Not sure - looks like the controller can't talk to any of the LDAP servers the domain gave it, or the domain didn't give it any LDAP servers?  Try "cifs domaininfo" and see what it says.


You might check and compare the /etc/resolv.conf and /etc/nsswitch.conf between working and non-working filers.

Time skew can also make you unable to log into a DC, so you may want to add that to the check list as well.

I made two changes and it works now:

1. change netgroup in /etc/nsswitch.conf from netgroup: files    nis  ldap to netgroup: files nis files

1.      2. options dns.update.enable on

this I don't know why these 2 changes made different though.

Bill and Bingen,

Thank you all for you help on this issue. Appreciate all your time!

Hi Bill,


I hit the same problem, but can not fix it by changing ldap to file in nsswitch.conf. Is there anything else, please help....




