Cannot manage DNS through Windows ADUC or samba-tool

Denis Cardon denis.cardon at tranquil-it-systems.fr
Mon Feb 24 04:50:22 MST 2014 

Hi Bram,

> Because of this, DNS entries are not being updated either, so all our
> DNS entries now point to old IP's.
>
> I also tried another solution, not changing any code but moving the LDAP
> tree, bus was unsuccesful.
> (see https://lists.samba.org/archive/samba/2014-February/179039.html )
>
> Any help on resolving this issue (either way) would be appreciated.

Did you happen to have changed the ip address of the samba4 server after 
removing the win2k8 and win2k3? If yes, then try to add an alias ip 
address on our interface with the old samba4 ip address and then restart 
the samba4 server. I remember I had a similar issue once where the 
samba4 server had to have its old ip in order to run the samba_dnsupdate 
script properly.

In order to add the old ip as an alias on you eth0 interface, you may run :
  ifconfig eth0 add old_samba4_ip netmask oldnetmask

Hope this helps,

Denis

>
> Thanks,
>
> Bram.
>
> Bram Matthys schreef op 2014-02-17 22:09:
>> Hi,
>>
>> I recently migrated from Windows 2003 + 2008 R2 to Samba 4 (and
>> ditched the
>> Windows servers). Unfortunately managing DNS from Windows doesn't seem
>> to be
>> working, and neither does samba-tool dns serverinfo 127.0.0.1 work:
>> ERROR(runtime): uncaught exception - (9717,
>> 'WERR_DNS_ERROR_DS_UNAVAILABLE')
>>
>> Just to be clear: DNS itself is working fine, I can ping my
>> workstation from
>> my server by name, etc.
>>
>> I found this post, which seems to find the source of the problem:
>>
>> https://lists.samba.org/archive/samba-technical/2012-April/083081.html
>> Quoting:
>>> On Wed, Apr 25, 2012 at 5:35 AM, Greg Dickie <greg at justaguy.ca>
>>> wrote:
>>>> Hi Amitay,
>>>>
>>>>  I think I may have figured this out. My AD started out as a 2003 SBS
>>>> system so the schemas are a bit different. Looking in the rpcdce code
>>>> for DNS I see that dnsserver_init_serverinfo
>>>> (rpc_server/dnsserver/dnsutils.c ) is called and starts looking for
>>>>
>>>> CN=MicrosoftDNS,DC=DomainDnsZones,...,
>>>>
>>>> My schema does not have that, the closest I could find is something
>>>> that
>>>> looks like this:
>>>>
>>>> dn:
>>>>
>>>> DC=DomainDnsZones,DC=example.local,CN=MicrosoftDNS,CN=System,DC=example,DC=local
>>>>
>>
>> I think I have the same setup.
>> In CN=MicrosoftDNS,DC=DomainDnsZones,DC=COMPANY,DC=NET I only have
>> DC=RootDNSServers.
>> My DNS zones are under CN=MicrosoftDNS,CN=System,DC=COMPANY,DC=NET
>> With host entries like:
>> DC=D-99,DC=company.net,CN=MicrosoftDNS,CN=System,DC=COMPANY,DC=NET
>>
>> In this post Amitay suggests:
>>> The older versions of window server (2003 and older) created the DNS
>>> containers under CN=System in the domain partition, whereas the newer
>>> windows server (2008+) creates separate application partitions for
>>> DNS. DNS RPC server uses DNS partitions to store the DNS zone
>>> information. But for querying purposes, dlz_bind9 module and internal
>>> DNS server both can read records from CN=System in domain partition.
>>> DNS RPC server can be easily modified to support CN=System for DNS
>>> information. Patches are welcome! ;-)
>>>
>>> Amitay.
>>
>> Did such a patch fail to get in (yet)?
>>
>> I use samba 4.1.4 with it's internal DNS server.
>>
>> I checked dnsserver_init_serverinfo in
>> source4/rpc_server/dnsserver/dnsutils.c and if I read the code well then
>> this is all good:
>> serverinfo->pszDsContainer = talloc_asprintf(mem_ctx,
>> "CN=MicrosoftDNS,DC=DomainDnsZones,%s",
>> ldb_dn_get_linearized(domain_dn));
>>
>> But later in the code it shows:
>> serverinfo->pszDomainDirectoryPartition = talloc_asprintf(mem_ctx,
>> "DC=DomainDnsZones,%s", ldb_dn_get_linearized(domain_dn));
>> serverinfo->pszForestDirectoryPartition = talloc_asprintf(mem_ctx,
>> "DC=ForestDnsZones,%s", ldb_dn_get_linearized(forest_dn));
>> Is this the part I should get rid of or change?
>>
>> Thanks,
>>
>> Bram.
>


-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr

More information about the samba-technical mailing list