Rowland Penny
2024-Dec-20 12:27 UTC
[Samba] Problem after join Windows Serwer 2022 DC to Samba AD
On Fri, 20 Dec 2024 12:18:45 +0100 Programnet via samba <samba at lists.samba.org> wrote:> I am testing the addition of a Windows Server 2022 DC to an AD based > on a Samba DC according to > https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_add_windows_active_directory.html#samba-add-windows-active-directoryWhat version of Samba are you using and on what OS ? Have you raised the functional level to 2016 ?> . It seems to be added to the domain correctly. When I check with the > command: nslookup -type=SRV _ldap._tcp.wenus.local, it shows all DCs,Please do not use '.local' as a TLD, not even in sanitisation, it is confusing because '.local' is reserved for mdns.> including the new one. However, when I query using the command: > Get-ADDomainController -Filter * | Select-Object Name, HostName, I > don?t see the new controller.What does 'samba-tool computer show $DC_HOSTNAME --attributes=name,dNSHostName' display ?> > I also noticed that the SPN DNS/dc2022.wenus.local for the new DC > hasn?t been created.I wouldn't worry about that. none of my DCs have that SPN Rowland
Programnet
2024-Dec-20 13:02 UTC
[Samba] Problem after join Windows Serwer 2022 DC to Samba AD
Thanks for you replay. W dniu 20.12.2024 o?13:27, Rowland Penny via samba pisze:> On Fri, 20 Dec 2024 12:18:45 +0100 > Programnet via samba<samba at lists.samba.org> wrote: > >> I am testing the addition of a Windows Server 2022 DC to an AD based >> on a Samba DC according to >> https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_add_windows_active_directory.html#samba-add-windows-active-directory > What version of Samba are you using and on what OS ?4.21.2> Have you raised the functional level to 2016 ?My level: 2016>> . It seems to be added to the domain correctly. When I check with the >> command: nslookup -type=SRV _ldap._tcp.wenus.local, it shows all DCs, > Please do not use '.local' as a TLD, not even in sanitisation, it is > confusing because '.local' is reserved for mdns.I am aware of the .local domain. However, my implementation is over 15 years old, and back then, some guides recommended it. Changing it now is very difficult.> >> including the new one. However, when I query using the command: >> Get-ADDomainController -Filter * | Select-Object Name, HostName, I >> don?t see the new controller. > What does 'samba-tool computer show $DC_HOSTNAME > --attributes=name,dNSHostName' display ?# samba-tool computer show DC2022 --attributes=name,dNSHostName dn: CN=DC2022,OU=Domain Controllers,DC=wenus,DC=local name: DC2022 dNSHostName: dc2022.wenus.local> >> I also noticed that the SPN DNS/dc2022.wenus.local for the new DC >> hasn?t been created. > I wouldn't worry about that. none of my DCs have that SPNBut you have acount eq dns-dc1 with SPN dns. I have this user account for DC Samba # Get-ADUser -Filter {ServicePrincipalName -ne "$null"} -Property ServicePrincipalName | Select Name, ServicePrincipalName Name??????? ServicePrincipalName krbtgt????? {kadmin/changepw} dns-DC1???? {DNS/dc1.wenus.local} dns-DC2???? {DNS/dc2.wenus.local}> > Rowland > > >