[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
Ole Traupe
ole.traupe at tu-berlin.de
Thu Dec 10 14:40:45 UTC 2015
>> However, my 2nd DC is not that new, I restarted it many times, just
>> again (samba service). No DNS records are created anywhere.
>>
>> If I go through the DNS console, in each and every container there is
>> some entry for the 1st DC, but none for the 2nd (except on the top
>> levels: FQDN and _msdcs.FQDN).
>>
>> Could this have to do with...
>> a) I demoted my initial 1st DC (seized FSMO roles) and got rid of DNS
>> entries via this script on the wiki?
>> b) set up the *new* 2nd DC on the hardware of the prior 1st DC (with
>> the same IP address)?
>>
>>
>>
>
> Possibly, but can you try this on your second DC, run 'samba_dnsupdate
> --verbose'
>
> Rowland
>
Doesn't look too good to me:
[root at DC2 me]# samba_dnsupdate --verbose
IPs: ['IP_of_2nd_DC']
Looking for DNS entry A DC2.my.domain.tld IP_of_2nd_DC as DC2.my.domain.tld.
Looking for DNS entry A my.domain.tld IP_of_2nd_DC as my.domain.tld.
Failed to find matching DNS entry A my.domain.tld IP_of_2nd_DC
Looking for DNS entry SRV _ldap._tcp.my.domain.tld DC2.my.domain.tld 389
as _ldap._tcp.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.my.domain.tld DC2.my.domain.tld 389
Failed to find matching DNS entry SRV _ldap._tcp.my.domain.tld
DC2.my.domain.tld 389
Looking for DNS entry SRV _ldap._tcp.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389 as _ldap._tcp.dc._msdcs.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.dc._msdcs.my.domain.tld DC2.my.domain.tld 389
Failed to find matching DNS entry SRV _ldap._tcp.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389
Looking for DNS entry SRV
_ldap._tcp.c2e92ed0-e889-40a0-a272-7375f90de91d.domains._msdcs.my.domain.tld
DC2.my.domain.tld 389 as
_ldap._tcp.c2e92ed0-e889-40a0-a272-7375f90de91d.domains._msdcs.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.c2e92ed0-e889-40a0-a272-7375f90de91d.domains._msdcs.my.domain.tld
DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.c2e92ed0-e889-40a0-a272-7375f90de91d.domains._msdcs.my.domain.tld
DC2.my.domain.tld 389
Looking for DNS entry SRV _kerberos._tcp.my.domain.tld DC2.my.domain.tld
88 as _kerberos._tcp.my.domain.tld.
Checking 0 100 88 DC1.my.domain.tld. against SRV
_kerberos._tcp.my.domain.tld DC2.my.domain.tld 88
Failed to find matching DNS entry SRV _kerberos._tcp.my.domain.tld
DC2.my.domain.tld 88
Looking for DNS entry SRV _kerberos._udp.my.domain.tld DC2.my.domain.tld
88 as _kerberos._udp.my.domain.tld.
Checking 0 100 88 DC1.my.domain.tld. against SRV
_kerberos._udp.my.domain.tld DC2.my.domain.tld 88
Failed to find matching DNS entry SRV _kerberos._udp.my.domain.tld
DC2.my.domain.tld 88
Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.my.domain.tld
DC2.my.domain.tld 88 as _kerberos._tcp.dc._msdcs.my.domain.tld.
Checking 0 100 88 DC1.my.domain.tld. against SRV
_kerberos._tcp.dc._msdcs.my.domain.tld DC2.my.domain.tld 88
Failed to find matching DNS entry SRV
_kerberos._tcp.dc._msdcs.my.domain.tld DC2.my.domain.tld 88
Looking for DNS entry SRV _kpasswd._tcp.my.domain.tld DC2.my.domain.tld
464 as _kpasswd._tcp.my.domain.tld.
Checking 0 100 464 DC1.my.domain.tld. against SRV
_kpasswd._tcp.my.domain.tld DC2.my.domain.tld 464
Failed to find matching DNS entry SRV _kpasswd._tcp.my.domain.tld
DC2.my.domain.tld 464
Looking for DNS entry SRV _kpasswd._udp.my.domain.tld DC2.my.domain.tld
464 as _kpasswd._udp.my.domain.tld.
