Hello, last night I finished the new "Join a domain as a DC" documentation in the Wiki: https://wiki.samba.org/index.php/Join_a_domain_as_a_DC It's a complete re-write and contains more details and examples. Additional information have been moved to extra pages and unnecessary things were removed. I had validated the guide in my test environment twice and already used it today at work to join a new DC to our production network. So I can say: It's working. ;-) Regards, Marc
Hai marc,
Great works, im reading it now.
Small question.
Kerberos
## Add the following content to /etc/krb5.conf:
[libdefaults]
dns_lookup_realm = true
dns_lookup_kdc = true
default_realm = SAMDOM.EXAMPLE.COM
If the default_realm is use, should we use : dns_lookup_realm = true also then?
since the default is already used, setting: dns_lookup_realm = false
wil speed up the resolving part a bit.
Share your thoughts ;-)
Best regards,
Louis
>-----Oorspronkelijk bericht-----
>Van: mmuehlfeld at samba.org
>[mailto:samba-bounces at lists.samba.org] Namens Marc Muehlfeld
>Verzonden: maandag 10 november 2014 22:29
>Aan: samba at lists.samba.org; samba-technical
>Onderwerp: [Samba] Wiki: Join a domain as a DC
>
>Hello,
>
>last night I finished the new "Join a domain as a DC"
documentation in
>the Wiki: https://wiki.samba.org/index.php/Join_a_domain_as_a_DC
>
>It's a complete re-write and contains more details and examples.
>Additional information have been moved to extra pages and unnecessary
>things were removed.
>
>I had validated the guide in my test environment twice and already used
>it today at work to join a new DC to our production network. So I can
>say: It's working. ;-)
>
>
>Regards,
>Marc
>
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
we should also add at least the following. At the beginning before installing samba and depending on how a server is installed ( with or without dhcp ) the /etc/hosts file needs to be checked. if you see : 127.0.1.1 hostname.domain.tld hostname then this needs to be changed to the_real_ip hostname.domain.tld hostname you should not have AND 127.0.1.1 and there real_ip set to hostname. this part : Check DNS entries if Host DC2.samdom.example.com. not found: 3(NXDOMAIN) does not resolv the basic setup (/etc/hosts or /etc/resolv.conf ) was not 100% correct. 99.9% times it is the /etc/hosts which is wrong. the fix is ok, but we can mention this at the beginning to set the /etc/hosts correct. Others your opinion about this? Greetz, Louis>-----Oorspronkelijk bericht----- >Van: mmuehlfeld at samba.org >[mailto:samba-bounces at lists.samba.org] Namens Marc Muehlfeld >Verzonden: maandag 10 november 2014 22:29 >Aan: samba at lists.samba.org; samba-technical >Onderwerp: [Samba] Wiki: Join a domain as a DC > >Hello, > >last night I finished the new "Join a domain as a DC" documentation in >the Wiki: https://wiki.samba.org/index.php/Join_a_domain_as_a_DC > >It's a complete re-write and contains more details and examples. >Additional information have been moved to extra pages and unnecessary >things were removed. > >I had validated the guide in my test environment twice and already used >it today at work to join a new DC to our production network. So I can >say: It's working. ;-) > > >Regards, >Marc > > > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >
last few.. - Workaround: Fix keytab permissions On debian/ubuntu i notice that (sernet samba) has the right wrong : /var/lib/samba/private is set to 700 and should be 755 This should be checked/fixed after provisioning, before starting bind and samba. - Enable the BIND9_DLZ module, suitable to the BIND version by default its always bind 9.8.0 which is enabled. If you install on ubuntu 14.04 (bind 9.9.5) its by default also 9.8.0 enabled. This needs to be checked also. ( for fixed at install ) All above it tested with sernet samba installs. Louis>-----Oorspronkelijk bericht----- >Van: mmuehlfeld at samba.org >[mailto:samba-bounces at lists.samba.org] Namens Marc Muehlfeld >Verzonden: maandag 10 november 2014 22:29 >Aan: samba at lists.samba.org; samba-technical >Onderwerp: [Samba] Wiki: Join a domain as a DC > >Hello, > >last night I finished the new "Join a domain as a DC" documentation in >the Wiki: https://wiki.samba.org/index.php/Join_a_domain_as_a_DC > >It's a complete re-write and contains more details and examples. >Additional information have been moved to extra pages and unnecessary >things were removed. > >I had validated the guide in my test environment twice and already used >it today at work to join a new DC to our production network. So I can >say: It's working. ;-) > > >Regards, >Marc > > > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >
On Monday 10 November 2014 22:28:32 Marc Muehlfeld wrote:> Hello,Hi Marc,> last night I finished the new "Join a domain as a DC" documentation in > the Wiki: https://wiki.samba.org/index.php/Join_a_domain_as_a_DC > > It's a complete re-write and contains more details and examples. > Additional information have been moved to extra pages and unnecessary > things were removed. > > I had validated the guide in my test environment twice and already used > it today at work to join a new DC to our production network. So I can > say: It's working. ;-)great work, thanks! -- Andreas Schneider GPG-ID: CC014E3D Samba Team asn at samba.org www.samba.org