When i disabled the NetBios over TCP/IP in Win2K3 server(Port-445 only) and "NTLMv2 only/refuse LM & NTLM" in security settings.Domain join is failing in samba and im getting the error "Unable to find the suitable server",But AD join is happening successfully. Below are my smb.conf. [global] private dir = /usr/local/samba3.3.6/tdbstore unix charset = LOCALE workgroup = NSK2K3 netbios name = SMB client signing = auto server signing = auto #realm = nsk2k3.com server string = Samba 3.3.6 security = DOMAIN #security = user client ntlmv2 auth = Yes #map to guest = bad user password server = 172.168.4.111 username map = /etc/samba/smbusers add user script = /usr/sbin/useradd -s /bin/false %u log level = 101 max log size = 0 #syslog = 0 log file = /usr/local/samba3.3.6/log/common.log printcap name = CUPS ldap ssl = no idmap uid = 10000-20000 idmap gid = 10000-20000 #template primary group = "Domain Users" #template shell = /bin/bash #winbind separator = + printing = cups [homes] comment = Home Directories valid users = %S read only = No browseable = No [File Share] comment = File Share path = /usr/local/samba3.3.6/file_share read only = No browseable = Yes create mask = 0777 guest ok = yes guest only = yes [printers] comment = SMB Print Spool path = /var/spool/samba guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers admin users = root, Administrator write list = root /etc/hosts 172.168.4.111 trin.nsk2k3.com trin 172.168.7.174 smb.nsk2k3.com smb Below are the errors: [root@localhost bin]# ./net rpc join -U adminsitrator Unable to find a suitable server for domain NSK2K3 Unable to find a suitable server for domain NSK2K3 [root@localhost bin]#
Created attachment 4474 [details] SMB configuration for Domain Join.
Created attachment 4475 [details] Debug Logs
What do you exactly mean by "But AD join is happening successfully"? If you mean by this that "net ads join" work but "net rpc join" does not, then I'd pretty much say that this is by design. The RPC join is designed to work with NetBIOS only, we're trying resolve the DC name with NetBIOS mechanisms. Only with "net ads join" we're using the DNS methods. Please re-open this bug if I misunderstood you. Thanks, Volker