[Samba] Member server: Failed to join domain: failed to find DC for
Luis Peromarta
lperoma at icloud.com
Sun Jun 9 09:20:46 UTC 2024
Agree.
But I don’t think it is. See:
root at member:/# cat /etc/hostname
member
root at member:/# cat /etc/hosts
127.0.0.1 localhost
192.168.3.1 member.mad.mater.int member
root at member:/# cat /etc/resolv.conf
search mad.mater.int
nameserver 192.168.0.12 -> DC1
nameserver 192.168.0.13 -> DC2
nameserver 192.168.0.14 -> DC3
nameserver 192.168.0.62 -> DC4
root at member:/# cat /etc/krb5.conf
[libdefaults]
default_realm = MAD.MATER.INT
dns_lookup_realm = false
dns_lookup_kdc = true
root at member:/# cat /etc/samba/smb.conf
# Global parameters
[global]
security = ADS
workgroup = MAD
realm = MAD.MATER.INT
netbios name = MEMBER
server role = member server
log file = /var/log/samba/%m.log
# Disable Netbios
disable netbios = yes
# Enforce minimum protolo SMB3
# server min protocol = SMB3
# To enable Group Policy application in winbind,
apply group policies = yes
# Default ID mapping configuration for local BUILTIN accounts
idmap config * : backend = tdb
idmap config * : range = 3000-7999
# idmap config for the MAD domain
idmap config MAD : backend = ad
idmap config MAD : schema_mode = rfc2307
idmap config MAD : range = 10000-999999
idmap config MAD : unix_nss_info = yes
# Read AD unix attributes to allow ssh login to server:
# winbind nss info = rfc2307
# winbind config:
winbind use default domain = yes
# renew the kerberos ticket
winbind refresh tickets = yes
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
# Map Administrator to root
# username map = /etc/samba/user.map
# min domain uid = 0
# To configure shares using extended access control lists (ACL)
vfs objects = acl_xattr
# map acl inherit = yes
acl_xattr:ignore system acls = yes
[test]
hide unreadable = Yes
path = /test
read only = No
root at member:/# host -t SRV _ldap._tcp.mad.mater.int
_ldap._tcp.mad.mater.int has SRV record 0 100 389 bwing.mad.mater.int.
_ldap._tcp.mad.mater.int has SRV record 0 100 389 awing.mad.mater.int.
_ldap._tcp.mad.mater.int has SRV record 0 100 389 dwing.mad.mater.int.
_ldap._tcp.mad.mater.int has SRV record 0 100 389 cwing.mad.mater.int.
root at member:/# host -t SRV _ldap._tcp.mad.mater.int
_ldap._tcp.mad.mater.int has SRV record 0 100 389 bwing.mad.mater.int.
_ldap._tcp.mad.mater.int has SRV record 0 100 389 awing.mad.mater.int.
_ldap._tcp.mad.mater.int has SRV record 0 100 389 dwing.mad.mater.int.
_ldap._tcp.mad.mater.int has SRV record 0 100 389 cwing.mad.mater.int.
root at member:/# host -t SRV _kerberos._udp.mad.mater.int
_kerberos._udp.mad.mater.int has SRV record 0 100 88 bwing.mad.mater.int.
_kerberos._udp.mad.mater.int has SRV record 0 100 88 awing.mad.mater.int.
_kerberos._udp.mad.mater.int has SRV record 0 100 88 dwing.mad.mater.int.
_kerberos._udp.mad.mater.int has SRV record 0 100 88 cwing.mad.mater.int.
Tried again:
root at member:/# net ads leave domain -Uadministrator
Password for [MAD\administrator]:
Deleted account for 'MEMBER' in realm 'MAD.MATER.INT'
root at member:/# net ads join domain -Uadministrator
Password for [MAD\administrator]:
Failed to join domain: failed to find DC for domain domain - A domain controller for this domain was not found.
root at member:/# samba-tool domain join MEMBER -Uadministrator
WARNING: Using passwords on command line is insecure. Installing the setproctitle python module will hide these from shortly after program start.
Password for [MAD\administrator]:
ERROR(runtime): uncaught exception - (2453, 'failed to find DC for domain MAD - The request is not supported.')
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 285, in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/samba/netcmd/domain/join.py", line 121, in run
(sid, domain_name) = s3_net.join_member(netbios_name,
root at member:/# samba-tool domain join mad.mater.int MEMBER -Uadministrator
WARNING: Using passwords on command line is insecure. Installing the setproctitle python module will hide these from shortly after program start.
Password for [MAD\administrator]:
DNS Update for member.mad.mater.int failed: ERROR_DNS_UPDATE_FAILED
DNS update failed: NT_STATUS_UNSUCCESSFUL
Joined domain mad.mater.int (S-1-5-21-2152908145-95474353-1514027631)
I am a bit lost to be honest.
LP
On Jun 9, 2024 at 09:13 +0100, samba at lists.samba.org <samba at lists.samba.org>, wrote:
>
> This all sounds dns related, can you post the contents of these files:
>
> /etc/hostname
> /etc/hosts
> /etc/resolv.conf
> /etc/krb5.conf
>
> What OS is this ?
>
> Rowland
More information about the samba
mailing list