Samba4 BDC with Samba4 PDC

Sun Jun 3 02:59:10 MDT 2012

I have had samba4 (Version 4.0.0alpha21-GIT-073666e) up and running as 
the PDC on my network, currently with BIND9_DLZ and Bind9.9, working 
well for a little while.

For redundancy, I'd like to add a Samba 4 BDC, also BIND9_DLZ with 
Bind9.9. To this end I grabbed the latest from git (Version 
4.0.0alpha22-GIT-29a51a2) and installed it, however there is not a lot 
(any?) info out there on how things should be done _properly_ from a 
configuration point of view, i.e. on the BDC is there a smb.conf or not, 
how is the krb5.conf configured, how is /etc/resolv.conf configured?

Anyway, I can join the the BDC to the domain with;

# samba-tool domain join mydomain.co.uk DC -UAdministrator 
--realm=mydomain.co.uk
Finding a writeable DC for domain 'mydomain.co.uk'
Found DC ns.mydomain.co.uk
Password for [WORKGROUP\Administrator]:
workgroup is MYDOMAIN
realm is mydomain.co.uk
checking sAMAccountName
Adding CN=SHEEVA,OU=Domain Controllers,DC=mydomain,DC=co,DC=uk
Adding 
CN=SHEEVA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=co,DC=uk
Adding CN=NTDS 
Settings,CN=SHEEVA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=co,DC=uk
Adding SPNs to CN=SHEEVA,OU=Domain Controllers,DC=mydomain,DC=co,DC=uk
Setting account password for SHEEVA$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mydomain,DC=co,DC=uk
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=co,DC=uk] 
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=co,DC=uk] 
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=co,DC=uk] 
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=co,DC=uk] 
objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=mydomain,DC=co,DC=uk] objects[402/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mydomain,DC=co,DC=uk] objects[804/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mydomain,DC=co,DC=uk] objects[1206/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mydomain,DC=co,DC=uk] objects[1608/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mydomain,DC=co,DC=uk] objects[1614/1614] 
linked_values[26/0]
Replicating critical objects from the base DN of the domain
Partition[DC=mydomain,DC=co,DC=uk] objects[98/98] linked_values[24/0]
Partition[DC=mydomain,DC=co,DC=uk] objects[330/232] linked_values[32/0]
Committing SAM database
Sending DsReplicateUpdateRefs for all the partitions
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain MYDOMAIN (SID S-1-5-21-2874647136-1364824720-2698236840) 
as a DC

The process of joining the BDC to the domain seems to shutdown bind on 
the PDC and neither '/usr/local/samba/private/named.conf' nor 
'/usr/local/samba/private/dns/' are created on the BDC.

I can (and did) add the followong to my 'named.conf.local'.

dlz "AD DNS Zone" {
     # For BIND 9.9.0
         database "dlopen /usr/local/samba/lib/bind9/dlz_bind9_9.so";
};

but bind will not restart as '/usr/local/samba/private/dns/' and it's 
contents are missing.

Can anybody give me some pointers or point me at any info that will help 
with the correct configuration?

Cheers,
Mike.
-- 
Any question is easy if you know the answer!