Re: [Samba] Samba 4 Additional DC existing domain
That's exactly what I did From: Michael De Groote [mailto:i...@sint-pietersschool.be] Sent: Tuesday, June 11, 2013 4:15 PM To: Dino Edwards Cc: Marc Muehlfeld; samba@lists.samba.org Subject: Re: [Samba] Samba 4 Additional DC existing domain did you put in a dns forwarder = ip.of.external.dns.server line? 2013/6/11 Dino Edwards mailto:dino.edwa...@mydirectmail.net>> > You haven't answered my previous question: > > > Did you followed *all* steps from the > > http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC > > HowTo? I didn't saw, in the steps you had listed, that you joined > the > domain, etc. I believe I answered it albeit indirectly. One of the first steps of joining a domain as a DC was to run the kinit command and upon success proceed with joining the domain. Since I wasn't getting any output from running that command, I stopped and didn't go any further with joining the domain because I thought there was something wrong. I wasn't aware that I had to run klist in Ubuntu in order to get the output that I needed. Once I did that, I went ahead and followed the steps to join the domain and I was able to get it working. Now I have a smb.conf file like I should. However, now I have a few other questions if you could be so kind to answer. When I pointed one of the windows machines to use the samba 4 DC as its DNS server, I was able to resolve hosts in the mydomain.local domain. However, I wasn't able to resolve hosts outside my domain. A Windows DNS server is able to do that. Is this behavior because I'm not using Bind with the samba 4 DC but instead I'm using the int ernal samba DNS? What do I need to do to rectify that? I'm also assuming that I should use 127.0.0.1 or the IP of the samba 4 DC as the DNS server of the samba 4 DC in /etc/network/interfaces file vs. pointing to the Windows DC. Is that a correct assumption? And finally, rebooting the server does not automatically start samba. I have to start it manually. Do I need to create a script in /etc/init.d/ and if that's the case, is there a template for that somewhere? Thanks in advance. Dino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Michael De Groote ICT-coordinator Sint-Pietersschool Korbeek-Lo ICT-support Sancta Maria Basisschool Leuven -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 Additional DC existing domain
> -Original Message- > From: Marc Muehlfeld [mailto:sa...@marc-muehlfeld.de] > Sent: Tuesday, June 11, 2013 4:19 PM > To: Dino Edwards > Cc: samba@lists.samba.org > Subject: Re: [Samba] Samba 4 Additional DC existing domain > > Hello Dino, > > > I changed the HowTo a bit, to make it more clear, that the output shown > is from "klist" and not "kinit". > Awesome, thanks! > > When I pointed one of the windows machines to use the samba 4 DC > > as its DNS server, I was able to resolve hosts in the mydomain.local > > domain. However, I wasn't able to resolve hosts outside my domain. > > A Windows DNS server is able to do that. > > You have to add > dns forwarder = 8.8.8.8 > to your smb.conf and restart Samba. Adapt 8.8.8.8 to whatever you host > is, to which you want to forward queries to, your Samba isn't > authoritative for. I added it in the [global] section of the smb.conf and it seems to work > > I'm also assuming that I should use 127.0.0.1 or the IP of the samba > 4 > > DC as the DNS server of the samba 4 DC in /etc/network/interfaces > file > > vs. pointing to the Windows DC. Is that a correct assumption? > > You can use the IP of any host, that is able to resolve your AD DNS > domain(s). > > > > And finally, rebooting the server does not automatically start samba. > > I have to start it manually. Do I need to create a script in > > /etc/init.d/ and if that's the case, is there a template for > > that somewhere? > > Yes, you need something that start the service if you want Samba to > come > up on reboots. See > https://wiki.samba.org/index.php/Samba4/InitScript > > Awesome that worked too. Cheers, Dino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 Additional DC existing domain
> You haven't answered my previous question: > > > Did you followed *all* steps from the > > http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC > > HowTo? I didn't saw, in the steps you had listed, that you joined > the > domain, etc. I believe I answered it albeit indirectly. One of the first steps of joining a domain as a DC was to run the kinit command and upon success proceed with joining the domain. Since I wasn't getting any output from running that command, I stopped and didn't go any further with joining the domain because I thought there was something wrong. I wasn't aware that I had to run klist in Ubuntu in order to get the output that I needed. Once I did that, I went ahead and followed the steps to join the domain and I was able to get it working. Now I have a smb.conf file like I should. However, now I have a few other questions if you could be so kind to answer. When I pointed one of the windows machines to use the samba 4 DC as its DNS server, I was able to resolve hosts in the mydomain.local domain. However, I wasn't able to resolve hosts outside my domain. A Windows DNS server is able to do that. Is this behavior because I'm not using Bind with the samba 4 DC but instead I'm using the int ernal samba DNS? What do I need to do to rectify that? I'm also assuming that I should use 127.0.0.1 or the IP of the samba 4 DC as the DNS server of the samba 4 DC in /etc/network/interfaces file vs. pointing to the Windows DC. Is that a correct assumption? And finally, rebooting the server does not automatically start samba. I have to start it manually. Do I need to create a script in /etc/init.d/ and if that's the case, is there a template for that somewhere? Thanks in advance. Dino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 Additional DC existing domain
