[Samba] after joining the domain the server loose the domain controller

[deep ramcrazy]

Hello,
I've a rhel6 server on a vmware structure.
samba rpm are;
samba-common-3.5.10-115.el6_2.x86_64
samba-3.5.10-115.el6_2.x86_64
samba-winbind-clients-3.5.10-115.el6_2.x86_64

smb.conf
[global]
workgroup = 
server string = TSTArchive
security = DOMAIN
passdb backend = tdbsam
log level = 3
local master = No
ldap ssl = no
cups options = raw
short preserve case = No
dos filetimes = Yes
dos filetime resolution = Yes
unix extensions = no
wide links = yes

# disable printing
load printers = no
cups options = raw
printcap name = /etc/printcap
show add printer wizard = no
disable spoolss = yes

Network:
IP=10.13.16.22 NETMASK=255.255.254.0
GATEWAY=10.13.16.1 (it is on a different vlan in rspect to the dc)

I successfully join the domain:
 net join -w  -S domaincontroller -U networkadmin

domaincontroller network:
IP= 10.13.0.49 NETMASK=255.255.252.0
GATEWAY=10.13.0.3

and all is running fine for a while. After some time I'm not able to have the 
authentication to the DC:
 net rpc testjoin
Unable to find a suitable server for domain 
Join to domain '' is not valid: NT_STATUS_UNSUCCESSFUL

I've a dubt that with different vlan the DC and the samba server cannot 
communicate, but I'm not sure and in which way bypass it.
Thank you
Kind Regards
Romano
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] after joining the domain the server loose the domain controller

[Gaiseric Vandal]

I think what is significant is that this server and the domain
controller are on separate TCP/IP subnets (which happen to be on
separate VLAN's.) 

When you do your initial domain join, you specify the name of the domain
controller-  that name probably resolved via DNS (or may be from
/etc/hosts) so all goes well, even though the machines are on different
subnets.

My guess is that when your machine authenticates to the domain
controller the next time around it is asking for a domain controller
but not explicitly asking for the same controller it used before.   So
it might be doing a broadcast, which will not be successful.You need
to make sure your member server knows about machines on the DC's subnet.

1- Configure your DC as a WINS server.  Configure your member server as
a WINS client.
2.  Configure remote browse sync  with the member server querying the
DC for its browser info.
3.  Use lmhosts on your member server -  similar to the hosts file,
except that it also tells you which machines are DC's for the domain.




On 05/04/12 04:42, deep ramcrazy wrote:
 Hello,
 I've a rhel6 server on a vmware structure.
 samba rpm are;
 samba-common-3.5.10-115.el6_2.x86_64
 samba-3.5.10-115.el6_2.x86_64
 samba-winbind-clients-3.5.10-115.el6_2.x86_64

 smb.conf
 [global]
 workgroup = 
 server string = TSTArchive
 security = DOMAIN
 passdb backend = tdbsam
 log level = 3
 local master = No
 ldap ssl = no
 cups options = raw
 short preserve case = No
 dos filetimes = Yes
 dos filetime resolution = Yes
 unix extensions = no
 wide links = yes

 # disable printing
 load printers = no
 cups options = raw
 printcap name = /etc/printcap
 show add printer wizard = no
 disable spoolss = yes

 Network:
 IP=10.13.16.22 NETMASK=255.255.254.0
 GATEWAY=10.13.16.1 (it is on a different vlan in rspect to the dc)

 I successfully join the domain:
 net join -w  -S domaincontroller -U networkadmin
 domaincontroller network:
 IP= 10.13.0.49 NETMASK=255.255.252.0
 GATEWAY=10.13.0.3

 and all is running fine for a while. After some time I'm not able to have the 
 authentication to the DC:
 net rpc testjoin
 Unable to find a suitable server for domain 
 Join to domain '' is not valid: NT_STATUS_UNSUCCESSFUL

 I've a dubt that with different vlan the DC and the samba server cannot 
 communicate, but I'm not sure and in which way bypass it.
 Thank you
 Kind Regards
 Romano  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba