0

I have 2 VMs running, one for Windows 10 Pro and a second with Debian 10. Basically I would like to have the windows machine join the samba AD that's running on Debian 10 VM.

I went trough the installation of samba on Debian, but I'm having issues trying to connect to AD from the Windows VM. When I try to join the domain, sometimes I get an error that says " "An Active Directory Domain Controller (AD DC) for the domain "DT-ENG" could not be contacted." sometimes it will find the domain when trying to join, lets me enter the username and password, but then it will error out with saying "an attempt to resolve the DNS name of a domain has failed".(I think it finds it, but doesn't connect)

Below are details of my files on debian and settings to see if someone catches something obvious that I might be missing. The domain I'm using is an actual website address by the way. (maybe that's the issue?)

Somethings I've also tried: I have added the samba AD server's static ip to the DNS servers in windows, both in the device property for IPV4 and on the windows hosts file. I can also ssh to the Debian VM with no problem as well ...

/etc/hosts
127.0.0.1       localhost localhost.localdomain
10.0.0.125      DC1.dt-eng.com    DC1

#The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

source /etc/network/interfaces.d/*  
# The loopback network interface
auto lo
iface lo inet loopback

auto enp0s3
allow-hotplug enp0s3
iface enp0s3 inet static
        address 10.0.0.125
        netmask 255.255.255.0
        network 10.0.0.1
        broadcast 10.0.0.255
        gateway 10.0.0.1
        dns-nameservers 10.0.0.125 8.8.8.8
        dns-search dt-eng.com

    /etc/krb5.conf
    [libdefaults]
            default_realm = DT-ENG.COM
            dns_lookup_realm = false
            dns_lookup_kdc = true

/etc/samba/smb.conf
# Global parameters
[global]
        dns forwarder = 10.0.0.125
        netbios name = DC1
        realm = DT-ENG.COM
        server role = active directory domain controller
        workgroup = DT-ENG
        idmap_ldb:use rfc2307 = yes

[netlogon]
        path = /var/lib/samba/sysvol/dt-eng.com/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

/etc/resolv.conf
# Generated by NetworkManager
      search dt-eng.com
      nameserver 10.0.0.125
      nameserver 127.0.0.1
      nameserver 8.8.8.8

...

j.valerio
  • 1
  • "for the domain "DT-ENG" could not be contacted". Where's the .com you defined in smb.conf's realm? DT-ENG.COM ? – Gerard H. Pille Apr 20 '20 at 00:52
  • Yes, DT-ENG.COM is the domain. I do want to mention that I am running two VMs. One VM is running Windows 10 Pro and the second is running Debian 10, my Host is Windows 10 Home. I have now been able to connect to the Windows VM to the Debian AD domain now, but RSAT doesn't connect to the domain. I think there is some issue with firewalls or network adapter settings. – j.valerio Apr 22 '20 at 13:38
  • I don't know if a Windows Home edition is best suited for this. Can you try this on a Linux host? – Gerard H. Pille Apr 22 '20 at 13:57

0 Answers0