Checking 0 100 464 DC1.my.domain.tld. against SRV
_kpasswd._udp.my.domain.tld DC2.my.domain.tld 464
Failed to find matching DNS entry SRV _kpasswd._udp.my.domain.tld
DC2.my.domain.tld 464
Looking for DNS entry CNAME
d1df6d3d-7fd1-45f4-b613-74c7825d9208._msdcs.my.domain.tld
DC2.my.domain.tld as
d1df6d3d-7fd1-45f4-b613-74c7825d9208._msdcs.my.domain.tld.
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 389 as
_ldap._tcp.Default-First-Site-Name._sites.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 389
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389 as
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389
Looking for DNS entry SRV
_kerberos._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 88 as
_kerberos._tcp.Default-First-Site-Name._sites.my.domain.tld.
Checking 0 100 88 DC1.my.domain.tld. against SRV
_kerberos._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 88
Failed to find matching DNS entry SRV
_kerberos._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 88
Looking for DNS entry SRV
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 88 as
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld.
Checking 0 100 88 DC1.my.domain.tld. against SRV
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 88
Failed to find matching DNS entry SRV
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 88
Looking for DNS entry A gc._msdcs.my.domain.tld IP_of_2nd_DC as
gc._msdcs.my.domain.tld.
Failed to find matching DNS entry A gc._msdcs.my.domain.tld IP_of_2nd_DC
Looking for DNS entry SRV _gc._tcp.my.domain.tld DC2.my.domain.tld 3268
as _gc._tcp.my.domain.tld.
Checking 0 100 3268 DC1.my.domain.tld. against SRV
_gc._tcp.my.domain.tld DC2.my.domain.tld 3268
Failed to find matching DNS entry SRV _gc._tcp.my.domain.tld
DC2.my.domain.tld 3268
Looking for DNS entry SRV _ldap._tcp.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268 as _ldap._tcp.gc._msdcs.my.domain.tld.
Checking 0 100 3268 DC1.my.domain.tld. against SRV
_ldap._tcp.gc._msdcs.my.domain.tld DC2.my.domain.tld 3268
Failed to find matching DNS entry SRV _ldap._tcp.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268
Looking for DNS entry SRV
_gc._tcp.Default-First-Site-Name._sites.my.domain.tld DC2.my.domain.tld
3268 as _gc._tcp.Default-First-Site-Name._sites.my.domain.tld.
Checking 0 100 3268 DC1.my.domain.tld. against SRV
_gc._tcp.Default-First-Site-Name._sites.my.domain.tld DC2.my.domain.tld 3268
Failed to find matching DNS entry SRV
_gc._tcp.Default-First-Site-Name._sites.my.domain.tld DC2.my.domain.tld 3268
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268 as
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain.tld.
Checking 0 100 3268 DC1.my.domain.tld. against SRV
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268
Failed to find matching DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268
Looking for DNS entry A DomainDnsZones.my.domain.tld IP_of_2nd_DC as
DomainDnsZones.my.domain.tld.
Failed to find matching DNS entry A DomainDnsZones.my.domain.tld
IP_of_2nd_DC
Looking for DNS entry SRV _ldap._tcp.DomainDnsZones.my.domain.tld
DC2.my.domain.tld 389 as _ldap._tcp.DomainDnsZones.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.DomainDnsZones.my.domain.tld DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.DomainDnsZones.my.domain.tld DC2.my.domain.tld 389
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.my.domain.tld
DC2.my.domain.tld 389 as
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.my.domain.tld
DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.my.domain.tld
DC2.my.domain.tld 389
Looking for DNS entry A ForestDnsZones.my.domain.tld IP_of_2nd_DC as
ForestDnsZones.my.domain.tld.
