Samba PDC Problem
I've got some problem with Samba and a WinXP Pro client. I configured Samba to by a Domain Controller but when I try to access it from WinXp Pro, I get the following error Quote:Note: This information is intended for a network administrator.
I've got some problem with Samba and a WinXP Pro client. I configured Samba to by a Domain Controller but when I try to access it from WinXp Pro, I get the following error
Quote:Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.
The domain name home might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain home:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.home
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
home
. (the root zone)
For information about correcting this problem, click Help.
This is my conf file
Quote:#----SAMBA CONFIGURATION FILE-----# [global]
workgroup = HOME
netbios name = spike
encrypt passwords = yes
wins support = yes
#wins server = 192.168.1.101
dns proxy = yes
domain master = yes
local master = yes
preferred master = yes
os level = 65
security = user
domain logons = yes
logon path = \\%L\profiles\%u\%m
logon script = logon.bat
logon drive = H:
logon home = \\%L\%u\.win_profile\%m
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
#Used by Windows to read the system policies and logon script
[netlogon]
path = /mnt/ftp/FtpServer/smbTest/netlogon
writable = no
browsable = no
#
[profiles]
path = /mnt/ftp/FtpServer/smbTest/profiles
browsable = no
writable = yes
create mask = 0600
directory mask = 0700
[homes]
read only = no
browsable = no
guest ok = no
map archive = yes
[test]
comment = For testting only, please
path = /mnt/ftp/FtpServer/smbTest
read only = no
What going on? Can someone help me ?
Quote:Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.
The domain name home might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain home:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.home
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
home
. (the root zone)
For information about correcting this problem, click Help.
This is my conf file
Quote:#----SAMBA CONFIGURATION FILE-----# [global]
workgroup = HOME
netbios name = spike
encrypt passwords = yes
wins support = yes
#wins server = 192.168.1.101
dns proxy = yes
domain master = yes
local master = yes
preferred master = yes
os level = 65
security = user
domain logons = yes
logon path = \\%L\profiles\%u\%m
logon script = logon.bat
logon drive = H:
logon home = \\%L\%u\.win_profile\%m
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
#Used by Windows to read the system policies and logon script
[netlogon]
path = /mnt/ftp/FtpServer/smbTest/netlogon
writable = no
browsable = no
#
[profiles]
path = /mnt/ftp/FtpServer/smbTest/profiles
browsable = no
writable = yes
create mask = 0600
directory mask = 0700
[homes]
read only = no
browsable = no
guest ok = no
map archive = yes
[test]
comment = For testting only, please
path = /mnt/ftp/FtpServer/smbTest
read only = no
What going on? Can someone help me ?
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
It is *possibly* trying to look up your SAMBA box using a DNS name, and I would bet that it can't resolve it. What you would normally do is host your own DNS, starting with Windows 2000 and Active Directory. If you are familiar with using DNS in Linux, I would suggest setting up that box to do so. If you are not familiar with doing this, you can edit your hosts file on your XP box and enter your DNS domain name, and the FQDN (fully qualified domain name) of your Linux box there. Also, you might want to rename the lmhosts.sam file to "lmhosts", and enter the NetBIOS name of your domain/workgroup ("Home" in your case) and the NetBIOS name of your server.
The error itself is pointing to a lack of SRV record for an LDAP server (domain controller), which leads me to believe it's looking for an AD domain to join when you try to connect. Once you have the name resolution dealt with (run nbtstat -R to flush NetBIOS names, and ipconfig /flushdns to flush cached DNS entries on your Windows box) it should run better. At that point, you should be able to join your XP box to your SAMBA domain/workgroup.
The error itself is pointing to a lack of SRV record for an LDAP server (domain controller), which leads me to believe it's looking for an AD domain to join when you try to connect. Once you have the name resolution dealt with (run nbtstat -R to flush NetBIOS names, and ipconfig /flushdns to flush cached DNS entries on your Windows box) it should run better. At that point, you should be able to join your XP box to your SAMBA domain/workgroup.
Thanks cluch!
But I did spend several hours trying to configure a DNS on my box. But it still does not work...maybe my DNS in not correctly set up.
Here are the files...
Quote:options { directory "/var/named";
//query-source address * port 53;
forwarders {
206.47.244.136;
206.47.244.102;
};
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "blak2180.org" {
type master;
allow-update { none; };
allow-query { any; };
file "localhost.zone";
};
zone "1.168.192.in-addr.arpa" {
type master;
notify no;
file "named.local";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "name.local2";
allow-update { none; };
};
Quote:$TTL 86400@ IN SOA ns1.blak2180.org. blaktyger.gmail.com. (
42 ; serial #
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN A 192.168.1.101
IN NS ns1.blak2180.org.
ns1 IN A 192.168.1.101
scarface IN A 192.168.1.102
blak2180 IN A 192.168.1.101
_ldap._tcp.dc._msdcs.blak2180.org. 600 IN SRV 0 100 389 blak2180.org.
Quote:$TTL 86400@ IN SOA ns1.blak2180.org. blaktyger.gmail.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.blak2180.org.
101 IN PTR ns1.blak2180.org.
102 IN PTR scarface.blak2180.org.
_ldap._tcp.dc._msdcs.blak2180.org. 600 IN SRV 0 100 389 blak2180.org.
But I did spend several hours trying to configure a DNS on my box. But it still does not work...maybe my DNS in not correctly set up.
Here are the files...
