Windows – Can’t Connect to Samba Linux AD, Admin and Krb5 Issues


I am trying to create a Linux Domain Controller on my virtualbox using Samba although it's working but can't reach servers?

Detail Information:
Software: VirtualBox
Distro for Server: Debian9
Windows Desktop: Windows 10 or Windows 7
Network Type: Internal (For both Server and Desktop)
Packages: Samba, Samba-Client, KRB5

I have done the following pings

$ ping
$ ping
$ ping dc1

Those were pinging successfully.

$ ping

This ping responded:

ping: Temporary failure in name resolution

Obviously this was because my network is set to internal as the same responded for '' so I ruled this issue out of the problem.

Here are my commands and checks for the Samba and krb5:

$ smbclient -L localhost -U%


Domain=[TJH] OS=[Windows 6.1] Server=[Samba 4.5.12-Debian]

    Sharename       Type      Comment
    ---------       ----      -------
    netlogon        Disk      
    sysvol          Disk      
    IPC$            IPC       IPC Service (Samba 4.5.12-Debian)
Domain=[TJH] OS=[Windows 6.1] Server=[Samba 4.5.12-Debian]
    Server               Comment
    ---------            -------
    DC1                  Samba 4.5.12-Debian
    Workgroup            Master
    ---------            -------
    TJH                  DC1

I assume there are no problems there. So I ran the following code for Samba:

$ smbclient //localhost/netlogon -UAdministrator
$ Enter Administrator's password:


session setup failed: NT_STATUS_NO_LOGON_SERVERS

I also tried testing the Krb5 below:

$ kinit administrator


Kinit: Cannot find KDC for realm "TJH.COM" while getting initial credentials

Tested the DNs using the host command:

$ host -t A


;; connection timed out; no servers could be reached

Can anyone help me out please? Any help is appreciated, thanks.

Best Answer

I had the same issue. In the lower output of service samba-ad-dc status, does it give any error or warning about the DNS service? To fix this i had to remove the /etc/resolv.conf symlink and replace it with a static file with this content:


restart systemd-resolved and samba-ad-dc services and check the service status again. If the dns warning is gone, you should be able to ping your AD domain and use kinit.

This tutorial has all you need:

For Ubuntu 18.04, check out the differences on this one:
Also the edits in the /etc/network/interfaces file should be placed in the yaml file in /etc/netplan/.

Related Topic