[Samba] Samba 4.0.7 DC in Windows 2003R2 AD
Greetings, The ultimate goal is a full implementation of Samba4/OpenChange/SOGo but that onion has too many layers to shoot for the whole thing at once. So, I've added a Samba/Ubuntu12.04 DC to the AD and want to get it totally correct before proceeding with OC. I have two questions (at the moment): First, PAM is not included on the Samba DC and I need to know if it is a requirement. The docs say that, if you want to use it, just rebuild after installing the necessary PAM libs but there are a fairly large number of various flavors of PAM libraries and I could use some help selecting the right set. Second, the Samba DC is using the internal DNS and one-way sync from the PDC seems to be working but not the other way and I always get the following error when running one of the DNS tests that the docs indicate should be run. root@sambadc:~# samba-tool dns query sambadc mydomain.com @ ALL -Uadmin GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:sambadc[,sign] Password for [mydomain\admin]: ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE') File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py, line 974, in run None, record_type, select_flags, None, None) If I need to include additional info/files, let me know and I'll do so. Any help greatly appreciated. Thanx, Garth -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4.0.7 DC in Windows 2003R2 AD
Did you join your samba4 to w 2003R2 AD domain? Is it a firewall feature? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Garth Keesler Gesendet: Dienstag, 9. Juli 2013 14:43 An: samba@lists.samba.org Betreff: [Samba] Samba 4.0.7 DC in Windows 2003R2 AD Greetings, The ultimate goal is a full implementation of Samba4/OpenChange/SOGo but that onion has too many layers to shoot for the whole thing at once. So, I've added a Samba/Ubuntu12.04 DC to the AD and want to get it totally correct before proceeding with OC. I have two questions (at the moment): First, PAM is not included on the Samba DC and I need to know if it is a requirement. The docs say that, if you want to use it, just rebuild after installing the necessary PAM libs but there are a fairly large number of various flavors of PAM libraries and I could use some help selecting the right set. Second, the Samba DC is using the internal DNS and one-way sync from the PDC seems to be working but not the other way and I always get the following error when running one of the DNS tests that the docs indicate should be run. root@sambadc:~# samba-tool dns query sambadc mydomain.com @ ALL -Uadmin GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:sambadc[,sign] Password for [mydomain\admin]: ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE') File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py, line 974, in run None, record_type, select_flags, None, None) If I need to include additional info/files, let me know and I'll do so. Any help greatly appreciated. Thanx, Garth -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4.0.7 DC in Windows 2003R2 AD
Yes, the Samba server was joined to an existing Win2003R2 AD raised to the Forest Domain level following the steps outlined at https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC. Both DCs are on a local LAN so there is no FW between them and I checked that the 2003 server has no FW running. Let me know what else I can provide. Thanx, Garth On 07/09/2013 08:51 AM, Daniel Müller wrote: Did you join your samba4 to w 2003R2 AD domain? Is it a firewall feature? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Garth Keesler Gesendet: Dienstag, 9. Juli 2013 14:43 An: samba@lists.samba.org Betreff: [Samba] Samba 4.0.7 DC in Windows 2003R2 AD Greetings, The ultimate goal is a full implementation of Samba4/OpenChange/SOGo but that onion has too many layers to shoot for the whole thing at once. So, I've added a Samba/Ubuntu12.04 DC to the AD and want to get it totally correct before proceeding with OC. I have two questions (at the moment): First, PAM is not included on the Samba DC and I need to know if it is a requirement. The docs say that, if you want to use it, just rebuild after installing the necessary PAM libs but there are a fairly large number of various flavors of PAM libraries and I could use some help selecting the right set. Second, the Samba DC is using the internal DNS and one-way sync from the PDC seems to be working but not the other way and I always get the following error when running one of the DNS tests that the docs indicate should be run. root@sambadc:~# samba-tool dns query sambadc mydomain.com @ ALL -Uadmin GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:sambadc[,sign] Password for [mydomain\admin]: ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE') File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py, line 974, in run None, record_type, select_flags, None, None) If I need to include additional info/files, let me know and I'll do so. Any help greatly appreciated. Thanx, Garth -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba