Re: [opensuse] Problems setting up Samba-3 as PDC
Hi,
the Samba server should act as PDC itself, so it's not being added to any domain.
DNS will be bind9 and there are no plans to migrate them to a Windows-based solution as the only Windows boxes here are some desktops... actually, the ones which should join the domain served by the PDC on the Samba server :-)
I'll take a look at the configuration for bind9 to run it in dynamic mode as suggested to see if this solves the issue... I'm afraid it won't...
Thanks and regards,
Martin
----- Original Message ----
From: Gaël Lams
Apr 3 15:30:06 v601 nmbd[11664]: Samba server V601 is now a domain master browser for workgroup MYDOMAIN.COM on subnet 192.168.1.11
Workgroup or Domain? Are you adding a samba PDC to an existing active directory domain?
Now problems arise when I want the WinXP Professional clients to join that domain (full disclosure here: I'm a Windows user by "market contamination" so maybe I'm overseeing something obvious during the process).
This is the error message I get when trying to join the domain: ---- ..... First off, I had to manually add that SRV record on my named.conf. I've been told that all needed entries are created automatically on the DNS when you are on a Windows environment...
Yes, windows 2000 and 2003 uses DNS as a locator service. When you join a domain, servers and clients dynamicly update the name server. Each server insert records of type SRV to the name server to indicate what functions it is performing (ldap, kerberos, global catalog server, ....). If you have the requirement that the source of IP to host mappings be bind, you have essentially two solutions: - run the bind servers in dynamic mode (allowing only the Domain Controllers to make changes to the DNS records) - use a combination of Bind and W2K dns servers, delegating the following zones (_msdcs, _tcp, _udp, _sites) to a microsoft dns server, which is more "secure" than the previous solution because the dns servers can be run in a "secured" mode Regards. Gaël N‹§²æìr¸›y隊Z)z{.±ï®žË›±Êâmê)z{.±ê+€Z+i×b¶*'jW(šf§vǦj)h¥éìºÇ¾…éi¢—§²ë¢¸ __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
the Samba server should act as PDC itself, so it's not being added to any domain. .... I'll take a look at the configuration for bind9 to run it in dynamic mode as suggested to see if this solves the issue... I'm afraid it won't...
Probably not Did you: - implement the registry hack - modify the local security policy to 1) disable the encryption ("Domain member: Digitally encrypt or sign secure channel (always)" entry) and 2) disable "Domain member: Disable machine account password changes" Also, did you create the machinename$ account? I suppose you are using XP professional, aren't you? Because I think that XP Home Edition can not join a domain Hope it helps Gaël N�����r��y隊Z)z{.�ﮞ˛���m�)z{.��+�Z+i�b�*'jW(�f�vǦj)h���Ǿ��i�������
Did you: - implement the registry hack - modify the local security policy to 1) disable the encryption ("Domain member: Digitally encrypt or sign secure channel (always)" entry) and 2) disable "Domain member: Disable machine account password changes"
None of the above are required with recent versions of Samba. Don't do any of the above.
Because I think that XP Home Edition can not join a domain
Nope, it can't. See the instructions at http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ -- Adam Tauno Williams Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Adam Tauno Williams
-
Gaël Lams
-
Martin Mielke