For windows ads to work you need a correct DNS-Server on your W2003 to work.
And your samba as dns client should be able
to resolve your windows ads correctly. With windows ads you can forget wins.
Wins is the best solution for a old domain without ads.

EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
-----Ursprüngliche Nachricht-----
Von: [] Im
Auftrag von Rick Gates
Gesendet: Dienstag, 5. April 2011 21:03
An: Andrew Masterson;;;
Betreff: Re: [Samba] Unable to join to Windows 2003 PDC using samba 3.5.8
from alinux machine!!

Hi Takahashi and all those in the list,

>>Sometimes AD specific configuration is needed to krb5.conf.

What kind of "AD specific configuration" are you talking about.
Can you kindly elaborate?
It may be helpful for me.

>>Have you set DNS server to and ABCDOM.PQR.COM to the
search or domain directive in your /etc/resolv.conf?
Can you resolve correct SRV record of the domain on your Samba server?  is not my DNS server.
In fact  is my WINS server.
I have therefore included it in smb.conf:

# /usr/local/samba/bin/testparm -sv | grep -i wins
Load smb config files from /usr/local/samba/lib/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[Linux]"
Loaded services file OK.
        name resolve order = wins host lmhost bcast
        max wins ttl = 518400
        min wins ttl = 21600
        wins proxy = No
*        wins server =*
        wins support = No
        wins hook =

However, I cannot resolve ABCDOM.PQR.COM.
It should be taken care by WINS, right?

(However, I tried defining ABCDOM.PQR.COM in /etc/hosts file.
and also tried setting /etc/nsswitch.conf file with the entry of:
hosts: files dns
But, nslookup would always first try DNS and return.
Had resolved similar issues with above steps successful on unix machine ...
but I am now working on a RHEL machine and I have not yet found a successful
way to do this)

Any suggestions are welcome.


On Tue, Apr 5, 2011 at 11:59 PM, Rick Gates <> wrote:

> Hi all,
> I was on a bit extended weekend .. so got delayed in responding ...
> To answer some of the questions:
> >>Is the ADS domain in "NT4 compatibility" mode or "windows 2003 native"
> mode?    I think that "NT4" machines can still join ADS domains even if
> ADS domains are in 2000/2003 mode.
> I am not sure about this.
> How can I find this out?
> I still will have to do some googling on this front.
> >> Also check
>    testparm -v | grep resolve
> think it is better to have hosts and wins first.
> I have now set the value of "name resolve order" to:
> # /usr/local/samba/bin/testparm -sv | grep -i resolve
> Load smb config files from /usr/local/samba/lib/smb.conf
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
> Processing section "[homes]"
> Processing section "[printers]"
> Processing section "[Linux]"
> Loaded services file OK.
>         name resolve order = wins host lmhost bcast
> #
> I set it to WINS first because, my ADS server is a WINS server.
> But, the above modificatiosn did not work.
> >>Is the ADS server your DNS server?  Is the samba server using the ADS
> server as the DNS server?  DNS should include "resource records" to help
> locate an ADS DC.  I don't think you can have lmhosts entry for an ADS
> server.
> My ADS server is a WINS server, not a DNS server.
> >>What does your krb5.conf look like?  I suspect it's having trouble
> finding a kdc.
> My krb5.conf is as follows:
> # cat /etc/krb5.conf
> [libdefaults]
> default_realm = ABCDOM.PQR.COM
> default_tkt_enctypes = rc4-hmac
> default_tgs_enctypes = rc4-hmac
> [realms]
> kdc = :88
> admin_server =
> default_domain =
> }
> [domain_realm]
> #
> Regards,
> Rick
> On Sat, Apr 2, 2011 at 3:22 AM, Andrew Masterson <
>> wrote:
>> > -----Original Message-----
>> > From:
>> []
>> > On Behalf Of Rick Gates
>> > Sent: Friday, April 01, 2011 10:00 AM
>> > To:
>> > Subject: [Samba] Unable to join to Windows 2003 PDC using samba 3.5.8
>> from
>> > alinux machine!!
>> >
>> > Hi all,
>> >
>> > I am using samba 3.5.8 on a linux machine.
>> > I am not able to join the domain of a windows 2003 server in ADS mode.
>> >
>> > I am getting the following error message:
>> >
>> > # /usr/local/samba/bin/net ads join -U Administrator%password -I
>> >
>> > Failed to join domain: failed to find DC for domain ABCDOM.PQR.COM
>> > #
>> >
>> > I am not sure what the issue here.
>> > It works absolutely fine when I try to join the domain in rpc mode.
>> >
>> > # /usr/local/samba/bin/net rpc join -U Administrator%password
>> > Joined domain ABCDOM.
>> > #
>> >
>> > The smb.conf used is:
>> >
>> > # /usr/local/samba/bin/testparm
>> > Load smb config files from /usr/local/samba/lib/smb.conf
>> > rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
>> (16384)
>> > Processing section "[homes]"
>> > Processing section "[printers]"
>> > Processing section "[Linux]"
>> > Loaded services file OK.
>> > Server role: ROLE_DOMAIN_MEMBER
>> > Press enter to see a dump of your service definitions
>> >
>> > [global]
>> >         workgroup = ABCDOM
>> >         realm = ABCDOM.PQR.COM
>> >         server string = Samba Server - Research
>> >         security = ADS
>> >         password server =
>> >         log level = 10
>> >         log file = /var/log/samba/%m.log
>> >         max log size = 50
>> >         add user script = /usr/sbin/useradd %u
>> >         delete user script = /usr/sbin/userdel %u
>> >         add group script = /usr/sbin/groupadd %g
>> >         delete group script = /usr/sbin/groupdel %g
>> >         add user to group script = /usr/sbin/usermod -a -G %g %u
>> >         delete user from group script = /usr/sbin/deluser %u %g
>> >         add machine script = /usr/sbin/adduser -n -g machines -c
>> Machine -d
>> > /dev/null -s /bin/false %u
>> >         domain master = No
>> >         dns proxy = No
>> >         wins server =
>> >         idmap uid = 200-120000
>> >         idmap gid = 200-120000
>> >         admin users = root
>> >         cups options = raw
>> >
>> > [homes]
>> >         comment = Home Directories
>> >         read only = No
>> >         browseable = No
>> >
>> > [printers]
>> >         comment = All Printers
>> >         path = /usr/spool/samba
>> >         printable = Yes
>> >         browseable = No
>> >
>> > [Linux]
>> >         comment = Share on this linux machine
>> >         path = /tmp/linux
>> >         read only = No
>> > #
>> >
>> > NOTE: is the IP of my 2003 windows server.
>> >
>> > My lmhosts file is:
>> >
>> > # cat lmhosts.
>> > ABC3
>> > ABCDOM#1b
>> > ABCDOM#1c
>> >
>> > #
>> >
>> > It would be great, if any one can tell me if there is anything wrong
>> here
>> > and probably help me sort out this issue.
>> > Thanks in advance!!
>> What does your krb5.conf look like?  I suspect it's having trouble
>> finding a kdc.
>> -=Andrew
To unsubscribe from this list go to the following URL and read the

To unsubscribe from this list go to the following URL and read the

Reply via email to