Samba PDC DNS issue

Reposted from Samba as PDC thread.
Sorry if i broke any forum rules :frowning:

Tryed to follow the guide on Howto setup SUSE 11.1 as Samba PDC - openSUSE , with a minimal infrastructure created in VMware:

  • 1 opensuse 11.1 box
  • 1 XP box.

On the opensuse the installation goes almost ok with few exceptions:

  • for the CPAN packages install bundle its not so “bundle” so you need to install by hand some of them like String, Map, MapUTF8…
  • in the smb.conf file you need to comment “ldapsam:trusted = yes” line, otherwise samba will crash whenever will try to map user “nobody”

And everything works fine…,but when i try to join the xp box to the domain i get the following error:

A domain controller for the domain xxx.yyy.zz could not be contacted.
Ensure that the domain name is typed correctly.
If the name is correct, click Details for troubleshooting information.

If i click details i get this answer:
**Note: This information is intended for a network administrator. If you are not your network’s administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain xxx.yyy.zz:

The query was for the SRV record for _ldap._tcp.dc._msdcs.xxx.yyy.zz

The following domain controllers were identified by the query:

pdc.xxx.yyy.zz

Common causes of this error include:

  • Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.

  • Domain controllers registered in DNS are not connected to the network or are not running.

For information about correcting this problem, click Help.**

Which is not the case. A nslookup on the Xp box is resolving the dns and the domain name, the query for A record of the domain name is resolved. On the linux box both dig and nslookup are resolving the xp box in both directions. A check with sleuth package of the dns configuration reports some warnings about missing the second dns, but no error…

Did anybody meet this problem, do you have any idea why?

thx

On Tue May 12 2009 10:56 am, vs1 wrote:

>
> Reposted from Samba as PDC thread.
> Sorry if i broke any forum rules :frowning:
>
> Tryed to follow the guide on ‘Howto setup SUSE 11.1 as Samba PDC -
> openSUSE’ (http://en.opensuse.org/Howto_setup_SUSE_11.1_as_Samba_PDC) ,
> with a minimal infrastructure created in VMware:
> - 1 opensuse 11.1 box
> - 1 XP box.
>
> On the opensuse the installation goes almost ok with few exceptions:
> - for the CPAN packages install bundle its not so “bundle” so you need
> to install by hand some of them like String, Map, MapUTF8…
> - in the smb.conf file you need to comment “ldapsam:trusted = yes”
> line, otherwise samba will crash whenever will try to map user “nobody”
>
> And everything works fine…,but when i try to join the xp box to the
> domain i get the following error:
>
> A DOMAIN CONTROLLER FOR THE DOMAIN XXX.YYY.ZZ COULD NOT BE CONTACTED.
> ENSURE THAT THE DOMAIN NAME IS TYPED CORRECTLY.
> IF THE NAME IS CORRECT, CLICK DETAILS FOR TROUBLESHOOTING INFORMATION.
>
<snip>
>
> Did anybody meet this problem, do you have any idea why?
>
> thx
>
>
vs1;

Not sure if I can help or not, but could you please post the [global] section
of /etc/samba/smb.conf. You can substitute values for any
critical/sensitive information. Are all machines on the same subnet? Have
you opened the Samba ports on your firewall?


P. V.
“We’re all in this together, I’m pulling for you.” Red Green

I’m with the same above, but I can point you to a very good site that might be able to clear some things up and has helped me with my PDC issues. Deploying Suse Linux Enterprise Server

Thx for your time guys but i found the issue!

thx to the outstanding David Rowe’s blog
One Man’s Journey Into Linux: Joining a Samba Domain

It seems not my DNS setup was wrong, but the eternal MS.
Stupid me i was trying to join the station to xxx.yyy.zz domain, when in fact what it had to be xxx (only) domain.

… 3 days wasted…
>:(

I have just been upgrading after a 3 years, the machine ran fine all the time, but I needed new hardware. So I upgraded (Fresh install, with copying most of the config files) from 10.1 to 11.1

In some cases when this problem occurs, it’s your firewall.

In SuSE 10.1, this was technically stored in /etc/sysconfig/SuSEfirewall2: configuration option: FW_SERVICES_EXT_UDP
In SuSE 11.1 (earlier) this was moved.

Basically the meessage is … don’t forget to add following “Allowed Services” in the firewall:

  • Samba Server
  • Netbios Server

Because else you will not get anywhere.
Or just turn of the firewall :stuck_out_tongue: when configuring your new machine and turn on after installing all servers and shoot some holes in your firewall.