Quote:options { directory "/var/named";
//query-source address * port 53;
forwarders {
206.47.244.136;
206.47.244.102;
};
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "blak2180.org" {
type master;
allow-update { none; };
allow-query { any; };
file "localhost.zone";
};
zone "1.168.192.in-addr.arpa" {
type master;
notify no;
file "named.local";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "name.local2";
allow-update { none; };
};
Quote:$TTL 86400@ IN SOA ns1.blak2180.org. blaktyger.gmail.com. (
42 ; serial #
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN A 192.168.1.101
IN NS ns1.blak2180.org.
ns1 IN A 192.168.1.101
scarface IN A 192.168.1.102
blak2180 IN A 192.168.1.101
_ldap._tcp.dc._msdcs.blak2180.org. 600 IN SRV 0 100 389 blak2180.org.
Quote:$TTL 86400@ IN SOA ns1.blak2180.org. blaktyger.gmail.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.blak2180.org.
101 IN PTR ns1.blak2180.org.
102 IN PTR scarface.blak2180.org.
_ldap._tcp.dc._msdcs.blak2180.org. 600 IN SRV 0 100 389 blak2180.org.
A couple of things of interest to me:
1. Are you supposed to have a "." zone? Normally, that makes the DNS server authoritative for all zones, and may disable use of the forwarders since the DNS box thinks it knows all.
2. I don't think I would keep the SRV record, as you are trying to provide for an LDAP store location, but it didn't sound like you are running an LDAP service (or are you?).
You might just try editing those files on the XP box, and see if that helps your situation. If it does, then you have a name resolution issue, and we need more details of your network (hostnames, IPs, services provided by hosts, etc). Also, check to see if you can properly resolve all of the names using nslookup (or dig, if possible) from your XP client.
1. Are you supposed to have a "." zone? Normally, that makes the DNS server authoritative for all zones, and may disable use of the forwarders since the DNS box thinks it knows all.
2. I don't think I would keep the SRV record, as you are trying to provide for an LDAP store location, but it didn't sound like you are running an LDAP service (or are you?).
You might just try editing those files on the XP box, and see if that helps your situation. If it does, then you have a name resolution issue, and we need more details of your network (hostnames, IPs, services provided by hosts, etc). Also, check to see if you can properly resolve all of the names using nslookup (or dig, if possible) from your XP client.
OK, I do admin I didn't know what I was doing when I tried to set up my DNS box since I wasnt familliar with it(The itention was to set up a local dns... And I'm also not with editing host and lmhost files on Windows(On ...
My network
Computer 1:
OS:Slackware 9.1
Name: Spike
IP: 192.168.1.101
Gateway:192.168.1.1
Computer 2:
OS:Slackware 9.1/Windows XP
Name: scarface
IP: 192.168.1.102
Gateway:192.168.1.1
Router: 192.168.1.1
Computer 1 hosts a Personnal Web Server, FTP, Samba..
So would I put the followinf entry in the host file:
192.168.1.101 spike
192.168.1.102 scarface
And the following in the lmhost file:
blak2180.org 192.168.1.101
???
Thanks
My network
Computer 1:
OS:Slackware 9.1
Name: Spike
IP: 192.168.1.101
Gateway:192.168.1.1
Computer 2:
OS:Slackware 9.1/Windows XP
Name: scarface
IP: 192.168.1.102
Gateway:192.168.1.1
Router: 192.168.1.1
Computer 1 hosts a Personnal Web Server, FTP, Samba..
So would I put the followinf entry in the host file:
192.168.1.101 spike
192.168.1.102 scarface
And the following in the lmhost file:
blak2180.org 192.168.1.101
???
Thanks
Almost, but a bit backwards:
lmhosts file:
192.168.1.101 spike
192.168.1.102 scarface
And the following in the hosts file:
192.168.1.101 blak2180.org
192.168.1.101 spike.blak2180.org
192.168.1.102 scarface.blak2180.org
What would be ideal is to configure the SAMBA system as a WINS box, and then point the WINS entry in your XP client's IP properties to it. However, it has been a awhile since I have needed to configure a SAMBA server (mostly use them for clients in an AD environment) so I would have to look over the smb.conf to refresh my memory.
lmhosts file:
192.168.1.101 spike
192.168.1.102 scarface
And the following in the hosts file:
192.168.1.101 blak2180.org
192.168.1.101 spike.blak2180.org
192.168.1.102 scarface.blak2180.org
What would be ideal is to configure the SAMBA system as a WINS box, and then point the WINS entry in your XP client's IP properties to it. However, it has been a awhile since I have needed to configure a SAMBA server (mostly use them for clients in an AD environment) so I would have to look over the smb.conf to refresh my memory.
Figures. I used to ask about firewalls being on, but then would get bashed with "of course it's OFF!"
If your firewall has a logging facility, you could just re-enable it and then try again. You can then review the logs for the failed ports. The ports that I have to enable for remote management of XP workstations are:
UDP: 137, 138
TCP: 135, 139, 445
If you can do without 135, then that would be a good idea. You might need the other four, but lock them all and check the logs first. Only open up what you need.
If your firewall has a logging facility, you could just re-enable it and then try again. You can then review the logs for the failed ports. The ports that I have to enable for remote management of XP workstations are:
UDP: 137, 138
TCP: 135, 139, 445
If you can do without 135, then that would be a good idea. You might need the other four, but lock them all and check the logs first. Only open up what you need.
