Samba PDC DNS issue

English Network/Internet
#1

Reposted from Samba as PDC thread.
Sorry if i broke any forum rules :frowning:

Tryed to follow the guide on Howto setup SUSE 11.1 as Samba PDC - openSUSE , with a minimal infrastructure created in VMware:

  • 1 opensuse 11.1 box
  • 1 XP box.

On the opensuse the installation goes almost ok with few exceptions:

  • for the CPAN packages install bundle its not so ā€œbundleā€ so you need to install by hand some of them like String, Map, MapUTF8ā€¦
  • in the smb.conf file you need to comment ā€œldapsam:trusted = yesā€ line, otherwise samba will crash whenever will try to map user ā€œnobodyā€

And everything works fineā€¦,but when i try to join the xp box to the domain i get the following error:

A domain controller for the domain xxx.yyy.zz could not be contacted.
Ensure that the domain name is typed correctly.
If the name is correct, click Details for troubleshooting information.

If i click details i get this answer:
**Note: This information is intended for a network administrator. If you are not your networkā€™s administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain xxx.yyy.zz:

The query was for the SRV record for _ldap._tcp.dc._msdcs.xxx.yyy.zz

The following domain controllers were identified by the query:

pdc.xxx.yyy.zz

Common causes of this error include:

  • Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.

  • Domain controllers registered in DNS are not connected to the network or are not running.

For information about correcting this problem, click Help.**

Which is not the case. A nslookup on the Xp box is resolving the dns and the domain name, the query for A record of the domain name is resolved. On the linux box both dig and nslookup are resolving the xp box in both directions. A check with sleuth package of the dns configuration reports some warnings about missing the second dns, but no errorā€¦

Did anybody meet this problem, do you have any idea why?

thx

#2

On Tue May 12 2009 10:56 am, vs1 wrote:

>
> Reposted from Samba as PDC thread.
> Sorry if i broke any forum rules :frowning:
>
> Tryed to follow the guide on ā€˜Howto setup SUSE 11.1 as Samba PDC -
> openSUSEā€™ (http://en.opensuse.org/Howto_setup_SUSE_11.1_as_Samba_PDC) ,
> with a minimal infrastructure created in VMware:
> - 1 opensuse 11.1 box
> - 1 XP box.
>
> On the opensuse the installation goes almost ok with few exceptions:
> - for the CPAN packages install bundle its not so ā€œbundleā€ so you need
> to install by hand some of them like String, Map, MapUTF8ā€¦
> - in the smb.conf file you need to comment ā€œldapsam:trusted = yesā€
> line, otherwise samba will crash whenever will try to map user ā€œnobodyā€
>
> And everything works fineā€¦,but when i try to join the xp box to the
> domain i get the following error:
>
> A DOMAIN CONTROLLER FOR THE DOMAIN XXX.YYY.ZZ COULD NOT BE CONTACTED.
> ENSURE THAT THE DOMAIN NAME IS TYPED CORRECTLY.
> IF THE NAME IS CORRECT, CLICK DETAILS FOR TROUBLESHOOTING INFORMATION.
>
<snip>
>
> Did anybody meet this problem, do you have any idea why?
>
> thx
>
>
vs1;

Not sure if I can help or not, but could you please post the [global] section
of /etc/samba/smb.conf. You can substitute values for any
critical/sensitive information. Are all machines on the same subnet? Have
you opened the Samba ports on your firewall?

ā€“
P. V.
ā€œWeā€™re all in this together, Iā€™m pulling for you.ā€ Red Green

#3

Iā€™m with the same above, but I can point you to a very good site that might be able to clear some things up and has helped me with my PDC issues. Deploying Suse Linux Enterprise Server

#4

Thx for your time guys but i found the issue!

thx to the outstanding David Roweā€™s blog
One Manā€™s Journey Into Linux: Joining a Samba Domain

It seems not my DNS setup was wrong, but the eternal MS.
Stupid me i was trying to join the station to xxx.yyy.zz domain, when in fact what it had to be xxx (only) domain.

ā€¦ 3 days wastedā€¦
>:(

#5

I have just been upgrading after a 3 years, the machine ran fine all the time, but I needed new hardware. So I upgraded (Fresh install, with copying most of the config files) from 10.1 to 11.1

In some cases when this problem occurs, itā€™s your firewall.

In SuSE 10.1, this was technically stored in /etc/sysconfig/SuSEfirewall2: configuration option: FW_SERVICES_EXT_UDP
In SuSE 11.1 (earlier) this was moved.

Basically the meessage is ā€¦ donā€™t forget to add following ā€œAllowed Servicesā€ in the firewall:

  • Samba Server
  • Netbios Server

Because else you will not get anywhere.
Or just turn of the firewall :stuck_out_tongue: when configuring your new machine and turn on after installing all servers and shoot some holes in your firewall.