Kerberos/Samba can't join Active Directory [DEBIAN 8]

I have an issue when I try to join my domain. I am able to create the kerberos ticket successfully. root@debian:~# kinit Administrateur@ASP.DOMAIN Password for Administrateur@ASP.DOMAIN: root@debian:~# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: Administrateur@ASP.DOMAIN Valid starting Expires Service principal 26/04/2016 18:20:18 27/04/2016 04:20:18 krbtgt/ASP.DOMAIN@ASP.DOMAIN renew until 27/04/2016 18:20:11 and when I try to join the domain : root@debian:~# net ads join -k Failed to join domain: failed to lookup DC info for domain 'ASP.DOMAIN' over rpc: {Device Timeout} The specified I/O operation on %hs was not completed before the time-out period expired. my krb5.conf is: [libdefaults] default_realm = ASP.DOMAIN # The following krb5.conf variables are only for MIT Kerberos. krb4_config = /etc/krb.conf krb4_realms = /etc/krb.realms kdc_timesync = 1 ccache_type = 4 forwardable = true proxiable = true [realms] ASP.DOMAIN = { kdc = asp.domain admin_server = server.domain default_domain = DOMAIN } [domain_realm] .asp.domain = ASP.DOMAIN asp.domain = ASP.DOMAIN My smb.conf : [global] security = ADS realm = ASP.DOMAIN password server = server.domain workgroup = asp.domain winbind separator = / idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes winbind use default domain = yes domain master = no local master = no preferred master = no os level = 0 I have no idea: there is no drop on my firewall. The ticket is ok. I've tried with 3 Domain Controlers. PS : Domain is a variable EDIT : I've tried to do it with samba-tool too root@debian:~# samba-tool domain join ASP.DOMAIN MEMBER -UAdministrateur --real=ASP.DOMAIN ERROR(runtime): uncaught exception - Connection to SAMR pipe of PDC for ASP.DOMAIN failed: Connection to DC failed: NT_STATUS_IO_TIMEOUT File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 606, in run machinepass=machinepass) EDIT 2 : Join is ok ? But wbinfo -u is not ok root@debian:~# net ads join -U Administrateur Enter Administrateur's password: Using short domain name -- DOMAIN Joined 'ASP.DOMAIN' to dns domain 'asp.domain' DNS Update for asp.kapia failed: ERROR_DNS_GSS_ERROR DNS update failed: NT_STATUS_UNSUCCESSFUL root@debian:~# net ads testjoin Join is OK root@debian:~# wbinfo -u could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE could not obtain winbind domain name! Error looking up domain users EDIT 3 : EDIT 4 : root@debian:~# service winbind status ● winbind.service - LSB: start Winbind daemon Loaded: loaded (/etc/init.d/winbind) Active: active (exited) since mer. 2016-04-27 16:16:00 CEST; 55s ago Process: 2222 ExecStart=/etc/init.d/winbind start (code=exited, status=0/SUCCESS) avril 27 16:16:00 debian winbindd: #5 /usr/lib/x86_64-linux-gnu/libtevent.so.0(tevent_common_loop_timer_delay+0xcd) [0x7fbc2b11e1cd] avril 27 16:16:00 debian winbindd: #6 /usr/lib/x86_64-linux-gnu/libtevent.so.0(+0x91ca) [0x7fbc2b11f1ca] avril 27 16:16:00 debian winbindd: #7 /usr/lib/x86_64-linux-gnu/libtevent.so.0(+0x78e7) [0x7fbc2b11d8e7] avril 27 16:16:00 debian winbindd: #8 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d) [0x7fbc2b11a12d] avril 27 16:16:00 debian winbindd: #9 /usr/sbin/winbindd(main+0xb7c) [0x7fbc325cbc8c] avril 27 16:16:00 debian winbindd: #10 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7fbc2a92db45] avril 27 16:16:00 debian winbindd: #11 /usr/sbin/winbindd(+0x25318) [0x7fbc325cc318] avril 27 16:16:00 debian winbindd: [2016/04/27 16:16:00.971185, 0] ../source3/lib/dumpcore.c:318(dump_core) avril 27 16:16:00 debian winbindd: dumping core in /var/log/samba/cores/winbindd avril 27 16:16:00 debian winbindd: