samba - Aug 2014 - wbinfo -u/-g does not query AD DC

I'm setting up a domain member (Debian Wheezy, Samba 3.6.6) to join an 
AD DC (Wheezy backports, Samba 4.1.9). Everything looks good so far, in 
particular the checklist 
(http://linuxcostablanca.blogspot.com.es/2014/06/samba4-winbind-desperation.html)
up to number 7 is okay. I also removed nscd.

I can do "kinit user" and I can query the samba LDAP to see domain 
users. I did a "net ads join" and added the DNS for the machine 
manually, since this fails with the 3.6.6 join script.

However, doing wbinfo does not produce any network traffic, i.e. it does 
not query the AD DC. How it concludes that 'wbinfo -P' is successful, is
yet another enigma. ;)

Any ideas?

On Wed, 2014-08-06 at 12:23 +0200, Lars Hanke wrote:
> I'm setting up a domain member (Debian Wheezy, Samba 3.6.6) to join an 
> AD DC (Wheezy backports, Samba 4.1.9). Everything looks good so far, in 
> particular the checklist 
>
(http://linuxcostablanca.blogspot.com.es/2014/06/samba4-winbind-desperation.html)
> up to number 7 is okay. I also removed nscd.
> 
> I can do "kinit user" and I can query the samba LDAP to see
domain
> users. I did a "net ads join" and added the DNS for the machine 
> manually, since this fails with the 3.6.6 join script.
It fails because you do not have DNS set correctly. The machine you are
joining is not sending its correct hostname.
> 
> However, doing wbinfo does not produce any network traffic, i.e. it does 
> not query the AD DC. How it concludes that 'wbinfo -P' is
successful, is
> yet another enigma. ;
You cannot miss out one item in the checklist and then expect anything
after that to work.

Try the dns checklist:
http://linuxcostablanca.blogspot.com.es/2014/05/dns-good-enough-for-kerberos.html
That's on Debian. When that doesn't work, try putting only the hostname
in /etc/hostname.

Go no further if the join throws errors.
HTH,
Steve
.