> > Kinit doesn't have output on all systems (ubuntu is one of them) > after > > running that, klist should show that you have an active ticket. Running: Klist I get the following: Ticket cache: FILE:/tmp/krb5cc_0 Default principal: Administrator@MYDOMAIN.LOCAL Valid starting ExpiresService principal 06/11/13 12:22:52 06/11/13 22:22:42 krbtgt/MYDOMAIN.LOCAL@MYDOMAIN.LOCAL renew until 06/12/13 12:22:52 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 Additional DC existing domain
> -Original Message- > From: samba-boun...@lists.samba.org [mailto:samba- > boun...@lists.samba.org] On Behalf Of "David González Herrera - > [DGHVoIP]" > Sent: Tuesday, June 11, 2013 12:02 PM > To: Ricky Nance > Cc: samba@lists.samba.org > Subject: Re: [Samba] Samba 4 Additional DC existing domain > > On 6/11/2013 10:58 AM, Ricky Nance wrote: > > Kinit doesn't have output on all systems (ubuntu is one of them) > after > > running that, klist should show that you have an active ticket. Also > > do what Marc says samba -i -M single and see where samba is failing > > the startup. > If I migh add issue the command with some debug level so you see some > more info: > > samba -i -M single -d3 > When I run: /usr/local/samba/sbin/samba -i -M single -d3 I get the following: samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered NTPTR backend 'simple_ldb' NTVFS backend 'default' for type 1 registered NTVFS backend 'posix' for type 1 registered NTVFS backend 'unixuid' for type 1 registered NTVFS backend 'unixuid' for type 3 registered NTVFS backend 'unixuid' for type 2 registered NTVFS backend 'cifs' for type 1 registered NTVFS backend 'smb2' for type 1 registered NTVFS backend 'simple' for type 1 registered NTVFS backend 'cifsposix' for type 1 registered NTVFS backend 'default' for type 3 registered NTVFS backend 'default' for type 2 registered NTVFS backend 'nbench' for type 1 registered PROCESS_MODEL 'single' registered PROCESS_MODEL 'onefork' registered PROCESS_MODEL 'prefork' registered PROCESS_MODEL 'standard' registered AUTH backend 'sam' registered AUTH backend 'sam_ignoredomain' registered AUTH backend 'anonymous' registered AUTH backend 'winbind' registered AUTH backend 'winbind_wbclient' registered AUTH backend 'name_to_ntstatus' registered AUTH backend 'unix' registered SHARE backend [classic] registered. SHARE backend [ldb] registered. At this time the 'samba' binary should only be used for either: 'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote' You should start smbd/nmbd/winbindd instead for domain member and standalone file server task -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 Additional DC existing domain
I'm pretty sure I did unless I'm missing something. According to what I'm reading, the very first step is running the kinit administrator command which of course shows no output on the screen. So, to address the second suggestion when I run: /usr/local/samba/sbin/samba -i -M single I get this: samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 At this time the 'samba' binary should only be used for either: 'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote' You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks Dino Did you followed *all* steps from the http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC HowTo? I didn't saw, in the steps you had listed, that you joined the domain, etc. Can you start Samba with the following command and see, what it outputs: # samba -i -M single Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 4 Additional DC existing domain
Using Ubuntu 10.04 LTS 32-bit. Tried following the wiki to install an additional DC in an existing AD domain. Here are the steps I took: 1. Installed the Ubuntu prerequisites and then I built from source. It compiled and installed successfully to /usr/local/samba 2. Skipped Step 1 Provision Samba according to the wiki It's not required to install as an additional DC in existing domain 3. Went to step 2 Starting your Samba AD DC located here: http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC 4. Set /etc/krb5.conf with the following: [libdefaults] dns_lookup_realm = true dns_lookup_kdc = true default_realm = mydomain.local 5. Ran kinit Administrator and put in the domain admin password and I got absolutely no output. The command ran and I got no error or any indication that anything happened. Apparently I'm supposed to get something like this: 6. Ticket cache: FILE:/tmp/krb5cc_0 7. Default principal: administrator@mydomain.local 8. 9. Valid starting ExpiresService principal 10.11/11/12 17:29:51 11/12/12 03:29:51 krbtgt/ Additionally, running /usr/local/samba/sbin/samba does nothing also. When I c heck for any samba running processes I get nothing. I'm stuck. I would appreciate some assistance on this. Thanks a lot -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
