I'm trying to join an XP SP2 PC called testpc to a test environment. Its
network settings are statically set. IP address is 10.8.3.209. I have a
PDC called gomer.mdah.state.ms.us w/ samba 3.0.26a and IP address is
10.8.3.37. On test PC I right click on my computer, properties, computer
name, change from workgroup WORKGROUP to domain ADAMSTEST.
But I get the error:
Note: This information is intended for a network administrator. If you
are not your network's administrator, notify the administrator that you
received this information, which has been recorded in the file
C:\WINDOWS\debug\dcdiag.txt.
The domain name ADAMSTEST might be a NetBIOS domain name. If this is the
case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the
following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location
(SRV) resource record used to locate a domain controller for domain
ADAMSTEST:
Note: This information is intended for a network administrator. If you
are not your network's administrator, notify the administrator that you
received this information, which has been recorded in the file
C:\WINDOWS\debug\dcdiag.txt.
The domain name ADAMSTEST might be a NetBIOS domain name. If this is the
case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the
following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location
(SRV) resource record used to locate a domain controller for domain
ADAMSTEST:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.ADAMSTEST
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its
child zone:
ADAMSTEST
. (the root zone)
For information about correcting this problem, click Help.
I've googled the error and people say to make sure your DNS is fine, you
can ping, turn off windows firewall, etc. I've done all that I don't
see
any problems with my configuration. testpc can ping
gomer.mdah.state.ms.us fine.
and dcdiag.txt contains that message above. My samba configuration seems
correct:
[root@gomer ~]# testparm
Load smb config files from /etc/samba/smb.conf
WARNING: The "printer admin" option is deprecated
Processing section "[homes]"
Processing section "[accounts]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[print$]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
unix charset = LOCALE
workgroup = ADAMSTEST
server string = Samba Server %v on gomer
interfaces = 10.8.3.37/24, 127.0.0.1/8
bind interfaces only = Yes
update encrypted = Yes
passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us
username map = /etc/samba/smbusers
log level = 10
syslog = 0
log file = /var/log/samba/%m
max log size = 50
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -a -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u"
"%g"
set primary group script = /usr/sbin/smbldap-groupmod -g "%g"
"%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=People
ldap passwd sync = Yes
ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
ldap user suffix = ou=People
idmap backend = ldap:ldap://gomer.mdah.state.ms.us
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
printer admin = root, awilliam
hosts allow = 10.8.
map acl inherit = Yes
printing = cups
print command lpq command = %p
lprm command
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[accounts]
comment = Accounting Files
path = /data/accounts
read only = No
[netlogon]
comment = network logon service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root, awilliam
[root@gomer ~]# ldapsearch -D
'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b
"uid=testpc$,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w
xxxxxxxxxxx -x
# extended LDIF
#
# LDAPv3
# base <uid=testpc$,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us> with
scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# testpc$, People, gomer.mdah.state.ms.us
dn: uid=testpc$,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: account
objectClass: top
uid: testpc$
uidNumber: 1000
sambaSID: S-1-0-1
gidNumber: 514
homeDirectory: /dev/null
cn: testpc$
sambaLMPassword: xxxxxxxxxxxxxxxxxxx
sambaNTPassword: xxxxxxxxxxxxxxxxxxx
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1195509942
sambaAcctFlags: [U ]
userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[root@gomer ~]#
any ideas?
