Why can't I setup Samba 4.7.6 as Active Directory Domain Controller in Ubuntu 18.04.3 LTS Linux Server?
Turritopsis Dohrnii Teo En Ming
teo.en.ming.jan2020 at gmail.com
Mon Jan 27 10:00:00 UTC 2020
Subject: Why can't I setup Samba 4.7.6 as Active Directory Domain
Controller in Ubuntu 18.04.3 LTS Linux Server?
Good day from Singapore,
I need your expert advice.
Why can't I setup Samba 4.7.6 as Active Directory Domain Controller in
Ubuntu 18.04.3 LTS Linux Server?
By following the guide at
https://www.tecmint.com/install-samba4-active-directory-ubuntu/ , I was
able to setup Samba 4.3.11
as Active Directory Domain Controller in Ubuntu 16.04.6 LTS Linux Server
successfully.
You may refer to my extremely detailed 115-page PDF manual on how to setup
Samba 4.3.11 as Active Directory Domain Controller in Ubuntu 16.04.6 LTS
Linux Server at the following redundant blog links:
Blog Post: Teo En Ming's Setting Up Ubuntu 16.04.6 LTS Linux Server with
Samba4 as an Active Directory Domain Controller PDF Manual
[1]
http://tdtemcerts.blogspot.com/2020/01/teo-en-mings-setting-up-ubuntu-16046.html
[2]
https://tdtemcerts.wordpress.com/2020/01/26/teo-en-mings-setting-up-ubuntu-16-04-6-lts-linux-server-with-samba4-as-an-active-directory-domain-controller-pdf-manual/
So why can't I get Samba 4.7.6 to work as Active Directory Domain
Controller in Ubuntu 18.04.3 LTS Linux Server?
In Ubuntu 18.04.3 LTS Linux Server, the Samba version is 4.7.6, not 4.3.11.
Ubuntu 18.04.3 LTS is using netplan instead of /etc/network/interfaces on
Ubuntu 16.04.6 LTS.
I also found out that I had to unmask samba-ad-dc.service in Ubuntu 18.04.3
LTS.
Samba 4.7.6's INTERNAL DNS SERVER is only listening on 127.0.0.53, and not
on all network interfaces.
teo-en-ming at dc1:~$ sudo netstat -anp | grep -v unix | grep LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
446/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
897/sshd
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN
1056/samba
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN
1054/samba
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
1052/smbd
tcp 0 0 0.0.0.0:49152 0.0.0.0:* LISTEN
1043/samba
tcp 0 0 0.0.0.0:49153 0.0.0.0:* LISTEN
1043/samba
tcp 0 0 0.0.0.0:49154 0.0.0.0:* LISTEN
1043/samba
tcp 0 0 0.0.0.0:3268 0.0.0.0:* LISTEN
1054/samba
tcp 0 0 0.0.0.0:3269 0.0.0.0:* LISTEN
1054/samba
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
1054/samba
tcp 0 0 0.0.0.0:135 0.0.0.0:* LISTEN
1043/samba
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
1052/smbd
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN
1056/samba
tcp6 0 0 :::53 :::* LISTEN
1067/samba
tcp6 0 0 :::22 :::* LISTEN
897/sshd
tcp6 0 0 :::88 :::* LISTEN
1056/samba
tcp6 0 0 :::636 :::* LISTEN
1054/samba
tcp6 0 0 :::445 :::* LISTEN
1052/smbd
tcp6 0 0 :::49152 :::* LISTEN
1043/samba
tcp6 0 0 :::49153 :::* LISTEN
1043/samba
tcp6 0 0 :::49154 :::* LISTEN
1043/samba
tcp6 0 0 :::3268 :::* LISTEN
1054/samba
tcp6 0 0 :::3269 :::* LISTEN
1054/samba
tcp6 0 0 :::389 :::* LISTEN
1054/samba
tcp6 0 0 :::135 :::* LISTEN
1043/samba
tcp6 0 0 :::139 :::* LISTEN
1052/smbd
tcp6 0 0 :::464 :::* LISTEN
1056/samba
Samba 4.7.6 in Ubuntu 18.04.3 LTS Linux Server throws up the following
errors:
teo-en-ming at dc1:~$ sudo systemctl status samba-ad-dc.service
● samba-ad-dc.service - Samba AD Daemon
Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled; vendor
preset: enabled)
Active: active (running) since Mon 2020-01-27 08:52:50 UTC; 17min ago
Docs: man:samba(8)
man:samba(7)
man:smb.conf(5)
Main PID: 841 (samba)
Status: "smbd: ready to serve connections..."
