Luca Bertoncello
2021-Aug-25 09:45 UTC
[Samba] Problem connecting Samba and Windows Active Directory
Hi list! We have two Server with Debian 11 and Samba 4.13.5 (from Debian repositories) that have to connect as member to our AD. Our goal is, that our users can use the shares on the Servers using their AD credentials. So I configured Samba and joined the domain. No problems and all worked some weeks. Suddenly, without any changes in the configuration or other action on the Server, they can't speak with the AD anymore. We already had the problem and a rejoin has solved the problem, but now we have the problem again, so I'm searching a better solution. I see, if I try to ping the DC: root at nasmedia02:/etc/samba# wbinfo --ping-dc checking the NETLOGON for domain[AD-QUEO-ORG] dc connection to "" failed failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND and root at nasmedia02:/etc/samba# wbinfo --check-secret checking the trust secret for domain AD-QUEO-ORG via RPC calls failed wbcCheckTrustCredentials(AD-QUEO-ORG): error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233) failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR Could not check secret Can someone help me? Other Server, with Debian 10 don't have the problem with the same configuration and Samba 4.9.5. Thanks a lot Luca Bertoncello
Rowland Penny
2021-Aug-25 10:11 UTC
[Samba] Problem connecting Samba and Windows Active Directory
On Wed, 2021-08-25 at 09:45 +0000, Luca Bertoncello via samba wrote:> Hi list! > > We have two Server with Debian 11 and Samba 4.13.5 (from Debian > repositories) that have to connect as member to our AD. > Our goal is, that our users can use the shares on the Servers using > their AD credentials. > > So I configured Samba and joined the domain. No problems and all > worked some weeks. > Suddenly, without any changes in the configuration or other action on > the Server, they can't speak with the AD anymore. > > We already had the problem and a rejoin has solved the problem, but > now we have the problem again, so I'm searching a better solution. > > I see, if I try to ping the DC: > > root at nasmedia02:/etc/samba# wbinfo --ping-dc > checking the NETLOGON for domain[AD-QUEO-ORG] dc connection to "" > failed > failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND > > and > > root at nasmedia02:/etc/samba# wbinfo --check-secret > checking the trust secret for domain AD-QUEO-ORG via RPC calls failed > wbcCheckTrustCredentials(AD-QUEO-ORG): error code was > NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233) > failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR > Could not check secret > > Can someone help me? > Other Server, with Debian 10 don't have the problem with the same > configuration and Samba 4.9.5. >Please post your smb.conf Rowland