Nós estamos usando samba4 no Debian 8 como um AD DC e isc-dhcp em outra máquina Debian 8 como roteador DHCP. O problema é que, se eu definir o dhcp ip em um cliente Windows, não posso ingressar no domínio. Se eu adicionar o AD DC ip no DNS preferencial do cliente Windows, posso ingressar no domínio, mas o computador não tem acesso à Internet.
Acho que o problema está no servidor DHCP. Eu gostaria de ter todos os clientes do Windows no ip dinâmico não estático.
/ etc / network / interface para o servidor de domínio
# The primary network interface
allow-hotplug eth1
iface eth1 inet static
address 10.10.1.100
netmask 255.255.255.0
network 10.10.1.1
broadcast 10.10.1.255
gateway 10.10.1.1
dns-nameservers 10.10.1.100
dns-search altfeldc.local
/ etc / hosts para o servidor de domínio
127.0.0.1 localhost
10.10.1.100 altfeldc.altfel.local altfeldc
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
/etc/resolv.conf para o servidor de domínio
nameserver 10.10.1.100
/ etc / network / interface para o servidor dhcp
# WAN network adapter
auto dsl-provider
iface dsl-provider inet ppp
pre-up /bin/ip link set wan0 up # line maintained by pppoeconf
provider dsl-provider
auto wan0
iface wan0 inet manual
# WLAN network adapter
auto wlan1
iface wlan1 inet static
address 10.10.1.1
netmask 255.255.255.0
network 10.10.1.0
broadcast 10.10.1.255
/ etc / hosts para o servidor dhcp
127.0.0.1 localhost
10.10.1.1 altfeldhcp
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
/etc/resolv.conf para o servidor dhcp - 193.x.x.xe 213.x.x.x são do ISP
nameserver 193.231.252.1
nameserver 213.154.124.1
/etc/dhcp/dhcpd.conf no servidor dhcp
ddns-update-style none;
log-facility local7;
authoritative;
option subnet-mask 255.255.255.0;
option broadcast-address 10.10.1.255;
option routers 10.10.1.1;
option domain-name-servers 10.10.1.100, 193.231.252.1, 213.154.124.1;
option domain-name "altfel.local";
option netbios-name-servers 10.10.1.100;
subnet 10.10.1.0 netmask 255.255.255.0 {
interface wlan1;
range 10.10.1.2 10.10.1.254;
deny unknown-clients;
}
update-static-leases true;
host altfeldc {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 10.10.1.100;
{
# other hosts after this line...
dig do comando no servidor de domínio
root@altfeldc:~# dig altfel.local
; <<>> DiG 9.9.5-9+deb8u1-Debian <<>> altfel.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21852
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;altfel.local. IN A
;; ANSWER SECTION:
altfel.local. 900 IN A 10.10.1.100
;; Query time: 0 msec
;; SERVER: 10.10.1.100#53(10.10.1.100)
;; WHEN: Thu Jul 30 10:49:42 EEST 2015
;; MSG SIZE rcvd: 46
nslookup no cliente do Windows
C:\Users\admin>nslookup altfel.local
Server: UnKnown
Address: 10.10.1.100
Name: altfel.local
Address: 10.10.1.100
Erro de ingresso no domínio
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "altfel.local":
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.altfel.local
Common causes of this error include the following:
- The DNS SRV records required to locate an AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when an AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
213.154.124.1
193.231.252.1
10.10.1.100
- One or more of the following zones do not include delegation to its child zone:
altfel.local
local
. (the root zone)