Comments (5)
Fmstrat
commented on August 15, 2024
Yes, your router's DNS server would need to be able to resolve dev.null.com. It may be possible to do this in the router setup, or you could set the router to give out 192.168.3.222 as the DNS server on DHCP, since it has all the appropriate DNS entries, and will relay the rest to the router. If you do the later, you will only have DNS if the container is running.
from samba-domain.
basprins
commented on August 15, 2024
If my private network is 192.168.1.x, and the server gets IP address 192.168.1.100, should I fill in 192.168.1.100 for HOSTIP? And should I open all the ports on the host in firewall?
I think I am misunderstanding the point of creating another IP address (in the example 192.168.3.222). Should that IP address be visible in my private network?
from samba-domain.
Fmstrat
commented on August 15, 2024
Creating a second address is not necessary, but many who run this have the server running its own elements, potentially in client form, so it makes things easier.
No firewall ports should be needed. It might be worth watching a YouTube video on how DNS and Domain servers interact, as they usually talk through the flow of traffic and make understanding things way easier than I could write myself ;)
You currently have an internal DNS server running on your router to assign private host names to any clients that it gives an IP to via DHCP. That DNS server also acts as a relay when a client requests a DNS lookup. No inbound internet is needed for this, as all communication is initiated outbound.
The DNS server on the domain controller is basically the same thing, but happens to have all the required entries for joining the domain. It also relays requests up to the router's DNS server, which in turn routes them out to the internet.
from samba-domain.
basprins
commented on August 15, 2024
Aha, this was quite helpful. I also followed your advise and watched a couple of videos.
I have some progress:
- I updated the docker-compose.yml (will post it below).
- On my first laptop (ubuntu) I updated my DNS servers in network config (192.168.1.100, and another one for ISP DNS server)
- docker compose up on the server
- installed sssd-ad sssd-tools realmd adcli (as suggested by official ubuntu docs)
and I can now discover my AD.
bp@bas-hp:samba (master) % sudo realm -v discover dc.sb.lan
* Resolving: _ldap._tcp.dc.sb.lan
* Resolving: dc.sb.lan
* Performing LDAP DSE lookup on: 192.168.1.100
* Performing LDAP DSE lookup on: 172.19.0.2
* Successfully discovered: sb.lan
sb.lan
type: kerberos
realm-name: SB.LAN
domain-name: sb.lan
configured: no
server-software: active-directory
client-software: sssd
required-package: sssd-tools
required-package: sssd
required-package: libnss-sss
required-package: libpam-sss
required-package: adcli
required-package: samba-common-bin
But, unfortunately, joining fails:
bp@bas-hp:samba (master) % sudo realm join -v dc.sb.lan
* Resolving: _ldap._tcp.dc.sb.lan
* Resolving: dc.sb.lan
* Performing LDAP DSE lookup on: 192.168.1.100
* Performing LDAP DSE lookup on: 172.19.0.2
* Successfully discovered: sb.lan
Password for Administrator:
* Unconditionally checking packages
* Resolving required packages
* LANG=C /usr/sbin/adcli join --verbose --domain sb.lan --domain-realm SB.LAN --domain-controller 192.168.1.100 --login-type user --login-user Administrator --stdin-password
* Using domain name: sb.lan
* Calculated computer account name from fqdn: BAS-HP
* Using domain realm: sb.lan
* Sending NetLogon ping to domain controller: 192.168.1.100
* Received NetLogon info from: dc.sb.lan
* Wrote out krb5.conf snippet to /var/cache/realmd/adcli-krb5-VhKhbj/krb5.d/adcli-krb5-conf-PnzKYc
* Authenticated as user: [email protected]
* Using GSS-SPNEGO for SASL bind
! Couldn't authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
adcli: couldn't connect to sb.lan domain: Couldn't authenticate to active directory: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
! Insufficient permissions to join the domain
realm: Couldn't join realm: Insufficient permissions to join the domain
Would you have any clue what this is about? googling the error message didn't get me much further.
