Error connecting WinXP client to Samba PDC: DNS name does not exist / RCODE_NAME_ERROR
in [Samba]
|
Prev: [Samba] Samba + Windows 2008 + Solaris + Native nss_ldap/gssapi - Possible?
Next: [Samba] Optimizing Samba to stream movies
From: Gaiseric Vandal on 5 Nov 2009 12:40 Do you have NBT (netbios over tcp) disabled in XP? That would prevent it joining an "NT4" type domain. Is nmbd running on your samba server? SRV DNS records shd only be relevant for Active Domain DC's. It wouldn't hurt to add it to your DNS server. On 11/05/09 10:24, Christian Geiger wrote: > Hi! > > I so far succeeded in setting up a Samba NT4 DC with OpenLDAP backend. > Unfortunately I get the following error message connecting a Windows > XP client to the domain (translated from german): > > [...] > The error was: "DNS name does not exist." > (error code 0x0000232B RCODE_NAME_ERROR) > > The query was for the SRV record for _ldap._tcp.dc._msdcs.lohrmann.de > [...] > > This is surely due to a problem in the name resolution. I therefore > configured the Samba server as a WINS server and checked that it is > the only one on the net. The WinXP client has been told to use this as > its WINS server and has additionaly been supplied with entries in the > hosts and lmhosts configuration files (step by step, always testing in > between). Unfortunately, this changed nothing. :( > > Unsucessfully seeking for a solution on the web for quite a time now I > would be very grateful if someone could help me! > > Find below my smb.conf, the hosts and lmhosts file from the WinXP > client as well as the console ouput showing some NetBIOS information > of client (emco-test) and server (domain-controller). > > Thank you very much in advance! :) > > Chris > > -------- > > smb.conf: > > [global] > > log level = 2 > wins support = yes > netbios name = domain-controller > > workgroup = LOHRMANN.DE > domain logons = yes > domain master = yes > local master = yes > preferred master = yes > os level = 65 > > passdb backend = ldapsam > ldap admin dn = cn=samba,dc=lohrmann,dc=de > ldap suffix = dc=lohrmann,dc=de > ldap passwd sync = yes > ldap machine suffix = ou=machines > ldap user suffix = ou=users > ldap group suffix = ou=groups > ldap idmap suffix = ou=idmaps > ldap ssl = no > idmap backend = ldap > idmap alloc backend = ldap > idmap alloc config:ldap_base_dn = ou=idmaps,dc=lohrmann,dc=de > idmap alloc config:ldap_user_dn = cn=samba,dc=lohrmann,dc=de > idmap alloc config:ldap_url = ldap://ldap.lohrmann.de > idmap uid = 10000-20000 > idmap gid = 10000-20000 > > ldapsam:trusted = yes > ldapsam:editposix = yes > > logon drive = H: > > [homes] > comment = Users Home Directories > valid users = %S > writeable = yes > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > > [printers] > comment = All Printers > browseable = no > path = /var/spool/samba > printable = yes > guest ok = no > read only = yes > create mask = 0700 > > [print$] > comment = Printer Drivers > path = /var/lib/samba/printers > browseable = yes > read only = yes > guest ok = no > > > hosts: > > 127.0.0.1 localhost > 192.168.182.3 lohrmann.de > 192.168.182.3 domain-controller.lohrmann.de > > > lmhosts: > > 192.168.182.3 domain-controller #PRE > > > console output client: > > C:\Dokumente und Einstellungen\Administrator>nbtstat -c > > LAN-Verbindung: > Knoten-IP-Adresse: [192.168.182.187] Bereichskennung: [] > > NetBIOS-Remotecache-Namentabelle > > Name Typ Hostadresse Dauer [Sek.] > ------------------------------------------------------------- > LOHRMANN.DE <1C> GRUPPE 192.168.182.3 510 > DOMAIN-CONTROLL<03> EINDEUTIG 192.168.182.3 -1 > DOMAIN-CONTROLL<00> EINDEUTIG 192.168.182.3 -1 > DOMAIN-CONTROLL<20> EINDEUTIG 192.168.182.3 -1 > > C:\Dokumente und Einstellungen\Administrator>nbtstat -n > > LAN-Verbindung: > Knoten-IP-Adresse: [192.168.182.187] Bereichskennung: [] > > Lokale NetBIOS-Namentabelle > > Name Typ Status > --------------------------------------------- > EMCO-TEST <00> EINDEUTIG Registriert > LOHRMANN <00> GRUPPE Registriert > EMCO-TEST <20> EINDEUTIG Registriert > LOHRMANN <1E> GRUPPE Registriert > > > console output server: > > root(a)domain-controller:/var/log# nmblookup -R -U 192.168.182.3 > lohrmann.de > added interface eth0 ip=fe80::4049:31ff:fe69:67a%eth0 > bcast=fe80::ffff:ffff:ffff > :ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > added interface eth0 ip=192.168.182.3 bcast=192.168.182.255 > netmask=255.255.255.0 > querying lohrmann.de on 192.168.182.3 > Got a positive name query response from 192.168.182.3 ( 0.0.0.0 ) > 0.0.0.0 lohrmann.de<00> > > root(a)domain-controller:/var/log# nmblookup -R -U 192.168.182.3 > domain-controller > added interface eth0 ip=fe80::4049:31ff:fe69:67a%eth0 > bcast=fe80::ffff:ffff:ffff > :ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > added interface eth0 ip=192.168.182.3 bcast=192.168.182.255 > netmask=255.255.255.0 > querying domain-controller on 192.168.182.3 > Got a positive name query response from 192.168.182.3 ( 192.168.182.3 ) > 192.168.182.3 domain-controller<00> > > root(a)domain-controller:/var/log# nmblookup -R -U 192.168.182.3 emco-test > added interface eth0 ip=fe80::4049:31ff:fe69:67a%eth0 > bcast=fe80::ffff:ffff:ffff > :ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > added interface eth0 ip=192.168.182.3 bcast=192.168.182.255 > netmask=255.255.255.0 > querying emco-test on 192.168.182.3 > Got a positive name query response from 192.168.182.3 ( 192.168.182.187 ) > 192.168.182.187 emco-test<00> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Christian Geiger on 6 Nov 2009 02:00 NBT is explicitly activated on the client (after the standard option didn't work) and nmbd is running on the server. Thx for the pointer anyway! The SRV DNS records might not hurt but would they really help? That seems a bit to me like just fighting the symptoms. Regarding that I do not have an alternative solution at the moment, I will try it anyways. :) Do you have another idea what the reason might be? Am 05.11.2009 16:51, schrieb Gaiseric Vandal: > Do you have NBT (netbios over tcp) disabled in XP? That would prevent > it joining an "NT4" type domain. > Is nmbd running on your samba server? > > SRV DNS records shd only be relevant for Active Domain DC's. It wouldn't > hurt to add it to your DNS server. > > > > > > > > On 11/05/09 10:24, Christian Geiger wrote: >> Hi! >> >> I so far succeeded in setting up a Samba NT4 DC with OpenLDAP backend. >> Unfortunately I get the following error message connecting a Windows >> XP client to the domain (translated from german): >> >> [...] >> The error was: "DNS name does not exist." >> (error code 0x0000232B RCODE_NAME_ERROR) >> >> The query was for the SRV record for _ldap._tcp.dc._msdcs.lohrmann.de >> [...] >> >> This is surely due to a problem in the name resolution. I therefore >> configured the Samba server as a WINS server and checked that it is >> the only one on the net. The WinXP client has been told to use this as >> its WINS server and has additionaly been supplied with entries in the >> hosts and lmhosts configuration files (step by step, always testing in >> between). Unfortunately, this changed nothing. :( >> >> Unsucessfully seeking for a solution on the web for quite a time now I >> would be very grateful if someone could help me! >> >> Find below my smb.conf, the hosts and lmhosts file from the WinXP >> client as well as the console ouput showing some NetBIOS information >> of client (emco-test) and server (domain-controller). >> >> Thank you very much in advance! :) >> >> Chris >> >> -------- >> >> smb.conf: >> >> [global] >> >> log level = 2 >> wins support = yes >> netbios name = domain-controller >> >> workgroup = LOHRMANN.DE >> domain logons = yes >> domain master = yes >> local master = yes >> preferred master = yes >> os level = 65 >> >> passdb backend = ldapsam >> ldap admin dn = cn=samba,dc=lohrmann,dc=de >> ldap suffix = dc=lohrmann,dc=de >> ldap passwd sync = yes >> ldap machine suffix = ou=machines >> ldap user suffix = ou=users >> ldap group suffix = ou=groups >> ldap idmap suffix = ou=idmaps >> ldap ssl = no >> idmap backend = ldap >> idmap alloc backend = ldap >> idmap alloc config:ldap_base_dn = ou=idmaps,dc=lohrmann,dc=de >> idmap alloc config:ldap_user_dn = cn=samba,dc=lohrmann,dc=de >> idmap alloc config:ldap_url = ldap://ldap.lohrmann.de >> idmap uid = 10000-20000 >> idmap gid = 10000-20000 >> >> ldapsam:trusted = yes >> ldapsam:editposix = yes >> >> logon drive = H: >> >> [homes] >> comment = Users Home Directories >> valid users = %S >> writeable = yes >> >> [netlogon] >> comment = Network Logon Service >> path = /var/lib/samba/netlogon >> >> [printers] >> comment = All Printers >> browseable = no >> path = /var/spool/samba >> printable = yes >> guest ok = no >> read only = yes >> create mask = 0700 >> >> [print$] >> comment = Printer Drivers >> path = /var/lib/samba/printers >> browseable = yes >> read only = yes >> guest ok = no >> >> >> hosts: >> >> 127.0.0.1 localhost >> 192.168.182.3 lohrmann.de >> 192.168.182.3 domain-controller.lohrmann.de >> >> >> lmhosts: >> >> 192.168.182.3 domain-controller #PRE >> >> >> console output client: >> >> C:\Dokumente und Einstellungen\Administrator>nbtstat -c >> >> LAN-Verbindung: >> Knoten-IP-Adresse: [192.168.182.187] Bereichskennung: [] >> >> NetBIOS-Remotecache-Namentabelle >> >> Name Typ Hostadresse Dauer [Sek.] >> ------------------------------------------------------------- >> LOHRMANN.DE <1C> GRUPPE 192.168.182.3 510 >> DOMAIN-CONTROLL<03> EINDEUTIG 192.168.182.3 -1 >> DOMAIN-CONTROLL<00> EINDEUTIG 192.168.182.3 -1 >> DOMAIN-CONTROLL<20> EINDEUTIG 192.168.182.3 -1 >> >> C:\Dokumente und Einstellungen\Administrator>nbtstat -n >> >> LAN-Verbindung: >> Knoten-IP-Adresse: [192.168.182.187] Bereichskennung: [] >> >> Lokale NetBIOS-Namentabelle >> >> Name Typ Status >> --------------------------------------------- >> EMCO-TEST <00> EINDEUTIG Registriert >> LOHRMANN <00> GRUPPE Registriert >> EMCO-TEST <20> EINDEUTIG Registriert >> LOHRMANN <1E> GRUPPE Registriert >> >> >> console output server: >> >> root(a)domain-controller:/var/log# nmblookup -R -U 192.168.182.3 >> lohrmann.de >> added interface eth0 ip=fe80::4049:31ff:fe69:67a%eth0 >> bcast=fe80::ffff:ffff:ffff >> :ffff%eth0 netmask=ffff:ffff:ffff:ffff:: >> added interface eth0 ip=192.168.182.3 bcast=192.168.182.255 >> netmask=255.255.255.0 >> querying lohrmann.de on 192.168.182.3 >> Got a positive name query response from 192.168.182.3 ( 0.0.0.0 ) >> 0.0.0.0 lohrmann.de<00> >> >> root(a)domain-controller:/var/log# nmblookup -R -U 192.168.182.3 >> domain-controller >> added interface eth0 ip=fe80::4049:31ff:fe69:67a%eth0 >> bcast=fe80::ffff:ffff:ffff >> :ffff%eth0 netmask=ffff:ffff:ffff:ffff:: >> added interface eth0 ip=192.168.182.3 bcast=192.168.182.255 >> netmask=255.255.255.0 >> querying domain-controller on 192.168.182.3 >> Got a positive name query response from 192.168.182.3 ( 192.168.182.3 ) >> 192.168.182.3 domain-controller<00> >> >> root(a)domain-controller:/var/log# nmblookup -R -U 192.168.182.3 emco-test >> added interface eth0 ip=fe80::4049:31ff:fe69:67a%eth0 >> bcast=fe80::ffff:ffff:ffff >> :ffff%eth0 netmask=ffff:ffff:ffff:ffff:: >> added interface eth0 ip=192.168.182.3 bcast=192.168.182.255 >> netmask=255.255.255.0 >> querying emco-test on 192.168.182.3 >> Got a positive name query response from 192.168.182.3 ( 192.168.182.187 ) >> 192.168.182.187 emco-test<00> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Christian