Tasks: 22 (limit: 1108)
CGroup: /system.slice/samba-ad-dc.service
├─ 841 /usr/sbin/samba --foreground --no-process-group
├─1042 /usr/sbin/samba --foreground --no-process-group
├─1043 /usr/sbin/samba --foreground --no-process-group
├─1044 /usr/sbin/samba --foreground --no-process-group
├─1051 /usr/sbin/samba --foreground --no-process-group
├─1052 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
├─1053 /usr/sbin/samba --foreground --no-process-group
├─1054 /usr/sbin/samba --foreground --no-process-group
├─1055 /usr/sbin/samba --foreground --no-process-group
├─1056 /usr/sbin/samba --foreground --no-process-group
├─1057 /usr/sbin/samba --foreground --no-process-group
├─1058 /usr/sbin/samba --foreground --no-process-group
├─1059 /usr/sbin/samba --foreground --no-process-group
├─1060 /usr/sbin/samba --foreground --no-process-group
├─1064 /usr/sbin/samba --foreground --no-process-group
├─1066 /usr/sbin/samba --foreground --no-process-group
├─1067 /usr/sbin/samba --foreground --no-process-group
├─1068 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
├─1119 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
├─1132 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
├─1133 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
└─1135 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
Jan 27 09:02:47 dc1 samba[1064]: [2020/01/27 09:02:47.965323, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 27 09:02:47 dc1 samba[1064]: /usr/sbin/samba_dnsupdate: elif not
check_dns_name(d):
Jan 27 09:02:47 dc1 samba[1064]: [2020/01/27 09:02:47.965357, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 27 09:02:47 dc1 samba[1064]: /usr/sbin/samba_dnsupdate: File
"/usr/sbin/samba_dnsupdate", line 319, in check_dns_name
Jan 27 09:02:47 dc1 samba[1064]: [2020/01/27 09:02:47.965432, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 27 09:02:47 dc1 samba[1064]: /usr/sbin/samba_dnsupdate: raise
Exception("Unable to contact a working DNS server while looking for %s as
%s" % (d, normalised_name))
Jan 27 09:02:47 dc1 samba[1064]: [2020/01/27 09:02:47.965490, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 27 09:02:47 dc1 samba[1064]: /usr/sbin/samba_dnsupdate: Exception:
Unable to contact a working DNS server while looking for A
dc1.teo-en-ming.corp 192.168.1.10 as dc1.teo-en-ming.corp.
Jan 27 09:02:47 dc1 samba[1064]: [2020/01/27 09:02:47.979324, 0]
../source4/dsdb/dns/dns_update.c:290(dnsupdate_nameupdate_done)
Jan 27 09:02:47 dc1 samba[1064]: ../source4/dsdb/dns/dns_update.c:290:
Failed DNS update - with error code 1
teo-en-ming at dc1:~$
I have also found out that provisioning Samba 4.7.6 Active Directory Domain
Controller for my domain did not create any DNS records in Samba's INTERNAL
DNS Server, as the following examples
show.
teo-en-ming at dc1:~$ dig @127.0.0.53 teo-en-ming.corp
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @127.0.0.53 teo-en-ming.corp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;teo-en-ming.corp. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Jan 27 09:13:37 UTC 2020
;; MSG SIZE rcvd: 45
teo-en-ming at dc1:~$ dig @127.0.0.53 dc1.teo-en-ming.corp
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @127.0.0.53 dc1.teo-en-ming.corp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51346
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;dc1.teo-en-ming.corp. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Jan 27 09:15:16 UTC 2020
;; MSG SIZE rcvd: 49
teo-en-ming at dc1:~$
May I know what is wrong with Samba 4.7.6 in Ubuntu 18.04.3 LTS Linux
Server? Why is Samba 4.7.6 and Ubuntu 18.04.3 LTS behaving so differently
from Samba 4.3.11 and Ubuntu 16.04.6 LTS?
Additionally, can I request Samba to emulate Windows Server 2019 Active
Directory Domain Controller instead of Windows Server 2008 R2 Active
Directory Domain Controller?
Because I am using Windows 10 Professional.
Finally, I am planning to setup Samba4 Active Directory Domain Controller
in CentOS 8.1 1911 Linux Server by following the guide at
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
I would need to compile Samba from source code myself because Red Hat does
not officially support running Samba4 as an Active Directory Domain
Controller.
Please advise.
Thank you very much.
-----BEGIN EMAIL SIGNATURE-----
The Gospel for all Targeted Individuals (TIs):
[The New York Times] Microwave Weapons Are Prime Suspect in Ills of
U.S. Embassy Workers
Link:
https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html
********************************************************************************************
Singaporean Mr. Turritopsis Dohrnii Teo En Ming's Academic
Qualifications as at 14 Feb 2019 and refugee seeking attempts at the United
Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan (5 Aug 2019) and
Australia (25 Dec 2019 to 9 Jan 2020):
[1] https://tdtemcerts.wordpress.com/
[2] https://tdtemcerts.blogspot.sg/
[3] https://www.scribd.com/user/270125049/Teo-En-Ming
-----END EMAIL SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20200127/83279d2f/attachment.html>
More information about the ubuntu-users
mailing list