After i do the whole client new i dont have access to the domain controller, i am member of the domain, as an administrator but i i try to change the owner of a few files or folder i am not able to connect to the domain controller… its insane.
Could you share the error message you got?
Did you try to browse by name and IP?
\\dc1.ad.domain.de\share
\\192.168.100.206\share
Did you setup right permissions for the share?
Do you get errors in the logs? Does the NS8 recognize that there’s a connection attempt from the client?
i got access to the share, yes permissions are set, if i try to reach per example the active directory there is a problem
an error in the samba log
2025-04-09T11:53:46+02:00 [1:samba1:samba-dc] TLS source4/lib/tls/tls_tstream.c:1449 - Decryption has failed.
if i try to reach by \dc1.ad.domain.de this happen
1 Like
Sorry, what do you mean by reaching the AD? Using the RSAT tools?
This error can be ignored.
no, but if i try to give someone else access to a folder i must reach the active directory to choose him.
1 Like
Is it possible to reach the DC using the IP?
Did you add a conditional forward to the pihole to search the DC DNS for domain queries?
Does it work when NS8 is used as DNS server on the client instead of the pihole?
no, to be honest i struggle completely with the ns8 dns and dhcp and i dont know. i will have a look at the pihole where i maybe can enter a dns forwarding and if i change the ns8 dns server i dont reach external addresses very good, also then i am not be secure about the domain blocking. i mean is it so hard with ns8 to have a similar system like in NS7 ?
Question: Is there a functionality by using dnsmasq ? Like dhcp and their entrys? is it possible to set there dns forwarder?
checked it already, it is useless, dont know for what did we have this app?
In the past with ns7 i also was informed about the network where i am connected to, also this is not shown in NS8 ?
What happens, if you set on the client the dns server to the NS8, where samba is installed, and then try to join to the domain?
Like so, but replace ti with the NS8.Smaba ip:
2 Likes
i was able to join the domain already but i think it is not working well with samba and dns. if i go with rsat tools on domain controller i see everything and also that i am a joined maschine/user.
I’m sorry to read that but NS8 is an application server now and the network stuff moved to NethSecurity.
The dnsmasq app was created to provide DNS/DHCP on NS8 but it’s not possible to use it on the same node with samba as both use DNS port 53.
I think the simplest approach is to move the DNS/DHCP services to your router/firewall and set a DNS forwarder for queries to the samba domain to point to the NS8.
This way it’s possible to resolve the DHCP hosts via the DNS and also the samba DC should work without issues.
Client devices use the router DNS/DHCP and are forwarded to NS8 for samba queries.
Sorry, I don’t understand, where was that information and where is it missing now?
Sorry, I don’t understand, where was that information and where is it missing now?
in windows the Network shows to which Network u r connected, finally i make it here…
yes, finally i found a solution for the whole DNS Crap and NS8
1 Like
How did you solve it?
because of no usable DNS System in NS8 i decide to use pi-hole as one DNS and doing the DHCP with my Ipfire System, clue was to find out which DNS Server is the first to reach and then to put on the pihole a custum config file to add internal DNS server for conditional forwarding. Now everything works fine for me.
so next challenge for me is the certificate, i installed one, but it is not for the whole apps of NS8, second one is to block domains in the Email Systems, i found something here, but did not tested it now
2 Likes
it drives me completeley nuts with this f… domain controller. because i faced always a few problems with the domain i decided today to leave and rejoin the domain and SURPRISE the same problem, the cient did not found the domain. what could i do to fix this ??? i really just want to rejoin, thats all
The client that should be rejoined needs to use a DNS server that knows about the samba domain and ideally forwards to it.
So either the client uses the samba DNS directly or some other DNS server (pihole?) that conditional forwards to the samba DNS.
Following tests should work on the client to be able to resolve DNS queries correctly: Linux and Unix DNS Configuration - SambaWiki
Please check logs on NS8 and the client to hopefully get more information about the error.
it is really driving me crazy, why the hell it is that dificult to join a domain??? there was a so nice and gentle sytem in the past with NS7 and now NS8, so much problems with so much things…
As a workaround you could set the DNS server that the client uses to the samba domain controller IP. Then the join should work.