Мы используем samba4 в Debian 8 в качестве AD DC и isc-dhcp на другом компьютере Debian 8 в качестве маршрутизатора DHCP. Проблема в том, что если я установил dhcp ip на клиенте Windows, я не смогу присоединиться к домену. Если я добавлю IP AD DC в предпочтительный DNS-сервер Windows, я могу присоединиться к домену, но у компьютера нет доступа в Интернет.
Думаю, проблема в DHCP-сервере. Я хотел бы, чтобы все клиенты Windows использовали динамический IP, а не статический.
/ etc / network / interface для сервера домена
# The primary network interface
allow-hotplug eth1
iface eth1 inet static
address 10.10.1.100
netmask 255.255.255.0
network 10.10.1.1
broadcast 10.10.1.255
gateway 10.10.1.1
dns-nameservers 10.10.1.100
dns-search altfeldc.local
/ etc / hosts для сервера домена
127.0.0.1 localhost
10.10.1.100 altfeldc.altfel.local altfeldc
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
/etc/resolv.conf для сервера домена
nameserver 10.10.1.100
/ etc / network / interface для сервера DHCP
# WAN network adapter
auto dsl-provider
iface dsl-provider inet ppp
pre-up /bin/ip link set wan0 up # line maintained by pppoeconf
provider dsl-provider
auto wan0
iface wan0 inet manual
# WLAN network adapter
auto wlan1
iface wlan1 inet static
address 10.10.1.1
netmask 255.255.255.0
network 10.10.1.0
broadcast 10.10.1.255
/ etc / hosts для DHCP-сервера
127.0.0.1 localhost
10.10.1.1 altfeldhcp
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
/etc/resolv.conf для DHCP-сервера - 193.x.x.x и 213.x.x.x от интернет-провайдера
nameserver 193.231.252.1
nameserver 213.154.124.1
/etc/dhcp/dhcpd.conf на сервере DHCP
ddns-update-style none;
log-facility local7;
authoritative;
option subnet-mask 255.255.255.0;
option broadcast-address 10.10.1.255;
option routers 10.10.1.1;
option domain-name-servers 10.10.1.100, 193.231.252.1, 213.154.124.1;
option domain-name "altfel.local";
option netbios-name-servers 10.10.1.100;
subnet 10.10.1.0 netmask 255.255.255.0 {
interface wlan1;
range 10.10.1.2 10.10.1.254;
deny unknown-clients;
}
update-static-leases true;
host altfeldc {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 10.10.1.100;
{
# other hosts after this line...
команда dig на сервере домена
root@altfeldc:~# dig altfel.local
; <<>> DiG 9.9.5-9+deb8u1-Debian <<>> altfel.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21852
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;altfel.local. IN A
;; ANSWER SECTION:
altfel.local. 900 IN A 10.10.1.100
;; Query time: 0 msec
;; SERVER: 10.10.1.100#53(10.10.1.100)
;; WHEN: Thu Jul 30 10:49:42 EEST 2015
;; MSG SIZE rcvd: 46
nslookup на клиенте Windows
C:\Users\admin>nslookup altfel.local
Server: UnKnown
Address: 10.10.1.100
Name: altfel.local
Address: 10.10.1.100
Ошибка присоединения к домену
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "altfel.local":
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.altfel.local
Common causes of this error include the following:
- The DNS SRV records required to locate an AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when an AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
213.154.124.1
193.231.252.1
10.10.1.100
- One or more of the following zones do not include delegation to its child zone:
altfel.local
local
. (the root zone)