Kein Domain join nach Neuinstallation des UCS


#1

Hallo!

Ich musste aus diversen Gründen unseren UCS neuinstallieren.
Er wurde, wie der Vorgänger, als AD DC konfiguriert, mit dem selben Domainamen wie die alte Maschine.

DNS ist korrekt aber dennoch kann ich mit der einen :slight_smile: Windowsmaschine (welche unter dem alten DC der Domain bereits beigetreten war) nicht der Domain beitreten:
Windows meldet
“Es konnte keine Verbindung mit einem AD DC für die Domöne hergestellt werden”
Und unter Details
Abfrage des SRV Eintrages nach dem LDAP Server erfolgreich.
Es konnte jedoch keine Verbindung mit Domäncontrollern hergestellt werden.

Bei einem tcpdump sehe ich dass versucht wird auf UDP Port 389 zuzugreifen, dies jedoch mit einem ICP Port unreachable beantwortet wird.
Desweiteren mehrer UDP Pakete an Port 137 auf die aber keine Antwort kommt
IP 192.168.202.11.netbios-ns > PDC.netbios-ns: NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST

Für jeden Tip dankbar!
Christian


#2

Hi,

meanwhile outdated, I assume?

Anyways: Do you have installed the samba4 package? It is not installed by default!
And is samba started an up-and-running?

/KNEBB


#3

Hi,

yes samba4 was installed and running.
But there seems to be a bug in the configuration:
Samba is not listening on all interfaces in the default (at least in our fresh installed instance) configuration.
Christian


#4

Hey,

That is correct. The default is to listen on lo and the interface the server considers its primary interface (e.g. eth0 for a regular network interface or br0 if it’s bridged). You can change that by setting the UCR variable samba/interfaces and restarting the samba service.

Kind regards,
mosu


#5

I am not 100% certain but if i remember correctly bridged networking is set up automagically when configuring UCS as VM supervisor/host?
If that is the case the br0 is nonetheless not considered as the servers primary interface.
Christian


#6

Hey,

hmm, sounds like a bug. What actually happens is: the content of the UCR variable interfaces/primary is used. This defaults to eth0 if it isn’t set. And that seems to be the bug to me; in a setup where eth0 is part of a bridge, the bridge interface should be used instead.

And it looks like this issue is known already.

Kind regards,
mosu


#7

yes, this is exactly the same problem.
But noone seems to care :slight_smile:


#8

Hi,

may I recall the issue?

By default (and if interfaces/primary is not set) Samba listens to eth0 only.

When UVMM virtualization comes into play it converts the eth0 interface to a br0 bridge.

Result is, Samba does not listen to any interface, as the default eth0 does not work.

I assume the bug is UVMM should set interfaces/primary to br0? I bet some say we should not set a primary interface if it has not been set before… so this could be seen from different point of views.

As a solution you should set interfaces/primary to “lo br0” or just to “br0”, restart Samba and everything works fine, right?

Well, solved so far I would say. Probably a documentation issue?

/KNEBB


#9

Hey,

do not remove lo from the list of interfaces as that’ll lead to Kerberos problems as /etc/krb5.conf usually contains 127.0.0.1 as the KDC’s address.

Kind regards
mosu