Dear, After a few attempts I now have my first Samba installed and running as active directory (on Debian-Turnkey) Topics I struggle with are not Samba itself, yet. I seek help to clarify wat is failing,what I did wrong or did not do yet. 1. Joining the domain: fails to resolve SRV type record for \_ldap.\_tcp.dc.\_msdcs.<domain> (typos here are mine, correct on machine) 2. Fail of 1 is because the response for the SRV record is serving the SOA and the response does not arrive at the client. I see the request resolved correctly on the AD-BindNLZ send back to the DNS server and from the DNS server to the client. However, on the client it becomes a non-existent Domain reply. The firewall on MSw10 is enabled but I do not understand why it would filter a reply. Such was not documented on Samba.org so I did not investigate yet. 3. To enable federation i prefer to work with Kerberos. However, using Server Manager it complains on auth about 1 here but also about kerberos. The krb5.conf file is present in /etc and as default. I had assumed Kerberos would be enabled by default on AD role for Samba4. 4. Connect using Server Manager fail because of 1 also. See also 2 and 3. While on latest MS Windows 10 I could not find Server Manager anywhere under 'options and features' the install happened manually. I hope you are able to assist. JL -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 489 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20200704/452115a0/signature.sig>
On 04/07/2020 13:47, JL via samba wrote:> Dear, > > After a few attempts I now have my first Samba installed and running as active directory (on Debian-Turnkey)By 'turnkey', I take it you mean from here: www.turnkeylinux.org If so, this probably means that you are using Samba 4.5.16, which is EOL as far as Samba is concerned. You will probably be better off installing Debian Buster and use Louis's repo from here: http://apt.van-belle.nl/ Then install and provision a Samba AD DC yourself. If you require any help with this, just ask. Rowland
Thanks, Yet, how is this relevant to the issues reported ? \- - - mailto:commandline at protonmail.com Joris Lambrecht CyberSecurity and ICT Coach call:?+32 487 558 354 Antwerp,?Belgium https://www.commandline.be \-------- Oorspronkelijk bericht -------- Aan 4 jul. 2020 16:02, Rowland penny via samba < samba at lists.samba.org> schreef:> > > > On 04/07/2020 13:47, JL via samba wrote: > > Dear, > > > > After a few attempts I now have my first Samba installed and running as active directory (on Debian-Turnkey) > > By 'turnkey', I take it you mean from here: [www.turnkeylinux.org][] > > If so, this probably means that you are using Samba 4.5.16, which is EOL > as far as Samba is concerned. > > You will probably be better off installing Debian Buster and use Louis's > repo from here: http://apt.van-belle.nl/ > > Then install and provision a Samba AD DC yourself. > > If you require any help with this, just ask. > > Rowland > > > > \-- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >[www.turnkeylinux.org]: http://www.turnkeylinux.org -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 489 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20200704/411c719e/signature.sig>