Reporting success this past year + new Issues Adding a new Samba 4 DC to existing Samba 4 AD

Aubrey Ekstrom aekstrom at
Thu Dec 1 15:06:32 MST 2011

>Once you have DDNS working on your first DC, the new DC should 'just
>work' - it will again try and update DNS, and then behave normally.
>Andrew Bartlett

OK. Thanks. I will work on DDNS then. I will report back with my success or
failure with that.

There is still the 1st new DC orphaned in A/D, but that's cosmetic that I
can't delete it, and I'll deal with it later.


Aubrey Ekstrom | *Systems Administrator
Proclivity Systems
22 West 19th St., Ninth Floor
New York, NY 10011
p 646.380.2416
aekstrom at

*Proclivity® | We Value Your Customers™*

This message is the property of Proclivity Systems, Inc. and is intended
only for the use of the addressee(s), and may contain material that is
confidential and privileged for the sole use of the intended recipient.  If
you are not the intended recipient, reliance or forwarding without express
permission is strictly prohibited; please contact the sender and delete all

On Thu, Dec 1, 2011 at 5:02 PM, Andrew Bartlett <abartlet at> wrote:

> On Thu, 2011-12-01 at 16:49 -0500, Aubrey Ekstrom wrote:
> > Hi Andrew,
> >
> > Thanks for the fast reply!
> >
> > Unfortunately my previous boss told me specifically not to set up dynamic
> > DNS on the Samba 4 PDC, despite my objections. He had some strange ideas
> > about security, that being one of them... but he is gone now. That was
> why
> > I suspected that maybe DNS & Kerberos was the issue here. I think I need
> to
> > update Bind9 on the PDC to get DDNS working though. I don't mind working
> on
> > that and then building another DC, but either way it would be nice if I
> > could delete the bad DC(s) from A/D. Any ideas on that? (see the thread
> for
> > what we tried to do deleting the orphaned DC server from A/D).
> >
> > Pretty soon my new boss is going to tell me not to spend any more time on
> > this and just use Windows A/D :^(. I really don't mind doing that, but I
> do
> > enjoy running an alpha Samba 4 on Debian Linux for our Active Directory,
> > and having it be 1000X more stable than any Windows Server I have ever
> > worked with, even if it doesn't have 100% functionality... yet :).
> Once you have DDNS working on your first DC, the new DC should 'just
> work' - it will again try and update DNS, and then behave normally.
> Andrew Bartlett
> --
> Andrew Bartlett                      
> Authentication Developer, Samba Team 

More information about the samba-technical mailing list