samba_upgradedns issues on secondary DC SOLVED!!

Andreas Oster aoster at novanetwork.de
Thu May 3 06:04:05 MDT 2012 

Am 23.04.2012 12:56, schrieb Daniele Dario:
> Hi Amitay,
> 
> On Fri, 2012-04-20 at 10:02 +0200, Daniele Dario wrote:
>> Hi Amitay,
>>
>> On Fri, 2012-04-20 at 09:54 +1000, Amitay Isaacs wrote:
>>> On Wed, Apr 18, 2012 at 1:21 PM, Amitay Isaacs <amitay at gmail.com> wrote:
>>>> Hi Daniele,
>>>>
>>>> On Tue, Apr 17, 2012 at 11:39 PM, Daniele Dario <d.dario76 at gmail.com> wrote:
>>>>> Hallo Amitay,
>>>>> I'm trying to follow the execution of the samba_upgradedns script to
>>>>> understand why it doesn't work for me:
>>>>>
>>>>> ...
>>>
>>> Hi Daniele,
>>>
>>> Please try this patch and let me know if that fixes the ldb operations
>>> error in samba_upgradedns.
>>>
>>> Amitay.
>>
>> I've found a typo in the patch:
>>
>> --- source4/scripting/bin/samba_upgradedns	2012-04-20 09:53:35.285776885
>> +0200
>> +++ source4/scripting/bin/samba_upgradedns	2012-04-20 09:53:09.034259436
>> +0200
>> @@ -415,7 +415,7 @@
>>
>> "hasPartialReplicaNCs")
>>                  else:
>>                      m["hasPartialReplicaNCs"] = ldb.MessageElement(ncs,
>> -
>> ldb.FLAG_MOD_DELETE<
>> +
>> ldb.FLAG_MOD_DELETE,
>>
>> "hasPartialReplicaNCs")
>>              ldbs.sam.modify(m)
>>      except Exception:
>>
>> Correcting the '<' with the ',' it worked !!!.
>>
>> Now I'll try to start bind and let you know.
>>
>> Just a question:
>> I've seen that permissions for private/dns folder is correct
>> (770:root.bind) but dns.keytab is 600:root.root
>> Shouldn't it be 640:root.bind?
>>
>> Great job Amitay.
>> Thanks again,
>> Daniele.
>>
>>
>>
> 
> as said in last mail, I tried to start bind on secondary DC and it
> started without errors.
> 
> nslookup works (as expected) same for samba-tool dns ...
> 
> The only one thing I'm facing is that on the zones names are
> automatically replicated but records not. To clarify things, after I had
> DNS zones replicated I found that on secondary DC, using samba-tool dns
> query I saw the presence of the zones, and inside the zones I found that
> names were populated but records no: for example, on kdc02 dns query on
> forward zone tells me this about kdc01
>   Name=, Records=0, Children=0
> while on kdc01 I read 
>   Name=, Records=1, Children=0
>     A: 192.168.12.5 (flags=f0, serial=142, ttl=900)
> After the week-end, I've seen that windows boxes which started working
> today have updated records on both DCs.
> 
> Is this behavior corrected?
> 
> Daniele.
> 
> 
Hello Daniele,

have you been able to successfully add a secondary DC as additional
bind9 DNS server ? If so, can you explain the steps to get working
configuration ?

Thank you

best regards

Andreas

More information about the samba-technical mailing list