Failed to find matching DNS entry A ForestDnsZones.my.domain.tld
IP_of_2nd_DC
Looking for DNS entry SRV _ldap._tcp.ForestDnsZones.my.domain.tld
DC2.my.domain.tld 389 as _ldap._tcp.ForestDnsZones.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.ForestDnsZones.my.domain.tld DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.ForestDnsZones.my.domain.tld DC2.my.domain.tld 389
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.my.domain.tld
DC2.my.domain.tld 389 as
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.my.domain.tld.
Checking 0 100 389 DC1.my.domain.tld. against SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.my.domain.tld
DC2.my.domain.tld 389
Failed to find matching DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.my.domain.tld
DC2.my.domain.tld 389
Calling nsupdate for A my.domain.tld IP_of_2nd_DC (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
my.domain.tld. 900 IN A IP_of_2nd_DC
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _ldap._tcp.my.domain.tld DC2.my.domain.tld 389
(add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.my.domain.tld. 900 IN SRV 0 100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _ldap._tcp.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.dc._msdcs.my.domain.tld. 900 IN SRV 0 100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_ldap._tcp.c2e92ed0-e889-40a0-a272-7375f90de91d.domains._msdcs.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.c2e92ed0-e889-40a0-a272-7375f90de91d.domains._msdcs.my.domain.tld.
900 IN SRV 0 100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _kerberos._tcp.my.domain.tld DC2.my.domain.tld
88 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.my.domain.tld. 900 IN SRV 0 100 88 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _kerberos._udp.my.domain.tld DC2.my.domain.tld
88 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._udp.my.domain.tld. 900 IN SRV 0 100 88 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _kerberos._tcp.dc._msdcs.my.domain.tld
DC2.my.domain.tld 88 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.dc._msdcs.my.domain.tld. 900 IN SRV 0 100 88
DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _kpasswd._tcp.my.domain.tld DC2.my.domain.tld
464 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kpasswd._tcp.my.domain.tld. 900 IN SRV 0 100 464 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _kpasswd._udp.my.domain.tld DC2.my.domain.tld
464 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kpasswd._udp.my.domain.tld. 900 IN SRV 0 100 464 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.my.domain.tld. 900 IN SRV 0
100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld. 900
IN SRV 0 100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_kerberos._tcp.Default-First-Site-Name._sites.my.domain.tld
DC2.my.domain.tld 88 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.Default-First-Site-Name._sites.my.domain.tld. 900 IN SRV
0 100 88 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld
DC2.my.domain.tld 88 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.tld.
900 IN SRV 0 100 88 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for A gc._msdcs.my.domain.tld IP_of_2nd_DC (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
gc._msdcs.my.domain.tld. 900 IN A IP_of_2nd_DC
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _gc._tcp.my.domain.tld DC2.my.domain.tld 3268 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.my.domain.tld. 900 IN SRV 0 100 3268 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _ldap._tcp.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.gc._msdcs.my.domain.tld. 900 IN SRV 0 100 3268 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_gc._tcp.Default-First-Site-Name._sites.my.domain.tld DC2.my.domain.tld
3268 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.Default-First-Site-Name._sites.my.domain.tld. 900 IN SRV 0 100
3268 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain.tld
DC2.my.domain.tld 3268 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.my.domain.tld. 900
IN SRV 0 100 3268 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for A DomainDnsZones.my.domain.tld IP_of_2nd_DC (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
DomainDnsZones.my.domain.tld. 900 IN A IP_of_2nd_DC
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _ldap._tcp.DomainDnsZones.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.DomainDnsZones.my.domain.tld. 900 IN SRV 0 100 389
DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.my.domain.tld.
900 IN SRV 0 100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for A ForestDnsZones.my.domain.tld IP_of_2nd_DC (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
ForestDnsZones.my.domain.tld. 900 IN A IP_of_2nd_DC
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV _ldap._tcp.ForestDnsZones.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.ForestDnsZones.my.domain.tld. 900 IN SRV 0 100 389
DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.my.domain.tld
DC2.my.domain.tld 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.my.domain.tld.
900 IN SRV 0 100 389 DC2.my.domain.tld.
; TSIG error with server: tsig verify failure
update failed: FORMERR
Failed nsupdate: 2
Failed update of 24 entries
More information about the samba
mailing list