[Samba] 4.2.2 as AD with 2 DCs: database incoherency
Rowland Penny
rowlandpenny241155 at gmail.com
Fri Jul 24 15:39:03 UTC 2015
On 24/07/15 13:53, mathias dufresne wrote:
> The following commands work on both DC:
> host -t A <short_hostname_of_other_DC>
> host -t A <fqdn_hostname_of_other_DC>
>
> hostname and hostname --fqdn are working on both DC.The simplest way
> is to not declare external IP /etc/hosts
>
>
> SRV DNS entries which are working are:
> host -t SRV
> _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.domain.tld
> host -t SRV
> _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.domain.tld
>
> host -t SRV _kerberos._tcp.ad.domain.tld
> host -t SRV _ldap._tcp.ad.domain.tld
>
> host -t SRV _kerberos._tcp.ad.domain.tld
> host -t SRV _ldap._tcp.ad.domain.tld
>
> host -t SRV
> _ldap._tcp.e34d77b4-ff44-49fc-b29c-5373ecb0538a.domains._msdcs.ad.domain.tld
> No _kerberos defined there.
>
> All of them return both DC FQDN.
>
> In (kind of) DNS OU named _tcp in _sites.ad.domain.tld there are 4
> kind of entries:
> _ldap
> _kerberos
> _kpasswd
> _gc
>
> When in others _tcp containers there are less entries (missing
> _kpasswd, missing _kpasswd and _gc or missing _kpasswd, _kerberos and
> _gc).
>
> This was for direct search zone.
>
> For condiftional redir and inverted search zone (rough translation) I
> have no entry at all.
>
not sure what you mean by 'condiftional redir' but I think 'inverted
search zone' is bad English for 'reverse zone' :-)
If so, you need to create this, it is not created automatically:
samba-tool dns zonecreate dc1.example.com 0.168.192.in-addr.arpa
Where 'dc1.example.com' is the FQDN of the first DC and the network is
192.168.0.0/24, from this you get the 0.168.192.
Rowland
More information about the samba
mailing list