similar to: Debian Jessie AD DC w. BIND9 : DNS update fails for debian squeezy member server

I'm sorry it got confusing, changed the topic and I'll try to explain. I am using Jessie on the DC. Server13 is a linux file server and domain member, it is on squeeze. If possible, I do not want to upgrade it. The problem here is, that it does not seem to generate a DNS record when joining the domain and, after setting up the new smb.conf, the users aren't passed on from winbind to

On 20/03/15 11:13, Timo Altun wrote: > Hi guys, > > thanks again for the quick answers. First, the smb.conf on the linux > fileserver. It is quite long, as I took the old file (working version from > samba3 configuration) and only made adjustments, like adding the realm. > > /etc/samba/smb.conf: > [global] > ### Browsing/Identification ### > > workgroup =

Ok, I setup a new smb.conf and rebooted. Winbind doesn't seem to pass on the domain users anymore and the DNS Update during domain join still fails. For some reason, although I have all samba 3.5.6. packages installed on this debian squeeze samba -V or samba-tool are unknown commands. Maybe this is why the dns update fails, some missing tools or commands? wbinfo -u and wbinfo -g return domain

Hi guys, thanks again for the quick answers. First, the smb.conf on the linux fileserver. It is quite long, as I took the old file (working version from samba3 configuration) and only made adjustments, like adding the realm. /etc/samba/smb.conf: [global] ### Browsing/Identification ### workgroup = MAYWEG.NET realm = INTRANET.MAYWEG.NET netbios name = server13 smb ports = 139, 445

can you run these commands and tell us the output. ( copy past it. ) SETFQDN=`hostname -f` SETDNSDOMAIN=`hostname -d` SETHOSTNAME=`hostname -s` SETSERVERIP=`hostname -i` echo "==========Test DNS Records ===============================" echo "Testing : dns entries" if [ -z "`host -t SRV _ldap._tcp.${SETDNSDOMAIN}. | grep 'not found'`" ]; then echo

Thank you Louis for that answer! Actually I did get kinit and samba_dnsupdate working, though I am unsure how. I tried some changes to krb5.conf in the [realms] and [domain_realm] sections, als well as setting dns_lookup_realm = false to true, but reverted it all back to the initial file: [libdefaults] default_realm = INTRANET.MAYWEG.NET dns_lookup_realm = false dns_lookup_kdc = true After a

Try change your resolv.conf from : >nameserver 127.0.0.1 >domain intranet.mayweg.net to nameserver 192.168.11.250 search intranet.mayweg.net >The only thing I was unsure about, was which hostname to enter >for Kerberos >Server and Kerberos admin server when asked during the >installation of the >packages.. Try these defealt settings for kerberos.. You didnt have to

Good morning! First of all thanks Rowland for the fast answer yesterday! I realized that samba-technical might have been the wrong mailing list and switched it to the normal samba users list (hopefully it worked, as it does get a bit confusing with spamgourmets addresses!). Unfortunately the problem with samba_dnsupdate remains after the changes. I did changed the smb.conf, krb5.conf, and hosts

Good evening, unfortunately one problem emerged during the change from my testing environment to a small portion of the live environment. The automatic dns updates of the windows clients do not seem to work in the live environment. I changed the AD DC IP from another subnet to 192.168.111.90, without reprovisioning. Everything else seems to work fine though (e.g. domain joins, shares and DNS

Thank you for the answers Peter and Rowland and sorry to everybody for the spam...switched to another e-mail address and hope my messages will arrive only once from now on. As I wrote in my first mail, Kerberos does work. I can successfully request and list a ticket on the AC DC. kinit administrator at INTRANET.MAYWEG.NET Password for administrator at INTRANET.MAYWEG.NET: klist Ticket cache:

and.. change your nsswitch.conf >> hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 to at least. >> hosts: files dns mdns4_minimal [NOTFOUND=return] mdns4 Louis >-----Oorspronkelijk bericht----- >Van: rowlandpenny at googlemail.com >[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny >Verzonden: zaterdag 11 april 2015 22:38

Good morning! First of all thanks Rowland for the fast answer yesterday! I realized that samba-technical might have been the wrong mailing list and switched it to the normal samba users list (hopefully it worked, as it does get a bit confusing with spamgourmets sendto addresses!). Unfortunately the problem with samba_dnsupdate remains after the changes. I did changed the smb.conf, krb5.conf, and

Thanks Louis, it seems the DNS updates were working even with the nsswitch.conf I had, but only for machines that I manually joined to the new AD Domain. I checked the ones I didn't join manually and they aren't proper members of the domain anymore. If I try to logon with anything but the last (cached) user account on a Win7 machine I get: "The trust relationship between this

Hello Samba Crowd, finally had some more time to work on the problem today. I set up the Wheezy VM, installed Samba, Winbind, Krb5-user and did the domain join. With the configs from the wiki <https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server> I could join the domain and retrieve the users, they are shown with getent passwd. Problem is, the DNS update still does not work with

I did not run that command at all. I did run samba-tool classicupgrade on the DC after setting up ldap with my data. As far as I understand the provisioning of the domain is done during that process. And on the other machines provisioning must not be done, right? On 20 Mar 2015 19:35, "Rowland Penny" <rowlandpenny at googlemail.com> wrote: > On 20/03/15 18:28, Timo Altun wrote:

Hi and thank you for the answers! How do I setup the clients to do their own updates? I do not recall doing anything on the windows client side to setup the automatic dns updates. The linux wheezy clients with samba 3.6.6. actually never managed to automatically update dns during domain join, not even in the test environment. I settled for manually adding those to the dns, as they're just a

Hi Rowland, first and foremost thanks for the answer...on a saturday! Since I wrote I got it running! Did a complete purge of packages samba libnss-winbind libpam-winbind krb5-user krb5-config libpam-krb5 and reinstalled. Stopped smbd, nmbd and winbind and joined the domain. Started the services again and winbind could start as well. Thanks! Fyi, the smb.conf on AD (got a bit of a strange

Hey Louis, thanks for the answer! That sounds like a viable route to go. Of course I'd prefer doing the classicupgrade and having the trust relationship still intact. It did work this way at some point during testing, that's why I find it hard to accept that I have to circumvent the problem like this. Did somebody else lose trust relationships after classicupgrade and found a way to

On 20/03/15 18:28, Timo Altun wrote: > Yes, it was/is an NT-4 style PDC with Samba 3.2.5 on lenny. I did a > clean install of jessie and installed samba 4.1.17 from jessie > repositories. Is there a better way? > > Strangely the domain join, shares and users did work before on the > squeezy member against the Samba4 AD DC with security = domain and no > keytab defined, nor

On 11/04/15 18:54, Timo Altun wrote: > Good evening, > > unfortunately one problem emerged during the change from my testing > environment to a small portion of the live environment. > The automatic dns updates of the windows clients do not seem to work > in the live environment. I changed the AD DC IP from another subnet to > 192.168.111.90, without reprovisioning.