Hi Takahashi and all those in the list,
>>Sometimes AD specific configuration is needed to krb5.conf.
What kind of "AD specific configuration" are you talking about.
Can you kindly elaborate?
It may be helpful for me.
>>Have you set DNS server to 10.25.66.71 and ABCDOM.PQR.COM to the
search or domain directive in your /etc/resolv.conf?
Can you resolve correct SRV record of the domain on your Samba server?
10.25.66.71 is not my DNS server.
In fact 10.25.66.71 is my WINS server.
I have therefore included it in smb.conf:
# /usr/local/samba/bin/testparm -sv | grep -i wins
Load smb config files from /usr/local/samba/lib/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[Linux]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
name resolve order = wins host lmhost bcast
max wins ttl = 518400
min wins ttl = 21600
wins proxy = No
* wins server = 10.25.66.71*
wins support = No
wins hook =
#
However, I cannot resolve ABCDOM.PQR.COM.
It should be taken care by WINS, right?
(However, I tried defining ABCDOM.PQR.COM in /etc/hosts file.
and also tried setting /etc/nsswitch.conf file with the entry of:
hosts: files dns
But, nslookup would always first try DNS and return.
Had resolved similar issues with above steps successful on unix machine ...
but I am now working on a RHEL machine and I have not yet found a successful
way to do this)
Any suggestions are welcome.
Regard,
Rick
On Tue, Apr 5, 2011 at 11:59 PM, Rick Gates <rick123.ga...@gmail.com> wrote:
> Hi all,
>
> I was on a bit extended weekend .. so got delayed in responding ...
>
> To answer some of the questions:
>
>
> >>Is the ADS domain in "NT4 compatibility" mode or "windows 2003 native"
> mode? I think that "NT4" machines can still join ADS domains even if the
> ADS domains are in 2000/2003 mode.
>
> I am not sure about this.
> How can I find this out?
> I still will have to do some googling on this front.
>
>
> >> Also check
> testparm -v | grep resolve
> think it is better to have hosts and wins first.
>
> I have now set the value of "name resolve order" to:
>
> # /usr/local/samba/bin/testparm -sv | grep -i resolve
>
> Load smb config files from /usr/local/samba/lib/smb.conf
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> Processing section "[homes]"
> Processing section "[printers]"
> Processing section "[Linux]"
> Loaded services file OK.
> Server role: ROLE_DOMAIN_MEMBER
> name resolve order = wins host lmhost bcast
> #
>
> I set it to WINS first because, my ADS server is a WINS server.
> But, the above modificatiosn did not work.
>
>
> >>Is the ADS server your DNS server? Is the samba server using the ADS
> server as the DNS server? DNS should include "resource records" to help
> locate an ADS DC. I don't think you can have lmhosts entry for an ADS
> server.
>
> My ADS server is a WINS server, not a DNS server.
>
>
> >>What does your krb5.conf look like? I suspect it's having trouble
> finding a kdc.
>
> My krb5.conf is as follows:
>
> # cat /etc/krb5.conf
> [libdefaults]
> default_realm = ABCDOM.PQR.COM
> default_tkt_enctypes = rc4-hmac
> default_tgs_enctypes = rc4-hmac
>
> [realms]
> ABCDOM.PQR.COM = {
> kdc = 10.25.66.71 :88
> admin_server = 10.25.66.71
> default_domain = abcdom.pqr.com
> }
>
> [domain_realm]
> .abcdom.pqr.com = ABCDOM.PQR.COM
>
> #
>
> Regards,
> Rick
>
>
>
> On Sat, Apr 2, 2011 at 3:22 AM, Andrew Masterson <
> andrew.master...@nuvistaenergy.com> wrote:
>
>>
>> > -----Original Message-----
>> > From: samba-boun...@lists.samba.org
>> [mailto:samba-boun...@lists.samba.org]
>> > On Behalf Of Rick Gates
>> > Sent: Friday, April 01, 2011 10:00 AM
>> > To: samba@lists.samba.org
>> > Subject: [Samba] Unable to join to Windows 2003 PDC using samba 3.5.8
>> from
>> > alinux machine!!
>> >
>> > Hi all,
>> >
>> > I am using samba 3.5.8 on a linux machine.
>> > I am not able to join the domain of a windows 2003 server in ADS mode.
>> >
>> > I am getting the following error message:
>> >
>> > # /usr/local/samba/bin/net ads join -U Administrator%password -I
>> 10.25.66.71
>> >
>> > Failed to join domain: failed to find DC for domain ABCDOM.PQR.COM
>> > #
>> >
>> > I am not sure what the issue here.
>> > It works absolutely fine when I try to join the domain in rpc mode.
>> >
>> > # /usr/local/samba/bin/net rpc join -U Administrator%password
>> > Joined domain ABCDOM.
>> > #
>> >
>> > The smb.conf used is:
>> >
>> > # /usr/local/samba/bin/testparm
>> > Load smb config files from /usr/local/samba/lib/smb.conf
>> > rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
>> (16384)
>> > Processing section "[homes]"
>> > Processing section "[printers]"
>> > Processing section "[Linux]"
>> > Loaded services file OK.
>> > Server role: ROLE_DOMAIN_MEMBER
>> > Press enter to see a dump of your service definitions
>> >
>> > [global]
>> > workgroup = ABCDOM
>> > realm = ABCDOM.PQR.COM
>> > server string = Samba Server - Research
>> > security = ADS
>> > password server = 10.25.66.71
>> > log level = 10
>> > log file = /var/log/samba/%m.log
>> > max log size = 50
>> > add user script = /usr/sbin/useradd %u
>> > delete user script = /usr/sbin/userdel %u
>> > add group script = /usr/sbin/groupadd %g
>> > delete group script = /usr/sbin/groupdel %g
>> > add user to group script = /usr/sbin/usermod -a -G %g %u
>> > delete user from group script = /usr/sbin/deluser %u %g
>> > add machine script = /usr/sbin/adduser -n -g machines -c
>> Machine -d
>> > /dev/null -s /bin/false %u
>> > domain master = No
>> > dns proxy = No
>> > wins server = 10.25.66.71
>> > idmap uid = 200-120000
>> > idmap gid = 200-120000
>> > admin users = root
>> > cups options = raw
>> >
>> > [homes]
>> > comment = Home Directories
>> > read only = No
>> > browseable = No
>> >
>> > [printers]
>> > comment = All Printers
>> > path = /usr/spool/samba
>> > printable = Yes
>> > browseable = No
>> >
>> > [Linux]
>> > comment = Share on this linux machine
>> > path = /tmp/linux
>> > read only = No
>> > #
>> >
>> > NOTE: 10.25.66.71 is the IP of my 2003 windows server.
>> >
>> > My lmhosts file is:
>> >
>> > # cat lmhosts.
>> > 10.25.66.71 ABC3
>> > 10.25.66.71 ABCDOM#1b
>> > 10.25.66.71 ABCDOM#1c
>> >
>> > #
>> >
>> > It would be great, if any one can tell me if there is anything wrong
>> here
>> > and probably help me sort out this issue.
>> > Thanks in advance!!
>>
>>
>> What does your krb5.conf look like? I suspect it's having trouble
>> finding a kdc.
>>
>> -=Andrew
>>
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
