Bug 6575 - Domain join fail when disabled the NetBIOS over TCP/IP in Win2K3 server.
Summary: Domain join fail when disabled the NetBIOS over TCP/IP in Win2K3 server.
Status: RESOLVED INVALID
Alias: None
Product: Samba 3.3
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.3.6
Hardware: Other Windows 2003
: P3 normal
Target Milestone: ---
Assignee: Guenther Deschner
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-07-27 07:08 UTC by Karthikeyan
Modified: 2009-07-28 03:20 UTC (History)
0 users

See Also:


Attachments
SMB configuration for Domain Join. (1.19 KB, text/plain)
2009-07-27 07:11 UTC, Karthikeyan
no flags Details
Debug Logs (23.45 KB, text/plain)
2009-07-27 07:12 UTC, Karthikeyan
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Karthikeyan 2009-07-27 07:08:13 UTC
When i disabled the NetBios over TCP/IP in Win2K3 server(Port-445 only) and "NTLMv2 only/refuse LM & NTLM" in security settings.Domain join is failing in samba and im getting the error "Unable to find the suitable server",But AD join is happening successfully.
Below are my smb.conf.
[global]
private dir = /usr/local/samba3.3.6/tdbstore
unix charset = LOCALE
workgroup = NSK2K3
netbios name = SMB
client signing = auto
server signing = auto
#realm = nsk2k3.com
server string = Samba 3.3.6
security = DOMAIN
#security = user
client ntlmv2 auth = Yes
#map to guest = bad user
password server = 172.168.4.111
username map = /etc/samba/smbusers
add user script = /usr/sbin/useradd -s /bin/false %u
log level = 101
max log size = 0
#syslog = 0
log file = /usr/local/samba3.3.6/log/common.log
printcap name = CUPS
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
#template primary group = "Domain Users"
#template shell = /bin/bash
#winbind separator = +
printing = cups

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[File Share]
comment = File Share
path = /usr/local/samba3.3.6/file_share
read only = No
browseable = Yes
create mask = 0777
guest ok = yes
guest only = yes

[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
admin users = root, Administrator
write list = root

/etc/hosts
172.168.4.111 trin.nsk2k3.com trin
172.168.7.174 smb.nsk2k3.com smb

Below are the errors:
[root@localhost bin]# ./net rpc join -U adminsitrator
Unable to find a suitable server for domain NSK2K3
Unable to find a suitable server for domain NSK2K3
[root@localhost bin]#
Comment 1 Karthikeyan 2009-07-27 07:11:34 UTC
Created attachment 4474 [details]
SMB configuration for Domain Join.
Comment 2 Karthikeyan 2009-07-27 07:12:32 UTC
Created attachment 4475 [details]
Debug Logs
Comment 3 Volker Lendecke 2009-07-28 03:20:57 UTC
What do you exactly mean by "But AD join is happening successfully"?

If you mean by this that "net ads join" work but "net rpc join" does not, then I'd pretty much say that this is by design. The RPC join is designed to work with NetBIOS only, we're trying resolve the DC name with NetBIOS mechanisms. Only with "net ads join" we're using the DNS methods.

Please re-open this bug if I misunderstood you.

Thanks,

Volker