Mark Foley
2023-Oct-09 16:57 UTC
[Samba] Joining a Linux domain member to an actual Windows AD Domain
I am attempting to join a Linux host as a domain member to a Windows AD domain. I am following the instructions in https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member I am at the section in that doc, "Resolving SRV Records" which says, "Active Directory (AD) uses SRV records to locate services, such as Kerberos and LDAP. To verify that SRV records are resolved correctly, use the nslookup interactive shell:", and I go ahead and do the suggested commands: # nslookup> set type=SRV > _ldap._tcp.cwaserver1.cwa4502.localServer: 192.168.1.5 Address: 192.168.1.5#53 ** server can't find _ldap._tcp.cwaserver1.cwa4502.local: NXDOMAIN # host -t SRV _ldap._tcp.cwaserver1.cwa4502.local Host _ldap._tcp.cwaserver1.cwa4502.local not found: 3(NXDOMAIN) As you can see, this test appears to be failing. Other Windows workstations are connected to this Domain w/o problem. Is it critical for this SRV record thing to work? If so, what suggestions are there on what needs to be done in the domain controller to fix this? Thanks --Mark
Peter Milesson
2023-Oct-09 17:29 UTC
[Samba] Joining a Linux domain member to an actual Windows AD Domain
On 09.10.2023 18:57, Mark Foley via samba wrote:> I am attempting to join a Linux host as a domain member to a Windows AD domain. > I am following the instructions in https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > I am at the section in that doc, "Resolving SRV Records" which says, "Active > Directory (AD) uses SRV records to locate services, such as Kerberos and LDAP. > To verify that SRV records are resolved correctly, use the nslookup interactive > shell:", and I go ahead and do the suggested commands: > > # nslookup >> set type=SRV >> _ldap._tcp.cwaserver1.cwa4502.local > Server: 192.168.1.5 > Address: 192.168.1.5#53 > > ** server can't find _ldap._tcp.cwaserver1.cwa4502.local: NXDOMAIN > > # host -t SRV _ldap._tcp.cwaserver1.cwa4502.local > Host _ldap._tcp.cwaserver1.cwa4502.local not found: 3(NXDOMAIN) > > As you can see, this test appears to be failing. > > Other Windows workstations are connected to this Domain w/o problem. Is it > critical for this SRV record thing to work? If so, what suggestions are there on > what needs to be done in the domain controller to fix this? > > Thanks --Mark >Hi Mark, Try A records instead. In my AD domains, there are only A , CNAME and PTR records. If there are no SRV records, you will obviously get errors. Best regards, Peter
Rowland Penny
2023-Oct-09 17:29 UTC
[Samba] Joining a Linux domain member to an actual Windows AD Domain
On Mon, 09 Oct 2023 12:57:16 -0400 Mark Foley via samba <samba at lists.samba.org> wrote:> I am attempting to join a Linux host as a domain member to a Windows > AD domain. I am following the instructions in > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > I am at the section in that doc, "Resolving SRV Records" which says, > "Active Directory (AD) uses SRV records to locate services, such as > Kerberos and LDAP. To verify that SRV records are resolved correctly, > use the nslookup interactive shell:", and I go ahead and do the > suggested commands: > > # nslookup > > set type=SRV > > _ldap._tcp.cwaserver1.cwa4502.local > Server: 192.168.1.5 > Address: 192.168.1.5#53Is '192.168.1.5' the ipaddress of an AD DC ?> > ** server can't find _ldap._tcp.cwaserver1.cwa4502.local: NXDOMAINThat would seem to suggest that the 'cwaserver1.cwa4502.local' dns domain does not exist, however, 'cwaserver1' looks like it could be a short hostname, so could your dns domain be 'cwa4502.local' ? Rowland