Join Samba 4 AD domain, missing DNS entries?


I've just set up a Samba 4 Active Directory domain using the Samba supplied guide. So far so good, and I managed to join my fileserver to this domain by following the Setup a Samba AD Member Server guide. However, I seem to be unable to make my Windows 8.1 Professional devices join this domain. I found the Joining a Windows client to a domain guide on the Samba site, but that either throws an error "The specified domain either does not exist or could not be contacted" (when I type the domain name in all caps) or throws a more elaborate error (when I type the domain name in lower case):

 Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

 The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "samba.local":

 The error was: "DNS name does not exist."
 (error code 0x0000232B RCODE_NAME_ERROR)

 The query was for the SRV record for _ldap._tcp.dc._msdcs.samba.local

 Common causes of this error include the following:>

 - The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

 - One or more of the following zones do not include delegation to its child zone:

 . (the root zone)

I've checked the /var/lib/samba/private/dns_update_list file, and it is in there. The only thing I noticed is that it's preceded by a check if this is a read/write DC. The exact line says

  ${IF_RWDC}SRV          _ldap._tcp.dc._msdcs.${DNSDOMAIN}                     ${HOSTNAME} 389

My DNS Domain name (specified during the provisioning) is samba.local. A little bit more information about the setup:

  Samba DC version:      4.1.13-Debian (running on Debian testing)
  Member server version: 4.1.14 (running on Fedora 21)
  Windows versions:      8.1 Professional and 10 Pro Tech Preview (both fully up to date)
  Server Role:           active directory domain controller
  Hostname:              DC1
  NetBIOS Domain:        SAMBA
  DNS Domain:            samba.local

My only earlier experience with Windows domains was on Server 2003R2 and Windows XP, so I'm not really up to speed on the newer versions.

asked on Server Fault Feb 8, 2015 by Xudonax

2 Answers


My Windows machines had IPv6 set up, combined with an IPv6 DNS server. After disabling IPv6 completely (which is overkill but easy) everything went over IPv4 and picked up the right DNS server and was able to resolve the domain.

So, try to:

  • Disable IPv6 (quick & dirty)
  • Set the IPv6 DNS server to the Samba server

That fixed it for me :)

answered on Server Fault Feb 8, 2015 by Xudonax

Changing the Windows machine's DNS server to be the domain controller fixed it for me.

answered on Server Fault Feb 12, 2015 by Jim Hunziker

User contributions licensed under CC BY-SA 3.0