samba - Feb 2022 - linux client DNS issues

On 2/7/22 09:50, Rowland Penny via samba wrote:
> On Mon, 2022-02-07 at 09:24 -0600, Patrick Goetz via samba wrote:
>> Save for the issue of PTR DNS records not being automatically
>> created
>> when joining a linux client to a Samba AD, I've had no problems
>> joining
>> Ubuntu + Louis van Belle linux clients to a Samba domain using the
>> internal Samba DNS server.
>>
>> At the moment, I'm working on joining an Arch linux client to a
>> Samba
>> AD, and have run into an issue I didn't see on Ubuntu and want to
>> find
>> out what the difference is. Note: nearly identical smb.conf files
>> (only
>> the Shares differ) and same krb5.conf file.
>>
>> When I attempt to join the Arch linux machine to the domain using
>> `net
>> ads join`:
>>
>> [root at erap-gnome samba]# net ads join -U administrator
>> Password for [EA\administrator]:
>> Using short domain name -- EA
>> Joined 'ERAP-GNOME' to dns domain 'ea.linuxcs.com'
>> No DNS domain configured for erap-gnome. Unable to perform DNS
>> Update.
>> DNS update failed: NT_STATUS_INVALID_PARAMETER
>>
>>
>> I looked up NT_STATUS_INVALID_PARAMETER in the wiki, and the
>> suggestion
>> was a missing or invalid host entry in /etc/hosts. I did indeed have
>> a
>> typo in the machine's entry in /etc/hosts, but fixing the typo did
>> not
>> resolve the issue. I get the same (or similar) error message when
>> attempting to rejoin the machine to the domain. The machine is added
>> to
>> the domain, but no DNS A record is generated for it.
>>
>> I also tried using:
>>
>>     # samba-tool domain join ea.linuxcs.com MEMBER -U Administrator
>>
>> Using samba-tool there's no error message, but also no DNS entry:
> 
> This possibly has the same problem as when you join a red-hat OS to
> Samba AD, you get the same message. Try checking that /etc/hostname
> contains the computers FQDN, this works on red-hat.
> 
I changed /etc/hostname from

   erap-gnome to

   erap-gnome.ea.linuxcs.com


but got exactly the same error:

[root at erap-gnome ~]# net ads join -U administrator
Password for [EA\administrator]:
Using short domain name -- EA
Joined 'ERAP-GNOME' to dns domain 'ea.linuxcs.com'
No DNS domain configured for erap-gnome. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER


Thanks for the suggestion, though.

> Rowland
> 
> 
>

BTW, I can't find anything in the log files to help me with debugging 
this.  At what log level do DNS errors start showing up in the log files?

On 2/7/22 12:42, Patrick Goetz via samba wrote:
> 
> 
> On 2/7/22 09:50, Rowland Penny via samba wrote:
>> On Mon, 2022-02-07 at 09:24 -0600, Patrick Goetz via samba wrote:
>>> Save for the issue of PTR DNS records not being automatically
>>> created
>>> when joining a linux client to a Samba AD, I've had no problems
>>> joining
>>> Ubuntu + Louis van Belle linux clients to a Samba domain using the
>>> internal Samba DNS server.
>>>
>>> At the moment, I'm working on joining an Arch linux client to a
>>> Samba
>>> AD, and have run into an issue I didn't see on Ubuntu and want
to
>>> find
>>> out what the difference is. Note: nearly identical smb.conf files
>>> (only
>>> the Shares differ) and same krb5.conf file.
>>>
>>> When I attempt to join the Arch linux machine to the domain using
>>> `net
>>> ads join`:
>>>
>>> [root at erap-gnome samba]# net ads join -U administrator
>>> Password for [EA\administrator]:
>>> Using short domain name -- EA
>>> Joined 'ERAP-GNOME' to dns domain 'ea.linuxcs.com'
>>> No DNS domain configured for erap-gnome. Unable to perform DNS
>>> Update.
>>> DNS update failed: NT_STATUS_INVALID_PARAMETER
>>>
>>>
>>> I looked up NT_STATUS_INVALID_PARAMETER in the wiki, and the
>>> suggestion
>>> was a missing or invalid host entry in /etc/hosts. I did indeed
have
>>> a
>>> typo in the machine's entry in /etc/hosts, but fixing the typo
did
>>> not
>>> resolve the issue. I get the same (or similar) error message when
>>> attempting to rejoin the machine to the domain. The machine is
added
>>> to
>>> the domain, but no DNS A record is generated for it.
>>>
>>> I also tried using:
>>>
>>> ??? # samba-tool domain join ea.linuxcs.com MEMBER -U Administrator
>>>
>>> Using samba-tool there's no error message, but also no DNS
entry:
>>
>> This possibly has the same problem as when you join a red-hat OS to
>> Samba AD, you get the same message. Try checking that /etc/hostname
>> contains the computers FQDN, this works on red-hat.
>>
> 
> I changed /etc/hostname from
> 
>  ? erap-gnome to
> 
>  ? erap-gnome.ea.linuxcs.com
> 
> 
> but got exactly the same error:
> 
> [root at erap-gnome ~]# net ads join -U administrator
> Password for [EA\administrator]:
> Using short domain name -- EA
> Joined 'ERAP-GNOME' to dns domain 'ea.linuxcs.com'
> No DNS domain configured for erap-gnome. Unable to perform DNS Update.
> DNS update failed: NT_STATUS_INVALID_PARAMETER
> 
> 
> Thanks for the suggestion, though.
> 
> 
>> Rowland
>>
>>
>>
>