samba_upgradedns issues on secondary DC SOLVED!!

Daniele Dario d.dario76 at gmail.com
Mon Apr 23 04:56:29 MDT 2012 

Hi Amitay,

On Fri, 2012-04-20 at 10:02 +0200, Daniele Dario wrote:
> Hi Amitay,
> 
> On Fri, 2012-04-20 at 09:54 +1000, Amitay Isaacs wrote:
> > On Wed, Apr 18, 2012 at 1:21 PM, Amitay Isaacs <amitay at gmail.com> wrote:
> > > Hi Daniele,
> > >
> > > On Tue, Apr 17, 2012 at 11:39 PM, Daniele Dario <d.dario76 at gmail.com> wrote:
> > >> Hallo Amitay,
> > >> I'm trying to follow the execution of the samba_upgradedns script to
> > >> understand why it doesn't work for me:
> > >>
> > >>...
> > 
> > Hi Daniele,
> > 
> > Please try this patch and let me know if that fixes the ldb operations
> > error in samba_upgradedns.
> > 
> > Amitay.
> 
> I've found a typo in the patch:
> 
> --- source4/scripting/bin/samba_upgradedns	2012-04-20 09:53:35.285776885
> +0200
> +++ source4/scripting/bin/samba_upgradedns	2012-04-20 09:53:09.034259436
> +0200
> @@ -415,7 +415,7 @@
> 
> "hasPartialReplicaNCs")
>                  else:
>                      m["hasPartialReplicaNCs"] = ldb.MessageElement(ncs,
> -
> ldb.FLAG_MOD_DELETE<
> +
> ldb.FLAG_MOD_DELETE,
> 
> "hasPartialReplicaNCs")
>              ldbs.sam.modify(m)
>      except Exception:
> 
> Correcting the '<' with the ',' it worked !!!.
> 
> Now I'll try to start bind and let you know.
> 
> Just a question:
> I've seen that permissions for private/dns folder is correct
> (770:root.bind) but dns.keytab is 600:root.root
> Shouldn't it be 640:root.bind?
> 
> Great job Amitay.
> Thanks again,
> Daniele.
> 
> 
> 

as said in last mail, I tried to start bind on secondary DC and it
started without errors.

nslookup works (as expected) same for samba-tool dns ...

The only one thing I'm facing is that on the zones names are
automatically replicated but records not. To clarify things, after I had
DNS zones replicated I found that on secondary DC, using samba-tool dns
query I saw the presence of the zones, and inside the zones I found that
names were populated but records no: for example, on kdc02 dns query on
forward zone tells me this about kdc01
  Name=, Records=0, Children=0
while on kdc01 I read 
  Name=, Records=1, Children=0
    A: 192.168.12.5 (flags=f0, serial=142, ttl=900)
After the week-end, I've seen that windows boxes which started working
today have updated records on both DCs.

Is this behavior corrected?

Daniele.

More information about the samba-technical mailing list