---------- Forwarded message ---------- From: John Drescher <drescherjm@gmail.com> Date: Nov 19, 2007 5:16 PM Subject: Re: [Samba] DNS problem? To: awilliam@mdah.state.ms.us On Nov 19, 2007 5:07 PM, <awilliam@mdah.state.ms.us> wrote:> I'm trying to join an XP SP2 PC called testpc to a test environment. Its > network settings are statically set. IP address is 10.8.3.209. I have a > PDC called gomer.mdah.state.ms.us w/ samba 3.0.26a and IP address is > 10.8.3.37. On test PC I right click on my computer, properties, computer > name, change from workgroup WORKGROUP to domain ADAMSTEST. > > But I get the error: > > Note: This information is intended for a network administrator. If you > are not your network's administrator, notify the administrator that you > received this information, which has been recorded in the file > C:\WINDOWS\debug\dcdiag.txt. > > The domain name ADAMSTEST might be a NetBIOS domain name. If this is the > case, verify that the domain name is properly registered with WINS. > > If you are certain that the name is not a NetBIOS domain name, then the > following information can help you troubleshoot your DNS configuration. > > The following error occurred when DNS was queried for the service location > (SRV) resource record used to locate a domain controller for domain > ADAMSTEST: > > Note: This information is intended for a network administrator. If you > are not your network's administrator, notify the administrator that you > received this information, which has been recorded in the file > C:\WINDOWS\debug\dcdiag.txt. > > The domain name ADAMSTEST might be a NetBIOS domain name. If this is the > case, verify that the domain name is properly registered with WINS. > > If you are certain that the name is not a NetBIOS domain name, then the > following information can help you troubleshoot your DNS configuration. > > The following error occurred when DNS was queried for the service location > (SRV) resource record used to locate a domain controller for domain > ADAMSTEST: > > The error was: "DNS name does not exist." > (error code 0x0000232B RCODE_NAME_ERROR) > > The query was for the SRV record for _ldap._tcp.dc._msdcs.ADAMSTEST >Do you have an entry for _ldap._tcp.dc._msdcs.ADAMSTEST in your dns server or are you using wins? An example on how to do that is here: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#adsdnstech John -- John M. Drescher
John Drescher wrote:> Do you have an entry for _ldap._tcp.dc._msdcs.ADAMSTEST in your dns > server or are you using wins? > > An example on how to do that is here: > http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#adsdnstech > > John >Ok, I'm trying to do an NT4 style domain right now. So the security user since I didn't specify it in smb.conf, it defaults to that and testparm verifies that. So why does XP SP2 think I'm trying to join an ADS domain? And I'm using WINS in my smb.conf it has WINS Support = Yes and the XP SP2 has the WINS server set to 10.8.3.37 in the network properties.
> Ok, I'm trying to do an NT4 style domain right now. So the security > user since I didn't specify it in smb.conf, it defaults to that and > testparm verifies that. So why does XP SP2 think I'm trying to join an > ADS domain? >If the windows machine can not find the dns server via wins it will try to use DNS instead. I do not use ADS or WINS so in my samba network I have the following entries in my root zone for my bind dns servers to point the windows boxes to the PDC: _ldap._tcp.dc._msdcs.radimg.pitt.edu. SRV 0 100 389 sysyserv0.radimg.pitt.edu _kerberos._tcp.dc._msdcs.radimg.pitt.edu. SRV 0 100 88 sysserv0.radimg.pitt.edu John
> _ldap._tcp.dc._msdcs.radimg.pitt.edu. SRV 0 100 389 sysyserv0.radimg.pitt.edu > _kerberos._tcp.dc._msdcs.radimg.pitt.edu. SRV 0 100 88 sysserv0.radimg.pitt.edu > >Bad day for replies on this topic... I found two errors with that line. Good thing I have other dns servers... I have the server spelled wrong and there should be a . at the end of the line otherwise the domain gets appended a second time. John
awilliam@mdah.state.ms.us escreveu:> I'm trying to join an XP SP2 PC called testpc to a test environment. Its > network settings are statically set. IP address is 10.8.3.209. I have a > PDC called gomer.mdah.state.ms.us w/ samba 3.0.26a and IP address is > 10.8.3.37. On test PC I right click on my computer, properties, computer > name, change from workgroup WORKGROUP to domain ADAMSTEST. > > But I get the error: > > (...) > > > any ideas?You can start to look if the server really registered the types 1b, 1c and 1d to its address. Don't use a log level = 10 unless really needed, a log level of 2 (preferred) or even 3 is enough to see almost all common problems. It should have 1c and 1b in wins.dat and nmbd.log should say what was the result of the elections (or if you are having any master browser war). nmblookup can be used locally to query the WINS server or make a broadcast query to see who is what. nmblookup -R -U 10.8.3.37 ADAMSTEST#1B (query the wins about DMB) nmblookup -R -U 10.8.3.37 ADAMSTEST#1C (query the wins about DCs) nmblookup -M ADAMSTEST (query by broadcast about LMBs) On the client you can use ipconfig /all to se if it is really using a WINS server, the node type, if NetBIOS over Tcpip is disabled, etc. Windows have its own tools to test lookups too. Regards. Edmundo Valle Neto