[Samba] Problems with Samba as an AD and named

Rowland Penny rpenny at samba.org
Sat Sep 16 09:36:22 UTC 2023 

On Fri, 15 Sep 2023 22:41:46 +0000 (UTC)
compeilermail-openbc--- via samba <samba at lists.samba.org> wrote:

>  Hi Rowland,
> ok. I wouldn't mind doung the new domain route. BUT:
> 
> 1.) as I have 3 kids waiting here - I do not have time2.) as I said -
> I just have one Laptop where the AD is now running and if not really
> really necessary, I do not want to waste money and time just for
> searching, buying and replacing what I have That said - I would
> prefer I fast solution with fixing what went wrong and afterwards
> with time make the changes to a new system.Otherwise I also can make
> the change - if all what is now in the AD could be exported. So that
> what now is configured is not lost (because of point 1. - I do not
> have plenty of time to wait until all works again)
> 
> I think one question could be clearified before making all the effort
> would be - Is the DNS Server accidentially running (or not running
> now) and all the information is in another site (the AD), if so - how
> is it to switch back to that information so that the DC is asking
> itself and answering correct. Thanks - and good night for
> today...Matthias
> 
>

What does this command, run in a terminal on the DC, show:

samba-tool dns zonelist 127.0.0.1

You should get prompted for the Administrator password and get
something similar to this back:

  3 zone(s) found

  pszZoneName                 : 1.168.192.in-addr.arpa
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : DomainDnsZones.samdom.example.com

  pszZoneName                 : samdom.example.com
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : DomainDnsZones.samdom.example.com

  pszZoneName                 : _msdcs.samdom.example.com
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : ForestDnsZones.samdom.example.com

Don't worry if you do not have the reverse zone, that is very easy to
recreate.

If the forward zones are there, then please run these two commands (as
root or with sudo) on the DC:

ldbsearch --cross-ncs -H /var/lib/samba/private/sam.ldb -b
'dc=samdom,dc=example,dc=com' -s sub '(objectclass=dnszone)' | grep
'dn:' | sed 's/dn: //'

ldbsearch --cross-ncs -H /var/lib/samba/private/sam.ldb -b
'dc=samdom,dc=example,dc=com' -s sub '(objectclass=dnsnode)' | grep
'dn:' | sed 's/dn: //'

They are both supposed to be on one line each and you will need to have
the ldb-tools package installed.

Please replace 'dc=samdom,dc=example,dc=com' with your information.

Then send me the resultant output to 'rpenny at samba dot org'

If that seems okay, I will then talk you through removing bind9.

Rowland

More information about the samba mailing list