Cannot manage DNS through Windows ADUC or samba-tool
Matthieu Patou
mat at matws.net
Mon Feb 24 15:49:09 MST 2014
It looks like the simplest way would be to create the DNS partition so
that bind/internal dns could store the information there instead of the
old 2000 location.
Matthieu.
On 02/17/2014 01:09 PM, Bram Matthys wrote:
> Hi,
>
> I recently migrated from Windows 2003 + 2008 R2 to Samba 4 (and ditched the
> Windows servers). Unfortunately managing DNS from Windows doesn't seem to be
> working, and neither does samba-tool dns serverinfo 127.0.0.1 work:
> ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE')
>
> Just to be clear: DNS itself is working fine, I can ping my workstation from
> my server by name, etc.
>
> I found this post, which seems to find the source of the problem:
> https://lists.samba.org/archive/samba-technical/2012-April/083081.html
> Quoting:
>> On Wed, Apr 25, 2012 at 5:35 AM, Greg Dickie <greg at justaguy.ca> wrote:
>>> Hi Amitay,
>>>
>>> I think I may have figured this out. My AD started out as a 2003 SBS
>>> system so the schemas are a bit different. Looking in the rpcdce code
>>> for DNS I see that dnsserver_init_serverinfo
>>> (rpc_server/dnsserver/dnsutils.c ) is called and starts looking for
>>>
>>> CN=MicrosoftDNS,DC=DomainDnsZones,...,
>>>
>>> My schema does not have that, the closest I could find is something that
>>> looks like this:
>>>
>>> dn:
>>> DC=DomainDnsZones,DC=example.local,CN=MicrosoftDNS,CN=System,DC=example,DC=local
> I think I have the same setup.
> In CN=MicrosoftDNS,DC=DomainDnsZones,DC=COMPANY,DC=NET I only have
> DC=RootDNSServers.
> My DNS zones are under CN=MicrosoftDNS,CN=System,DC=COMPANY,DC=NET
> With host entries like:
> DC=D-99,DC=company.net,CN=MicrosoftDNS,CN=System,DC=COMPANY,DC=NET
>
> In this post Amitay suggests:
>> The older versions of window server (2003 and older) created the DNS
>> containers under CN=System in the domain partition, whereas the newer
>> windows server (2008+) creates separate application partitions for
>> DNS. DNS RPC server uses DNS partitions to store the DNS zone
>> information. But for querying purposes, dlz_bind9 module and internal
>> DNS server both can read records from CN=System in domain partition.
>> DNS RPC server can be easily modified to support CN=System for DNS
>> information. Patches are welcome! ;-)
>>
>> Amitay.
> Did such a patch fail to get in (yet)?
>
> I use samba 4.1.4 with it's internal DNS server.
>
> I checked dnsserver_init_serverinfo in
> source4/rpc_server/dnsserver/dnsutils.c and if I read the code well then
> this is all good:
> serverinfo->pszDsContainer = talloc_asprintf(mem_ctx,
> "CN=MicrosoftDNS,DC=DomainDnsZones,%s", ldb_dn_get_linearized(domain_dn));
>
> But later in the code it shows:
> serverinfo->pszDomainDirectoryPartition = talloc_asprintf(mem_ctx,
> "DC=DomainDnsZones,%s", ldb_dn_get_linearized(domain_dn));
> serverinfo->pszForestDirectoryPartition = talloc_asprintf(mem_ctx,
> "DC=ForestDnsZones,%s", ldb_dn_get_linearized(forest_dn));
> Is this the part I should get rid of or change?
>
> Thanks,
>
> Bram.
>
More information about the samba-technical
mailing list