For completeness:
my docker-compose.yml
version: '3.8'
services:
samba:
image: nowsci/samba-domain
container_name: samba
volumes:
- /etc/localtime:/etc/localtime:ro
- /data/docker/containers/samba/data/:/var/lib/samba
- /data/docker/containers/samba/config/samba:/etc/samba/external
environment:
- DOMAIN=SB.LAN
- DOMAIN_DC=dc=sb,dc=lan
- DOMAINPASS=superpassword
- JOIN=false
- HOSTIP=192.168.1.100
ports:
- 192.168.1.100:53:53
- 192.168.1.100:53:53/udp
- 192.168.1.100:88:88
- 192.168.1.100:88:88/udp
- 192.168.1.100:135:135
- 192.168.1.100:137-138:137-138/udp
- 192.168.1.100:139:139
- 192.168.1.100:389:389
- 192.168.1.100:389:389/udp
- 192.168.1.100:445:445
- 192.168.1.100:464:464
- 192.168.1.100:464:464/udp
- 192.168.1.100:636:636
- 192.168.1.100:1024-1044:1024-1044
- 192.168.1.100:3268-3269:3268-3269
dns_search:
- sb.lan
dns:
- 8.8.8.8
extra_hosts:
- dc.sb.lan:192.168.1.100
hostname: dc
cap_add:
- NET_ADMIN
- SYS_NICE
- SYS_RESOURCE
- SYS_TIME
devices:
- /dev/net/tun
privileged: true
restart: always
And maybe harmless, but the output of the docker compose shows warnings and errors, not sure if I should fix that first?
bp@server:~/dev/samba$ docker-compose up
Starting samba ... done
Attaching to samba
samba | ==> /var/log/supervisor/ntpd-stderr---supervisor-tvfo4rd6.log <==
samba | MS-SNTP signd operations currently block ntpd degrading service to all clients.
samba | restrict default: KOD does nothing without LIMITED.
samba |
samba | ==> /var/log/supervisor/ntpd-stdout---supervisor-z27g4ega.log <==
samba | 4 Apr 21:55:13 ntpd[12]: MS-SNTP signd operations currently block ntpd degrading service to all clients.
samba | 4 Apr 21:55:13 ntpd[12]: restrict default: KOD does nothing without LIMITED.
samba | 4 Apr 21:55:14 ntpd[12]: switching logging to file /var/log/ntp
samba | 4 Apr 21:55:14 ntpd[12]: Listen and drop on 0 v6wildcard [::]:123
samba | 4 Apr 21:55:14 ntpd[12]: Listen and drop on 1 v4wildcard 0.0.0.0:123
samba | 4 Apr 21:55:14 ntpd[12]: Listen normally on 2 lo 127.0.0.1:123
samba | 4 Apr 21:55:14 ntpd[12]: Listen normally on 3 eth0 172.19.0.2:123
samba | 4 Apr 21:55:14 ntpd[12]: Listening on routing socket on fd #20 for interface updates
samba | 4 Apr 21:55:14 ntpd[12]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
samba | 4 Apr 21:55:14 ntpd[12]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
samba |
samba | ==> /var/log/supervisor/samba-stderr---supervisor-2clvgc8_.log <==
samba | samba version 4.15.13-Ubuntu started.
samba | Copyright Andrew Tridgell and the Samba Team 1992-2021
samba | binary_smbd_main: samba: using 'prefork' process model
samba |
samba | ==> /var/log/supervisor/samba-stdout---supervisor-pqv4mxkq.log <==
samba |
samba | ==> /var/log/supervisor/supervisor.log <==
samba | 2024-04-04 21:55:12,603 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message.
samba | 2024-04-04 21:55:12,603 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
samba | Unlinking stale socket /var/run/supervisor.sock
samba | 2024-04-04 21:55:12,906 INFO RPC interface 'supervisor' initialized
samba | 2024-04-04 21:55:12,907 CRIT Server 'unix_http_server' running without any HTTP authentication checking
samba | 2024-04-04 21:55:12,907 INFO supervisord started with pid 10
samba | 2024-04-04 21:55:13,909 INFO spawned: 'ntpd' with pid 12
samba | 2024-04-04 21:55:13,910 INFO spawned: 'samba' with pid 13
samba | 2024-04-04 21:55:15,140 INFO success: ntpd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
samba | 2024-04-04 21:55:15,140 INFO success: samba entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
samba |
samba | ==> /var/log/supervisor/supervisord.log <==
samba | 2024-04-04 21:51:58,532 INFO success: samba entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
samba | 2024-04-04 21:55:12,603 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message.
