unable to join to a Samba4 domain
in [Samba]
|
From: Lukasz Zalewski on 25 May 2010 15:00 On 25/05/2010 14:08, Tomasz Chmielewski wrote: > Am 25.05.2010 14:50, Tomasz Chmielewski wrote: >> Am 25.05.2010 13:58, Lukasz Zalewski wrote: >> >>>> What more info should I provide? >>>> >>>> >>> >>> The only way i can replicate your problem and get simmilar message, is >>> by blocking access to port 389 both TCP and UDP on the samba4 host - it >>> seems like enabling either (i.e. TCP or UDP) produces enter credentials >>> dialog. Note that i have used Windows 7 rather than Srv2008 >> >> The only packets exchanged, from the moment I press "OK" button to >> when the error is shown, are: >> >> - DNS queries >> - LDAP queries >> >> (192.168.128.11 - Samba4; 192.168.128.12 - Windows 2008) >> >> So, nothing blocked on Samba4 side (and LDAP queries add some data to >> Samba debug log). > > If I block LDAP on UDP, Windows does not send queries to LDAP on TCP. Is > it the same for you? > > And indeed, the error message is the same whether 389/UDP is blocked or > not. > I'n my case if one protocol (TCP or UDP) in that port is enabled things seem to work. if both are disabled i get the error message. Have you tried to disable firewall on samba4 host just to rule it out? Presumably you don't have any other firewalls in the way? I will try to join Windows 2008 to the domain tomorrow as a test. Luk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Tomasz Chmielewski on 25 May 2010 15:10 Am 25.05.2010 20:55, Lukasz Zalewski wrote: >> If I block LDAP on UDP, Windows does not send queries to LDAP on TCP. Is >> it the same for you? >> >> And indeed, the error message is the same whether 389/UDP is blocked or >> not. >> > > I'n my case if one protocol (TCP or UDP) in that port is enabled things > seem to work. if both are disabled i get the error message. Have you > tried to disable firewall on samba4 host just to rule it out? Presumably > you don't have any other firewalls in the way? I will try to join > Windows 2008 to the domain tomorrow as a test. There is no firewall between the hosts. I'll try to test it with Windows XP, but it may take 1-2 days before I'm able to do it. -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Tomasz Chmielewski on 27 May 2010 05:00 Am 25.05.2010 21:03, Tomasz Chmielewski wrote: > Am 25.05.2010 20:55, Lukasz Zalewski wrote: > >>> If I block LDAP on UDP, Windows does not send queries to LDAP on TCP. Is >>> it the same for you? >>> >>> And indeed, the error message is the same whether 389/UDP is blocked or >>> not. >>> >> >> I'n my case if one protocol (TCP or UDP) in that port is enabled things >> seem to work. if both are disabled i get the error message. Have you >> tried to disable firewall on samba4 host just to rule it out? Presumably >> you don't have any other firewalls in the way? I will try to join >> Windows 2008 to the domain tomorrow as a test. > > There is no firewall between the hosts. > > I'll try to test it with Windows XP, but it may take 1-2 days before I'm > able to do it. Unfortunately, Windows XP SP3 fails to join a Samba4 domain as well. How can I troubleshoot it? -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Tomasz Chmielewski on 29 May 2010 14:20 Am 29.05.2010 20:15, Lukasz Zalewski wrote: >> Unfortunately, Windows XP SP3 fails to join a Samba4 domain as well. >> >> How can I troubleshoot it? > Are both the samba4 and client machine on the same subnet? If not are > there any firewalls, or routers in the way? Same subnet, no firewalls or routers on the way. > Is your client dns configuration pointing explicitly at samba4 Yes. -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Lukasz Zalewski on 29 May 2010 14:20
On 27/05/2010 09:54, Tomasz Chmielewski wrote: > Am 25.05.2010 21:03, Tomasz Chmielewski wrote: >> Am 25.05.2010 20:55, Lukasz Zalewski wrote: >> >>>> If I block LDAP on UDP, Windows does not send queries to LDAP on >>>> TCP. Is >>>> it the same for you? >>>> >>>> And indeed, the error message is the same whether 389/UDP is blocked or >>>> not. >>>> >>> >>> I'n my case if one protocol (TCP or UDP) in that port is enabled things >>> seem to work. if both are disabled i get the error message. Have you >>> tried to disable firewall on samba4 host just to rule it out? Presumably >>> you don't have any other firewalls in the way? I will try to join >>> Windows 2008 to the domain tomorrow as a test. >> >> There is no firewall between the hosts. >> >> I'll try to test it with Windows XP, but it may take 1-2 days before I'm >> able to do it. > > Unfortunately, Windows XP SP3 fails to join a Samba4 domain as well. > > How can I troubleshoot it? > > Are both the samba4 and client machine on the same subnet? If not are there any firewalls, or routers in the way? Is your client dns configuration pointing explicitly at samba4 Regards Luk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |