Hi, the Samba server should act as PDC itself, so it's not being added to any domain.
DNS will be bind9 and there are no plans to migrate them to a Windows-based solution as the only Windows boxes here are some desktops... actually, the ones which should join the domain served by the PDC on the Samba server :-) I'll take a look at the configuration for bind9 to run it in dynamic mode as suggested to see if this solves the issue... I'm afraid it won't... Thanks and regards, Martin ----- Original Message ---- From: Gaël Lams <[EMAIL PROTECTED]> To: OpenSuSE <[email protected]> Sent: Monday, April 16, 2007 1:43:08 PM Subject: Re: [opensuse] Problems setting up Samba-3 as PDC Hi, > Apr 3 15:30:06 v601 nmbd[11664]: Samba server V601 is now a domain > master browser for workgroup MYDOMAIN.COM on subnet 192.168.1.11 Workgroup or Domain? Are you adding a samba PDC to an existing active directory domain? > Now problems arise when I want the WinXP Professional clients to join > that domain (full disclosure here: I'm a Windows user by "market > contamination" so maybe I'm overseeing something obvious during the > process). > > This is the error message I get when trying to join the domain: > ---- ..... > First off, I had to manually add that SRV record on my named.conf. I've > been told that all needed entries are created automatically on the DNS > when you are on a Windows environment... Yes, windows 2000 and 2003 uses DNS as a locator service. When you join a domain, servers and clients dynamicly update the name server. Each server insert records of type SRV to the name server to indicate what functions it is performing (ldap, kerberos, global catalog server, ....). If you have the requirement that the source of IP to host mappings be bind, you have essentially two solutions: - run the bind servers in dynamic mode (allowing only the Domain Controllers to make changes to the DNS records) - use a combination of Bind and W2K dns servers, delegating the following zones (_msdcs, _tcp, _udp, _sites) to a microsoft dns server, which is more "secure" than the previous solution because the dns servers can be run in a "secured" mode Regards. Gaël N‹§²æìr¸›y隊Z)z{.±ï®žË›±Êâmê)z{.±ê+€Z+i×b¶*'jW(šf§vǦj)h¥éìºÇ¾…éi¢—§²ë¢¸ __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