Geiger on 6 Nov 2009 09:20 OK - using wireshark I further investigated into it. The name resolution probably isn't the problem as the client sends a netlogon request to the domain controller: [code] 6 7.496115 192.168.182.187 192.168.182.3 SMB_NETLOGON SAM LOGON request from client [/code] However, no reply seems to be sent back to the client by the samba server according to the wireshark protocol. This is what nmbd logs at the same time (debug level 3): [code] [2009/11/06 14:57:48, 3] nmbd/nmbd_winsserver.c:wins_process_name_query_request (1918) wins_process_name_query: name query for name LOHRMANN.DE<1c> from IP 192.168.1 82.187 [2009/11/06 14:57:48, 3] nmbd/nmbd_winsserver.c:wins_process_name_query_request (1970) wins_process_name_query: name query for name LOHRMANN.DE<1c> returning first I P 192.168.182.3. [2009/11/06 14:57:48, 3] nmbd/nmbd_processlogon.c:process_logon_packet(386) process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize 0 ntv 11 [2009/11/06 14:57:48, 3] nmbd/nmbd_processlogon.c:process_logon_packet(667) process_logon_packet: processing delayed initial logon reply for client EMCO-T EST(192.168.182.187) [2009/11/06 14:57:48, 3] nmbd/nmbd_processlogon.c:process_logon_packet(386) process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize 0 ntv 11 [2009/11/06 14:57:48, 3] nmbd/nmbd_processlogon.c:process_logon_packet(667) process_logon_packet: processing delayed initial logon reply for client EMCO-T EST(192.168.182.187) [2009/11/06 14:57:56, 3] nmbd/nmbd_processlogon.c:process_logon_packet(386) process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize 0 ntv 11 [2009/11/06 14:57:56, 3] nmbd/nmbd_processlogon.c:process_logon_packet(667) process_logon_packet: processing delayed initial logon reply for client EMCO-T EST(192.168.182.187) [2009/11/06 14:57:56, 3] nmbd/nmbd_processlogon.c:process_logon_packet(386) process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize 0 ntv 11 [2009/11/06 14:57:56, 3] nmbd/nmbd_processlogon.c:process_logon_packet(667) process_logon_packet: processing delayed initial logon reply for client EMCO-T EST(192.168.182.187) [/code] Has someone an idea? Thx! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Christian Geiger on 6 Nov 2009 09:50 Sorry - it seems I could use a break. I made an (embarrassing) mistake capturing the network traffic: in fact, the samba server DOES answer the request. The following response comes back: 4 0.001857 192.168.182.3 192.168.182.187 SMB_NETLOGON SAM Response - user unknown However, Windows does not ask for a user to login. Trying to join the domain using the netdom command from the Windows Support Tools supplying a user and password for the Domain (netdom join emco-test /Domain:lohrmann /UserD user /PasswordD password) doesn't work either. I'm really stuck - can someone please help me? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Christian Geiger on 9 Nov 2009 11:30
OK - finally fixed it. As already described in another thread, the problem was a too long netbios name. Adding the following line to the smb.conf fixed the problem: netbios name = dc Am 06.11.2009 15:48, schrieb Christian Geiger: > Sorry - it seems I could use a break. I made an (embarrassing) mistake > capturing the network traffic: in fact, the samba server DOES answer the > request. The following response comes back: > > 4 0.001857 192.168.182.3 192.168.182.187 SMB_NETLOGON SAM Response - > user unknown > > However, Windows does not ask for a user to login. Trying to join the > domain using the netdom command from the Windows Support Tools supplying > a user and password for the Domain (netdom join emco-test > /Domain:lohrmann /UserD user /PasswordD password) doesn't work either. > > I'm really stuck - can someone please help me? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |