samba- 4.2.1 as PDC in an 2008R2 domain - WERR_DNS_ERROR_DS_UNAVAILABLE
"Dr. Hansjörg Maurer"
hansjoerg.maurer at itsd.de
Tue May 5 12:32:21 MDT 2015
Hi
i successfully joined a samba 4.2.1 server as PDC to an 2008R2 domain
(which might have a 2003 history).
The only message during the join I wondered about was
descriptor_sd_propagation_recursive: DC=DomainDnsZones,DC=XXX,DC=net not
found under DC=XXX,DC=net
descriptor_sd_propagation_recursive: DC=ForestDnsZones,DC=XXX,DC=net not
found under DC=XXX,DC=net
When I try to query the samba DC for a DNS record using samba-tool
samba-tool dns query server01.xxx.net xxx.net server01 A -U Administrator
I got
ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE')
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/dns.py", line
994, in run
None, record_type, select_flags, None, None)
When I query the MS DC I get the correct answer
Name=, Records=1, Children=0
A: 192.168.42.5 (flags=f0, serial=0, ttl=900)
If I query the samba DC using nslookup the host is resolved.
I am also unable to manage DNS on the samba DC using MMC
In the list archive I found under
http://samba.2283325.n4.nabble.com/Querying-DNS-info-samba4-td4562214.html
"The older versions of window server (2003 and older) created the DNS
containers under CN=System in the domain partition, whereas the newer
windows server (2008+) creates separate application partitions for
DNS. DNS RPC server uses DNS partitions to store the DNS zone
information. But for querying purposes, dlz_bind9 module and internal
DNS server both can read records from CN=System in domain partition.
DNS RPC server can be easily modified to support CN=System for DNS
information. Patches are welcome! ;-) "
Is there a chance to fix that problem (on the samba or on th AD side)?
Regards
Hansjörg
----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an hansjoerg.maurer at itsd.de.
Our system is equipped with an email encryption gateway. If you want email sent to you to be encrypted please send a S/MIME signed email or your PGP public key to hansjoerg.maurer at itsd.de.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5906 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150505/44e5abff/attachment.bin>
More information about the samba-technical
mailing list