samba - Oct 2003 - Samba 3.0.0 PDC, XP SP1, and domain joining woes.

Greetings, you kind and wonderful people.
I've spent the past few hours or so (read: all day) attempting to get a
basic
PDC up and running, with no success.

I've even gone to the extent of copying John Herpstra's config, which
contains
all sorts of weird and wonderful stuff, in the hope that he had something I
missed.  He didn't.

I've got one box running debian testing, with BIND, DHCPD and Samba 3.0.0
from
standard packages.  This is my PDC box, called "rod".
I've got one box running Windows XP Professional SP1, currently sat as
standalone, and a member of the "home" workgroup.  This grabs all its
settings
from the DHCPD on "rod".
There's also a cable router on 192.168.0.1, but that shouldn't affect
anything.

smb.conf on "rod", in all its glory.  Fairly standard stuff:
[global]
        workgroup = BEECHES
        server string = %h server (Samba %v)
        obey pam restrictions = Yes
        passdb backend = tdbsam
        logon script = logon.cmd
        logon path = \\%L\profiles\%U
        logon drive = H:
        logon home = \\%L\%U
        os level = 35
        domain logons = Yes
        preferred master = Yes
        domain master = Yes
        wins support = Yes

[homes]
        comment = Home Directories
        browseable = no
        writable = yes
        create mask = 0600
        directory mask = 0700

[netlogon]
        comment = Network Logon Service
        path = /home/netlogon
        read only = yes
        write list = @ntadmins
        browseable = no

[profiles]
        comment = Windows Profiles
        path = /home/samba/profiles
        browseable = no
        writeable = yes
        create mask = 0600
        directory mask = 0700



For good measure, my ifconfig for my PDC box, "rod", (minus the lo
device):
eth0      Link encap:Ethernet  HWaddr 00:40:63:D3:0C:B9
          inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:43339 errors:0 dropped:0 overruns:0 frame:0
          TX packets:53820 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:6867827 (6.5 MiB)  TX bytes:5808067 (5.5 MiB)
          Interrupt:11 Base address:0xe800



And the ipconfig from the XP box, "freddy":
Windows IP Configuration

        Host Name . . . . . . . . . . . . : freddy
        Primary Dns Suffix  . . . . . . . : lan
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : lan
        Description . . . . . . . . . . . : NVIDIA nForce MCP Networking
Controller
        Physical Address. . . . . . . . . : 00-30-1B-AF-50-AB
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.0.10
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DHCP Server . . . . . . . . . . . : 192.168.0.100
        DNS Servers . . . . . . . . . . . : 192.168.0.100
                                            192.168.0.1
        Primary WINS Server . . . . . . . : 192.168.0.100
        Lease Obtained. . . . . . . . . . : 20 October 2003 01:32:16
        Lease Expires . . . . . . . . . . : 20 October 2003 02:32:16



So... here's the problem.
Samba on "rod" starts fine, the nmbd logs report success getting all
the various
master browser status you would expect.  So, I ask the "freddy" to
join the
domain (BEECHES), and I get the following message:
> "A domain controller for the domain BEECHES could not be contacted.
> Ensure the domain name is typed correctly.
> If the name is correct, click Details for troubleshooting
information."
And "Details" says:
> "Note: This information is intended for a network administrator.  If
you are
> not your network's administrator, notify the administrator that you
received
> this information, which has been recorded in the file 
> C:\WINDOWS\debug\dcdiag.txt.
>
> The domain name BEECHES might be a NetBIOS domain name.  If this is the
case,
> verify that the domain name is properly registered with WINS.
>
> If you are certain that the name is not a NetBIOS domain name, then the 
> following information can help you troubleshoot your DNS configuration.
>
> The following error occurred when DNS was queried for the service location 
> (SRV) resource record used to locate a domain controller for domain
BEECHES:
> 
> The error was: "DNS name does not exist."
> (error code 0x0000232B RCODE_NAME_ERROR)
>
> The query was for the SRV record for _ldap._tcp.dc._msdcs.BEECHES
> 
> Common causes of this error include the following:
> - The DNS SRV record is not registered in DNS.
> - One or more of the following zones do not include delegation to its child
>   zone:
>   BEECHES
>   . (the root zone)"
So.  If I'm running a BEECHES as a NetBIOS domain (I /think/ I am -
we're only
emulating NT4 server, aren't we?), the XP box can't find the domain
controller,
as it's not in WINS.  Except the XP box is looking at the PDC as its WINS
server, and you would suspect the PDC knows about its own stuff...

If I'm not running a NetBIOS domain, and I'm running something else (a
little
bird suggests this may be something to do with AD), there's something up.  I
don't /think/ I need to pop all the DNS entries in, as nothing anywhere on
the
'net mentions it, except when talking about Microsoft's AD-capable
servers.

So I'm a bit lost.  I don't suppose anyone could suggest any potential
remedies?
It strikes me that something else is going on beyond the obvious, but I
can't
figure it out.

Help most gratefully received (cries of hallelujahs etc).

--

Nick Maynard
nick.maynard@tastycake.net

On Mon, 20 Oct 2003, Nick Maynard wrote:
> > "A domain controller for the domain BEECHES could not be
contacted.
> > Ensure the domain name is typed correctly.
> > If the name is correct, click Details for troubleshooting
information."
Look in the Samba docs under Registry.

WinXP_SignOrSeal.reg


Cheers!
-- 
Richard Potter RHCE
Re/Max
Kingston, ON  CANADA

> > > "A domain controller for the domain BEECHES could not be
contacted.
> > > Ensure the domain name is typed correctly.
> > > If the name is correct, click Details for troubleshooting
information."
> 
> Look in the Samba docs under Registry.
> 
> WinXP_SignOrSeal.reg
Yup, done that one already (was debating whether to mention that or not).
Thanks though - any other ideas?

Cheers,

--

Nick Maynard
nick.maynard@tastycake.net