Problem
Your Windows Client is not able to join the Domain. You will see messages similar to the following:
The DNS query about the Service Identification (SRV) resource entry used to search for a domain controller for the domain "multi.ucs" has been successfully completed:
This is a query of the SRV entry for _ldap._tcp.dc._msdcs.multi.ucs.
The following domain controllers were identified by the query: master.multi.ucs
However, no connection could be established with domain controllers.
German version:
Die DNS-Abfrage ueber den Ressourceneintrag der Dienstidentifizierung(SRV), der zur Suche eines Domaencontrollers fuer die Domaene "multi.ucs" verwerndet wird, wurde erfolgreich abgeschlossen:
Es handelt sich um die Abfrage des SRV-Eintrags fuer _ldap._tcp.dc._msdcs.multi.ucs.
Die folgenden Domaencontroller wurden von der Abfrage identifiziert: multi.ucs
Es konnte jedoch keine Verbindung mit Domaencontrollern hergestellt werden.
Solution
Step 1
Follow this article to do basic troubleshooting for the join process.
Step 2
Check if Samba is listening on port 389.
root@ucs:~# netstat -anp | grep 389 | grep samba
tcp 0 0 127.0.0.1:389 0.0.0.0:* LISTEN 9249/samba: task[ld
tcp6 0 0 ::1:389 :::* LISTEN 9249/samba: task[ld
udp 0 0 127.0.0.1:389 0.0.0.0:* 9251/samba: task[cl
udp6 0 0 ::1:389 :::* 9251/samba: task[cl
You notice the processes for tcp and (not tcp6/udp6) are listening on the IP addresse 127.0.0.1 instead of all interfaces (would be 0.0.0.0:389). 127.0.0.1 is localhost only and therefor Samba does not get any requests from the Clients.
Step 3
Check configured Samba interfaces
root@master:~# ucr get samba/interfaces/bindonly
yes
root@master:~# ucr get samba/interfaces
lo <interfaces/primary>
root@master:~# ucr get interfaces/primary
ens196
Step 4
Check current network configuration.
root@master:~# ip a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:bf:04:3b brd ff:ff:ff:ff:ff:ff
inet 10.250.200.100/24 brd 10.250.200.255 scope global ens192
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:febf:43b/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:fe:ee:bd:7b brd ff:ff:ff:ff:ff:ff
inet 172.17.42.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
Step 5
Verify network configuration with above UCR variables.
In the UCR variable as primary interface ens196 is set while the configured one is ens192 (see above). So Samba is not able to bind ti the configured interface ens196 and therefore only binds to localhost.
Step 6
Re-configure your primary network to the correct one.
root@master:~# ucr set interfaces/primary=ens192
root@master:~# /etc/init/samba restart
After the samba restart it now is bound to all IP addresses configured:
root@master:~# netstat -anp| grep 389
tcp 0 0 0.0.0.0:7389 0.0.0.0:* LISTEN 57567/slapd
tcp 0 0 10.250.200.100:389 0.0.0.0:* LISTEN 343/samba: conn[lda
tcp 0 0 127.0.0.1:389 0.0.0.0:* LISTEN 343/samba: conn[lda
[...]
udp 0 0 10.250.200.100:389 0.0.0.0:* 2030/samba: task[cl
udp 0 0 127.0.0.1:389 0.0.0.0:* 2030/samba: task[cl
Join of the windows client should succeed now.