Windows Clients unable to join Samba DC Domain

BlackArch.py

2/20/23, 1:37 PM

I've been trying to setup Samba as an AD DC on Ubuntu Server 20.04 but keep running into some issues.

Some information:

Domain = mvz.intern

DC { hostname = dc02.mvz.intern - ipv4 = 192.168.50.239 }

PC { hostname = pc - ipv4 = 192.168.50.163
dns1 = dc - dns2 = router } DC is a Hyper V VM Ubuntu Server 20.04 PC is the Hyper V host ( regular workstation )

Hosts on client:

192.168.50.239 dc02.mvz.intern
#192.168.50.239  dc02
#192.168.50.239  mvz.intern

DC netplan config (nameserver changed to 192.168.50.239):

DC smb.conf (tried DNS forwarder 8.8.8.8):

I missed out on setting the DC as its own nameserver. After fixing that, netplan apply and rebooting both systems, I'm still not able to ping neither DC from my PC nor my PC from DC. If I nslookup the domain, it says server unknown, but has the correct IP.

samba-tool domain forest list

shows me the forest function level so the domain seems to be up.

Trying to:

AddComputer -DomainName MVZ.INTERN

on the client isn't able to establish a connection, of course.

I've heard about the collision of SMB versions. Could this be the issue? Or even a Chicken or the egg thing (Hyper-V)? How would you troubleshoot this?

The guide I followed mentioned setting hostname+fqdn as hostname, e.g. dc02.mvz.intern, could this be causing trouble?

0 + 0

server

samba

dns

BlackArch.py

2/20/23, 1:41 PM

mainly, I want to clear that DNS-Problem and join the domain with that mentioned client, background is to be able to use AD via RSAT Tools and be able manage clients via AD

Rowland Penny

2/20/23, 5:53 PM

not sure where you got 'samba-tool domain forest list' from, it doesn't exist, do you mean 'samba-tool domain level show' ? How did you you provision your DC ?

BlackArch.py

2/21/23, 12:12 PM

Thanks for the Quick Reply.

BlackArch.py

2/21/23, 12:19 PM

Yeah "level show" was what i meant. i provisioned it with `sudo samba-tool domain provision`. Then `sudo cp /var/lib/samba/private/krb5.conf /etc/`. After that `sudo systemctl disable --now smbd nmbd winbind systemd-resolved sudo systemctl unmask samba-ad-dc sudo systemctl enable --now samba-ad-dc` Followed by checking the forest level with domain level show and creating an user.

BlackArch.py

2/21/23, 12:21 PM

Now what really confuses me. As i said im guessing its an chicken egg issue cause the client trying to join the samba domain is the hyper v host of the dc-vm at the same time. I am able to ping anyone in the network from both. But no chance on pinging each other. I already uninstalled the NetworkManager Service cause i've read about collision with netplan. Still dont seem to be able to make them see eachother.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Windows Clients unable to join Samba DC Domain

TH: ไคลเอนต์ Windows ไม่สามารถเข้าร่วมโดเมน Samba DC

RO: Clienții Windows nu se pot alătura domeniului Samba DC

RU: Клиенты Windows не могут присоединиться к домену Samba DC

VI: Máy khách Windows không thể tham gia Miền Samba DC

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.