Travis Wenks
2022-Dec-06 22:48 UTC
[Samba] File server joined to a samba domain accessed by windows 10-11 clients, works via ip no via dns name
I'm sorry guys I don't mean to spam the group. I logged back into the pc after rejoining. Attempted to access the share again via ip works fine via fqdn still fails. I could not find any logs on the Synology correlating to my attempts to access file shares Travis Wenks Rose City Solutions travis at rosecitysolutions.com 503-821-7000 On Tue, Dec 6, 2022 at 2:25 PM Travis Wenks <travis at rosecitysolutions.com> wrote:> OK I am scratching my head here.. > > I mistakenly said user account, I intended to say the computer account. > > The workstation would not join and reuse the computer account. > After deleting this in AD I was able to join with no problems. > > Are we saying the kerberos ticket is bad and needs to be re-created? > Would this be to the upgrade from 4.16 to 4.17? > Also is the solution to remove the computer account and rejoin the pc's? > > > Travis Wenks > Rose City Solutions > travis at rosecitysolutions.com > 503-821-7000 > > > On Tue, Dec 6, 2022 at 2:09 PM Travis Wenks <travis at rosecitysolutions.com> > wrote: > >> Interesting... >> >> I left the domain and did not delete the user account and I go this >> >> >> The domain name "NET" might be a NetBIOS domain name. If this is the >> case, verify that the domain name is properly registered with WINS. >> >> If you are certain that the name is not a NetBIOS domain name, then the >> following information can help you troubleshoot your DNS configuration. >> >> An error occurred when DNS was queried for the service location (SRV) >> resource record used to locate an Active Directory Domain Controller (AD >> DC) for domain "NET". >> >> The error was: "No records found for given DNS query." >> (error code 0x0000251D DNS_INFO_NO_RECORDS) >> >> The query was for the SRV record for _ldap._tcp.dc._msdcs.NET >> >> I went into dns and this record _ldap._tcp.dc._msdcs.NET.domain-name.com >> does exist >> Additionally I checked the dns records on the workstation are pointed at >> the dc's and internet is working. >> >> I am going try and join another workstation in our lab. >> >> Travis Wenks >> Rose City Solutions >> travis at rosecitysolutions.com >> 503-821-7000 >> >> >> On Tue, Dec 6, 2022 at 1:25 PM Rowland Penny via samba < >> samba at lists.samba.org> wrote: >> >>> >>> >>> On 06/12/2022 20:58, Travis Wenks via samba wrote: >>> > Hi all, >>> > First, thank you for such an amazing project! >>> > >>> > Second an apology for an extremely long post, I tried to add all the >>> info I >>> > could think of so this is a quick fix! >>> > >>> > I support multiple client sites that we built samba dc?s from source. >>> > >>> > I wrote a quick script to update our client dc?s. As it has no sanity >>> > checks or safety?s to not destroy data I will not post a functional >>> copy of >>> > it here. If anyone would like it I would be glad to email it to anyone >>> who >>> > wants it. >>> > >>> > Here is the issue, we started updating 5 sites and once those were >>> done we >>> > started getting reports of network drives failing. >>> > >>> > If a user is in a group and that group defines the permissions to >>> access a >>> > share they cannot access it. If the ip address is used it works fine. >>> > >>> > So if a user is a member of a group this is the behavior, >>> > >>> > \\file-server.domain\share >>> > Fails >>> > \\file-server\share >>> > Fails also, but >>> > \\ip-of-file-server\share >>> > works fine >>> > >>> >>> Sounds like kerberos is failing, but NTLM is working. Try getting the >>> windows machine to leave the domain and rejoin, this will rewrite the >>> machines kerberos ticket. >>> >>> Have you considered using Debian ? Bullseye now comes with Samba 4.17.3 >>> from backports, this will save you having to build it yourself. >>> >>> Rowland >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> >>
Rowland Penny
2022-Dec-07 07:59 UTC
[Samba] File server joined to a samba domain accessed by windows 10-11 clients, works via ip no via dns name
On 06/12/2022 22:48, Travis Wenks wrote:> I'm sorry guys I don't mean to spam the group. > I logged back into the pc after rejoining. > Attempted to access the share again via ip works fine > via fqdn still fails. > I could not find any logs on the Synology correlating to my attempts to > access file shares >Synology takes Samba and modifies it and it could be one of their changes that is causing this. I suggest you contact Synology to rule this out. Rowland