samba_upgradedns issues on secondary DC SOLVED!!
Daniele Dario
d.dario76 at gmail.com
Thu May 3 06:51:04 MDT 2012
On Thu, 2012-05-03 at 14:04 +0200, Andreas Oster wrote:
> Am 23.04.2012 12:56, schrieb Daniele Dario:
> > Hi Amitay,
> >
> > as said in last mail, I tried to start bind on secondary DC and it
> > started without errors.
> >
> > nslookup works (as expected) same for samba-tool dns ...
> >
> > The only one thing I'm facing is that on the zones names are
> > automatically replicated but records not. To clarify things, after I had
> > DNS zones replicated I found that on secondary DC, using samba-tool dns
> > query I saw the presence of the zones, and inside the zones I found that
> > names were populated but records no: for example, on kdc02 dns query on
> > forward zone tells me this about kdc01
> > Name=, Records=0, Children=0
> > while on kdc01 I read
> > Name=, Records=1, Children=0
> > A: 192.168.12.5 (flags=f0, serial=142, ttl=900)
> > After the week-end, I've seen that windows boxes which started working
> > today have updated records on both DCs.
> >
> > Is this behavior corrected?
> >
> > Daniele.
> >
> >
> Hello Daniele,
>
> have you been able to successfully add a secondary DC as additional
> bind9 DNS server ? If so, can you explain the steps to get working
> configuration ?
>
> Thank you
>
> best regards
>
> Andreas
Hi Andreas,
as said by Amitay, the first step is to have DNS zones replicated
between DCs.
1. join the 2nd DC to the domain as per
https://wiki.samba.org/index.php/Samba4_joining_a_domain
2. after the join, before start samba I increment the log level to
see problems in detail (add log level = 3 or more in
etc/smb.conf in [global] section)
3. once you have started samba4 on both DCs you should see that
replication starts (at least the basic three zones)
4. Amitay's tip is to restart samba4 again to start replication of
DNS zones but this has not worked for me so I had to run
samba-tool drs replicate <dst dc> <src dc>
DC=DomainDnsZones,DC=domain,DC=local and
DC=ForestDnsZones,DC=domain,DC=local on primary and than on
secondary DC to get them replicated
5. once you have DNS zones replicated between DCs you can try to
look if samba-tool dns query on secondary DC works
6. at this point, if you try to run samba_upgradedns you should see
that the private/dns folder (and the ldbs) will be created
7. last, configure bind as in primary DC and start it
As said in point 4, I was not able to get replication of DNS zones
working automatically as said by Amitay.
BTW, after I started them manually I was able to see the zones by RPC
(using samba-tool dns ...).
Even if replication is working it seems that zones are not fully
replicated because them are populated with entries but without records.
I've seen that after a while, windows boxes which work on the domain had
updated their dns entries and the appeared also on the secondary DC.
Let me know it you are luckier than me.
Cheers,
Daniele.
More information about the samba-technical
mailing list