Forums » Newbies - Welcome »

Failed Locating Domain Controller - W2k3 SP2

Added by Ossie Wilson about 1 year ago

Hi

First time use of the Community Edition v3.1.1-7231 and I'm having some difficulty getting it to connect to my AD.

I have tried a number of forum tips but still seem to be unable to crack it. Any suggestions on how I can track down the issue?

Any assistance appreciated Cheers ozwil

AD and DNS = Win2K3 SP2 = sundc1.sunset.local = 192.168.1.28 NexentaStor = nexenta1 = 192.168.1.23

Forward and Reverse zones have Dynamic updates set to Nonsecure and secure

Forward Lookup Zone msdcs.dc.tcp._ldap = sundc1.sunset.local

ping nexenta1.sunset.local nexenta1.sunset.local is alive ping sundc1.sunset.local sundc1.sunset.local is alive

last dmesg output is May 20 15:05:48 nexenta1 smbd[7073]: [ID 872290 daemon.debug] refresh requested May 20 15:05:48 nexenta1 smbd[7073]: [ID 873867 daemon.debug] Found 192.168.1.28 name server May 20 15:05:48 nexenta1 smbd[7073]: [ID 408190 daemon.debug] Removing all entries of 192.168.1.23 in reverse lookup zone... May 20 15:05:48 nexenta1 smbd[7073]: [ID 208731 daemon.debug] WORKGROUP <1D> flags=0x0 May 20 15:05:48 nexenta1 smbd[7073]: [ID 370951 daemon.debug] 192.168.246.1 ttl=23 flags=0x0 port=35328 May 20 15:05:48 nexenta1 smbd[7073]: [ID 370951 daemon.debug] 192.168.1.2 ttl=23 flags=0x0 port=35328

May 20 15:05:48 nexenta1 smbd[7073]: [ID 370951 daemon.debug] 192.168.130.1 ttl=23 flags=0x0 port=35328 May 20 15:05:48 nexenta1 smbd[7073]: [ID 370951 daemon.debug] 192.168.140.1 ttl=23 flags=0x0 port=35328 May 20 15:05:48 nexenta1 smbd[7073]: [ID 208731 daemon.debug] NEXENTA1 <00> flags=0x1 May 20 15:05:48 nexenta1 smbd[7073]: [ID 370951 daemon.debug] 192.168.1.23 ttl=600 flags=0x1 port=35328 May 20 15:05:49 nexenta1 smbd[7073]: [ID 208731 daemon.debug] NEXENTA1 <20> flags=0x1 May 20 15:05:49 nexenta1 smbd[7073]: [ID 370951 daemon.debug] 192.168.1.23 ttl=600 flags=0x1 port=35328 May 20 15:05:49 nexenta1 smbd[7073]: [ID 702911 daemon.debug] msdcsLookupADS: sundc1.sunset.local [192.168.1.28] May 20 15:05:49 nexenta1 smbd[7073]: [ID 873867 daemon.debug] Found 192.168.1.28 name server May 20 15:05:49 nexenta1 smbd[7073]: [ID 499623 daemon.debug] Removing all entries of nexenta1.sunset.local in forward lookup zone... May 20 15:05:49 nexenta1 smbd[7073]: [ID 873867 daemon.debug] Found 192.168.1.28 name server May 20 15:05:49 nexenta1 smbd[7073]: [ID 415567 daemon.debug] dyndns forward lookup zone update nexenta1.sunset.local (192.168.1.23) May 20 15:05:49 nexenta1 smbd[7073]: [ID 873867 daemon.debug] Found 192.168.1.28 name server May 20 15:05:49 nexenta1 smbd[7073]: [ID 408190 daemon.debug] Removing all entries of 192.168.1.23 in reverse lookup zone... May 20 15:05:49 nexenta1 smbd[7073]: [ID 873867 daemon.debug] Found 192.168.1.28 name server May 20 15:05:49 nexenta1 smbd[7073]: [ID 415567 daemon.debug] dyndns reverse lookup zone update nexenta1.sunset.local (192.168.1.23) May 20 15:05:50 nexenta1 smbd[7073]: [ID 807464 daemon.error] ndrrpcbind: smbrdrctxnew(S=sundc1, D=sunset.local, U=Administrator), err=131 May 20 15:05:50 nexenta1 last message repeated 3 times May 20 15:05:50 nexenta1 smbd[7073]: [ID 700049 daemon.error] smbd: failed locating domain controller for sunset.local

Resolv.conf output is

cat /etc/resolv.conf search sunset.local nameserver 192.168.1.28

dig output is dig @192.168.1.28 ldap.tcp.dc._msdcs.sunset.local SRV +short 0 100 389 sundc1.sunset.local.

kinit output kinit Administrator Password for Administrator@SUNSET.LOCAL:

klist output klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: Administrator@SUNSET.LOCAL

Valid starting Expires Service principal 05/20/12 15:19:04 05/21/12 01:19:09 krbtgt/SUNSET.LOCAL@SUNSET.LOCAL renew until 05/27/12 15:19:04

nslookup sundc1 Server: 192.168.1.28 Address: 192.168.1.28#53

Name: sundc1.sunset.local Address: 192.168.1.28

nslookup nexenta1 Server: 192.168.1.28 Address: 192.168.1.28#53

Name: nexenta1.sunset.local Address: 192.168.1.23

output of "saved" files cat /tmp/.nms-resolv.conf.saved domain sunset.local search sunset.local nameserver 192.168.1.28

cat /tmp/.nms-krb5.conf.saved # [libdefaults]

defaultrealm = defaultrealm

    default_realm = SUNSET.LOCAL

[realms]

defaultrealm_ = {

kdc = masterkdc_

kdc = slavekdc1_

kdc = slavekdc2_

kdc = slavekdcN_

adminserver = masterkdc

}

    SUNSET.LOCAL = {
            kpasswd_protocol = SET_CHANGE
    }

[domain_realm]

domainname = defaultrealm_

    .sunset.local = SUNSET.LOCAL
    sunset.local = SUNSET.LOCAL

[logging] default = FILE:/var/krb5/kdc.log kdc = FILE:/var/krb5/kdc.log kdc_rotate = {

How often to rotate kdc.log. Logs will get rotated no more

often than the period, and less often if the KDC is not used

frequently.

            period = 1d

how many versions of kdc.log to keep around (kdc.log.0, kdc.log.1, ...)

            versions = 10
    }

[appdefaults] kinit = { renewable = true forwardable= true }


Replies

RE: Failed Locating Domain Controller - W2k3 SP2 - Added by Ossie Wilson about 1 year ago

Hi

Well after a uninstall and re-install of AD from W2K3 still no luck.

Decided to try W2K8R2...and worked first go.

Go Figure

Cheers

RE: Failed Locating Domain Controller - W2k3 SP2 - Added by Linda Kateley 12 months ago

we also have found that we need to use ip addresses in the config