Joining Domain Problem

NethServer Version: NS8
Module: Active Directory
Hello Community,
i have a Problem by joining the NS8 Domain. The formerly Domain was sbs.domain.de so the adress was ad.sbs.domain.de now i try to join the new domain the adress is ad.domain.de but if i try to join with this client it try to reach the old domainserver on ad.sbs.domain.de and so i am not possible to join the new domain. I have as DNS the new Domainserver and it responds also to a ping at ad.domain.de but by joining it try to reach the old domainserver. Would be great to help me.

Did you remove the client from the old domain?

not sure i understand it correct, i did nothing with the old server, just switched it off and leave with the client the formerly AD and tried to join the new one…

Please unjoin the client from old AD first before you try to join to another AD, see also https://www.tenforums.com/tutorials/90107-remove-windows-10-pc-domain.html

Fu… to late… any workarounds maybe?

You don’t need the old server. Just remove the old AD from the client and then join the new one.

this is what i did, but it doesend work. if i try to reach it, this is written:

he DNS query using the Service Location (SRV) resource record used to locate a domain controller for the domain “AD.DOMAIN.DE” completed successfully:

This query is for the SRV record for _ldap._tcp.dc._msdcs.AD.DOMAIN.DE.

The following domain controllers were identified by the query:
nsdc-sbs.ad.domain.de

However, no domain controllers could be contacted.

The most common causes of this error are:

• Host records (A or AAAA) that map domain controller names to their IP addresses are missing or do not contain the correct addresses.

• The domain controllers registered in DNS do not have network connectivity or are not running.

You could try netdom remove on the client:

or a powershell approach:

also no luck because from the pov of the system the client is not a domain member

Does it help to add a DNS entry for nsdc-sbs.ad.domain.de pointing to the NS8?

Is the NS8 migrated from NS7?

i dont know, i tried different thing without any luck, yes, it is a migration from ns7, will check it out

still no luck

The old name nsdc-sbs is migrated too.
Is it working to ping nsdc-sbs.ad.domain.de from the client? If not you need to check DNS.

yes it is possible

That’s weird.

Here are instructions how to test DNS for samba: Testing the DNS Name Resolution - SambaWiki

Could you try if it works to join the domain from another Windows client? (Just to exclude client issues)

dont have another client here, sorry. puh… ns8 is… challanging in so many ways. for example the dhcp and dns was easy from the configuration, now i have an dhcp on a pihole, dns also, the ns8 works now, after really a lot of probs and now, where i thought okay, should be fine, the next thing. from the beginning i remember that i have to pick the ns8 as first dns server, after that the join to the domain was okay. i have the ns8 as first dns and now it did not work. its often frustrating… espiacaly for me as a non pro. i ping the nsdc-sbs.ad.domain.de and this worked perfectly, if i do the nslookup from the dns name resulution samba it show me an error.

grafik928×568 32 KB

Does the ping use the right IP 192.168.100.206?

Let’s check the samba dc hostname of the NS8:

runagent -m samba1 podman exec samba-dc hostname -f

yes, it is the right ip and also yes the right DC

runagent -m samba1 podman exec samba-dc hostname -f
result are nsdc-sbs.ad.domain.de

I think you need fix the DNS (nslookup) issue.

Does it work from the client to nslookup the domain?

nslookup ad.domain.de

Here is a samba AD DC troubleshooting guide: Samba AD DC Troubleshooting - SambaWiki

it is strange and not really understandable. anyway, i reinstall the client… no i am still on the way to do that. it was possible to join the ad and the nslookup now show the right dns entry with the pihole as dns and the ad on the right ip.