[root@f39 ~]# kinit administrator
Password for administrator@TEST.JP:
[root@f39 ~]# net ads join -U administrator
Password for [TEST\administrator]:
Using short domain name — TEST
Joined ‘F39’ to dns domain ‘test.jp’
No DNS domain configured for f39. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER
[root@f39 ~]# systemctl restart winbind
[root@f39 ~]# wbinfo -u
TEST\administrator
TEST\guest
TEST\w11
TEST\krbtgt
TEST\chibi
[root@f39 ~]# wbinfo -n chibi
S-1-5-21-2588218054-2522920912-1718821798-1104 SID_USER (1)
[root@f39 ~]# net ads info
LDAP server: 192.168.1.48
LDAP server name: dc.test.jp
Workgroup: TEST
Realm: TEST.JP
Bind Path: dc=TEST,dc=JP
LDAP port: 389
Server time: 日, 22 12月 2024 11:42:56 JST
KDC server: 192.168.1.48
Server time offset: 2
Last machine account password change: 日, 22 12月 2024 11:41:58 JST
[root@f39 ~]# host -t SRV _ldap._tcp.test.jp
_ldap._tcp.test.jp has SRV record 0 100 389 dc.test.jp.
[root@f39 ~]# host -t SRV _kerberos._udp.test.jp
_kerberos._udp.test.jp has SRV record 0 100 88 dc.test.jp.
[root@f39 ~]# host -A test.jp
Trying “test.jp”
;; communications error to 192.168.1.48#53: timed out
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20114
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;test.jp. IN ANY
;; ANSWER SECTION:
test.jp. 600 IN A 192.168.1.49
test.jp. 600 IN A 192.168.1.48
test.jp. 3600 IN NS dc.test.jp.
test.jp. 3600 IN SOA dc.test.jp. hostmaster.test.jp. 36 900 600 86400 3600
test.jp. 600 IN AAAA 2400:4052:46e0:b700:b06f:fa4c:1f7f:d489
test.jp. 600 IN AAAA 2400:4052:46e0:b700:4f20:f5a:b75d:6521
;; ADDITIONAL SECTION:
dc.test.jp. 1200 IN A 192.168.1.48
dc.test.jp. 1200 IN AAAA 2400:4052:46e0:b700:4f20:f5a:b75d:6521
Received 221 bytes from 192.168.1.48#53 in 0 ms
[root@f39 ~]# host -t A test.jp
test.jp has address 192.168.1.49
test.jp has address 192.168.1.48
[root@f39 ~]# cat /etc/redhat-release
Fedora release 39 (Thirty Nine)
[root@f39 ~]# samba -V
Version 4.19.8
[root@f39 ~]# smbclient //192.168.1.48/netlogon -Uadministrator
Password for [TEST\administrator]:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Sat Dec 21 05:58:06 2024
.. D 0 Sat Dec 21 06:09:10 2024
124813055 blocks of size 4096. 116165156 blocks available
smb: \> exit
[root@f39 ~]# smbclient //192.168.1.48/sysvol -Uadministrator
Password for [TEST\administrator]:
Try “help” to get a list of possible commands.
smb: \> ls
. D 0 Sat Dec 21 05:58:06 2024
.. D 0 Sat Dec 21 05:58:06 2024
test.jp Dr 0 Sat Dec 21 05:58:06 2024
124813055 blocks of size 4096. 116167149 blocks available
smb: \> exit
[root@f39 ~]# net ads lookup
Information for Domain Controller: 192.168.1.48
Response Type: LOGON_SAM_LOGON_RESPONSE_EX
GUID: ff03c474-80bd-410b-a4c9-5f15a4958556
Flags:
Is a PDC: yes
Is a GC of the forest: yes
Is an LDAP server: yes
Supports DS: yes
Is running a KDC: yes
Is running time services: yes
Is the closest DC: yes
Is writable: yes
Has a hardware clock: yes
Is a non-domain NC serviced by LDAP server: no
Is NT6 DC that has some secrets: no
Is NT6 DC that has all secrets: yes
Runs Active Directory Web Services: yes
Runs on Windows 2012 or later: yes
Runs on Windows 2012R2 or later: yes
Runs on Windows 2016 or later: yes
Has a DNS name: no
Is a default NC: no
Is the forest root: no
Forest: test.jp
Domain: test.jp
Domain Controller: dc.test.jp
Pre-Win2k Domain: TEST
Pre-Win2k Hostname: DC
Server Site Name: Default-First-Site-Name
Client Site Name: Default-First-Site-Name
NT Version: 5
LMNT Token: ffff
LM20 Token: ffff
[root@f39 ~]# dig test.jp
; <<>> DiG 9.18.28 <<>> test.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18072
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;test.jp. IN A
;; ANSWER SECTION:
test.jp. 600 IN A 192.168.1.49
test.jp. 600 IN A 192.168.1.48
;; Query time: 0 msec
;; SERVER: 192.168.1.48#53(192.168.1.48) (UDP)
;; WHEN: Sun Dec 22 11:47:58 JST 2024
;; MSG SIZE rcvd: 68
[root@f39 ~]# wbinfo -t
checking the trust secret for domain TEST via RPC calls succeeded
[root@f39 ~]#
Fedora release 39 Samba4.19.8 AMD EPYC 7763 64-Core Processor 128GBに構築した Windows Server 2025 Datacenter Active Directory Domain のメンバーに参加してみた