https://bugzilla.novell.com/show_bug.cgi?id=421418 Summary: join ads domain that ends with .local for windows authentication Product: openSUSE 11.0 Version: Final Platform: All OS/Version: openSUSE 11.0 Status: NEW Severity: Critical Priority: P5 - None Component: Samba AssignedTo: samba-maintainers@SuSE.de ReportedBy: diego.ercolani@gmail.com QAContact: samba-maintainers@SuSE.de Found By: --- This report has two parts: A: join procedure problem B: fail to update DDNS that end with a join error. Dear developers, please compile a wiki page about this error but also revise the YAST algorithm to manage these exceptions or probably be more verbose to a user. -------------------------------------A----------------------------------------- As you know local domains may have resolved via mdns service (avahi) but there are some circumstances (as my) where enterprise system administrator chose the local domain to be the windows domain controlled by a windows 2000 server and Active Directory. So, joining a domain also from a fresh install fails as samba doesn't resolve correctly the active directory/ldap server that own domain datas. My workaround was: 1. set nomdns=1 in the installation start commandline /proc/cmdline (see http://en.opensuse.org/Linuxrc) 2. during the installation stage 2 (where YAST ask to join to a windows domain) switch to a console (SHIF+ALT+F3) and then edit the file /etc/host.conf and add the line: mdns off (if it's running kill nscd caching daemon) 3. switch back to the join procedure and join the domain ------------------------------------------------------------------------------ --------------------------------------B--------------------------------------- The problem is regarding a later stage of the the join procedure. After setting a minimal smb.conf in a YAST directory under /tmp, YAST calls correctly another command: net ads join -U Administrator%password -s /tmp/YASTDIRECTORY/smb.conf After joining the domain, net command tries to update dns entry for the machine. If for some reason the procedure fail to update DNS (key problems, right to change dns entry ecc.), all the joining procedure fails. That's not correct! Master DNS can refuse the dns table update! The other malfunction that I noticed is that if you set a HOSTNAME, Yast configure an entry in /etc/hosts like this: 127.0.0.2 pc-name pc-name.fqdn when net ads updates dns, in dns table are inserted two entries: pc-name.fqdn IN A 127.0.0.2 pc-name.fqdn IN A ip.add.re.ss this is not correct. ------------------------------------------------------------------------------ -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.