samba | 2024-04-04 21:55:12,603 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
samba | 2024-04-04 21:55:12,906 INFO RPC interface 'supervisor' initialized
samba | 2024-04-04 21:55:12,907 CRIT Server 'unix_http_server' running without any HTTP authentication checking
samba | 2024-04-04 21:55:12,907 INFO supervisord started with pid 10
samba | 2024-04-04 21:55:13,909 INFO spawned: 'ntpd' with pid 12
samba | 2024-04-04 21:55:13,910 INFO spawned: 'samba' with pid 13
samba | 2024-04-04 21:55:15,140 INFO success: ntpd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
samba | 2024-04-04 21:55:15,140 INFO success: samba entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
samba |
samba | ==> /var/log/supervisor/samba-stderr---supervisor-2clvgc8_.log <==
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[e37f94fb-fbe8-4817-9593-274bcee1aace]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.e016f6aa-59a2-4088-a6b1-c780e53a54e5.domains]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.pdc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones]
samba | dnsupdate_nameupdate_done: Failed DNS update with exit code 29
samba |
samba | ==> /var/log/supervisor/ntpd-stdout---supervisor-z27g4ega.log <==
samba | 4 Apr 22:00:47 ntpd[12]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
samba |
samba | ==> /var/log/supervisor/samba-stderr---supervisor-2clvgc8_.log <==
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[e37f94fb-fbe8-4817-9593-274bcee1aace]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.e016f6aa-59a2-4088-a6b1-c780e53a54e5.domains]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.pdc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones]
samba | dnsupdate_nameupdate_done: Failed DNS update with exit code 29
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[e37f94fb-fbe8-4817-9593-274bcee1aace]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.e016f6aa-59a2-4088-a6b1-c780e53a54e5.domains]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.pdc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones]
samba | dnsupdate_nameupdate_done: Failed DNS update with exit code 29
^[[Asamba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[e37f94fb-fbe8-4817-9593-274bcee1aace]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[@]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.e016f6aa-59a2-4088-a6b1-c780e53a54e5.domains]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kpasswd._udp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_kerberos._tcp.Default-First-Site-Name._sites.dc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.pdc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_gc._tcp.Default-First-Site-Name._sites]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[_msdcs.sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.gc]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.ForestDnsZones]
samba | /usr/sbin/samba_dnsupdate: ERROR: Record already exist; record could not be added. zone[sb.lan] name[_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones]
samba | dnsupdate_nameupdate_done: Failed DNS update with exit code 29
from samba-domain.
basprins
commented on August 15, 2024
So after a way too long search on the internet where I found tons and tons of unresolved similar topics, the fix is way too simple.
On the ubuntu client I want to join there is one fix I need to do before joining:
sudo nano /etc/krb5.conf
and add the following content :
[libdefaults]
default_realm = SB.LAN
rdns = false
It would be great if only the official ubuntu docs would share this.
Your samba domain controller is up and running, another happy (free ;-)) customer.
Thx for the help and suggestions!
from samba-domain.
Related Issues (20)
- Any specific reason why "extnet" is present in the docker-compose examples but not in normal docker examples? HOT 6
- Cannot connect using ldapsearch HOT 2
- Have rsync based sysvol share replication from existing dc on join
- Setting Active Directory site does not properly update dns entries
- Adding secondary DC with JOIN does not add expected DNS entries HOT 3
- Windows clients not registering in DNS HOT 6
- Help: docker samba service client HOT 1
- is this project still alive? HOT 9
- split into latest / latest-multisite
- Roadmap 1.0 HOT 7
- add ENV 'URDOMAIN' to set diverging NETBIOS domain name
- cannot build 'develop' branch HOT 2
- DNS sockets exhausting system HOT 5
- Stopped working after update to latest image version HOT 1
- NTP errors HOT 1
- Bug: Supervisord Error and Warning
- Unable to create files on samba share from linux AD client
- Several errors when running as instructed HOT 1
- [Question] Where to place domain.sh?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from samba-domain.