Windows XP joining Samba 3 domain looks for LDAP in DNS

dlublink · 02-24-2005, 03:39 PM

Hi!

I am trying to setup a WIndows Domain controller using Samba. When I try to add a Windows XP Machine to the domain it says that it cannot find the SRV entry for the domain name.

The message from windows suggests that it is looking for an LDAP Server. BUt I have no ldap server. Only my samba server and my precious DNS and DHCP servers.

What have I done wrong? Obviously I missed something.

I followed "Domain Controller" at
http://www.samba.org/samba/docs/man/...html#id2533093

If someone could help me out that would be great.

THanks,

David

Everything from smb.conf except for shares:
################################

[global]
workgroup = mydomain.net
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
printer admin = @ntadmin, root, administrator
username map = /etc/samba/smbusers
map to guest = Bad User
#Samba Domain Controller
netbios name = pdc
passdb backend = tdbsam
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody %u
# Note: The following specifies the default logon script.
# Per user logon scripts can be specified in the user account using pdbedit
logon script = scripts\logon.bat
# This sets the default profile path. Set per user paths with pdbedit
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
## END OF DOMAIN LOGONS
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
# NETLOGON FOR DOMAIN LOGONS

dlublink · 02-24-2005, 03:40 PM

The message windows XP gives:

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain MYDOMAIN.NET:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.MYDOMAIN.NET

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS.

- One or more of the following zones do not include delegation to its child zone:

MYDOMAIN.NET
NET
. (the root zone)

For information about correcting this problem, click Help.

dlublink · 02-24-2005, 03:51 PM

Looks like I should be using WINS for this not DNS. I setup a WINS server

wins support = yes

and added an entry to dhcpd.conf

option netbios-name-servers 192.168.0.140;

restarted dhcpd, smb and nmb
and now it finds the domain.

I have an issue with username/password. But that can be easily fixed looking at the /var/log/samba/whateverthelogfileis

It worked after I removed the mappings file in /var/log/samba. It was causing some error:
[2005/02/24 16:06:56, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(756)
_net_sam_logon: user LUBLINK\dave has user sid S-1-5-21-4128833642-285588081-677358102-3002
but group sid S-1-5-21-3527597266-2057180883-4094728581-513.

David

(Note: I often reply to my own messages, I figure if I had this problem someone else will have it to. Just trying to help out

)

integr8er · 08-10-2005, 06:52 PM

Hi,

I'm using an LDAP server and I have problems with joing a W2K3 machine into my samba domain. It fails due to the SRV record(s) not showing up in DNS. I thought about setting up a WINS server, but this would kill/conflict with the rest of the companies network WINS server. Any thoughts on why samba would not be getting the SRV records into the DNS automatically. Our various Linux and Windows machines auto register themselves in DNS and I'm just stuck on how/why the SRV records are not gotten in there for my samba domain. I have to be careful as the overall network infrastructure is in the company and is MS Centric and I just cannot break anything on the rest of the net or I'll have hell to pay if you know what I mean.

Thoughts appreciated... I'm trying to get a piolet samba domain working with some vmware Windows machines that I want to join my samba domain and the samba domain is using ldap for single signon auth. I started this config based on recent linux magazine article. It was a learing experience to setup, but now I'm up to the point of wanting to add a Win machine to the domain. It seems to be working okay otherwise and the samba logs look like its acting as a domain - it's just the darn SRV records not in DNS and I don;t have direct access to our DNS as IT would be hard to cooprerate...

Thanks