 168
dwRefreshInterval : 168
dwAvailForScavengeTime : 0
aipScavengeServers : []
dwRpcStructureVersion : 0x2
dwForwarderTimeout : 0
fForwarderSlave : 0
aipLocalMasters : []
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.augusta.domain.tld
pwszZoneDn :
DC=178.168.192.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=augusta,DC=domain,DC=tld
dwLastSuccessfulSoaCheck : 0
dwLastSuccessfulXfr : 0
fQueuedForBackgroundLoad : FALSE
fBackgroundLoadInProgress : FALSE
fReadOnlyZone : FALSE
dwLastXfrAttempt : 0
dwLastXfrResult : 0
More information about the samba
mailing list