dns.keytab file
Andrew Bartlett
abartlet at samba.org
Fri Oct 16 20:37:04 UTC 2020
On Fri, 2020-10-16 at 21:42 +0200, Stefan Kania via samba-technical
wrote:
> Hello,
>
> is there a reason why there is no /var/lib/samba/bind-dns/dns.keytab
> on
> any other then the first DC in a domain? The first DC has two
> dns.keytab
> files (/var/lib/samba/private/dns.keytab) and
> (/var/lib/samba/bind-dns/dns.keytab). All the following DCs have only
> the on in /var/lib/samba/private, also the file-permissions for the
> bind9 are wrong on any other then the first DC. Up to this point I
> copied the file and changed the permission manually, but now I try to
> setup all DC via Ansible and I have to create more tasks depending if
> it's the first or second ... DC.
>
> So is it a bug or a feature
I just saw this with a customer yesterday.
Bug. Clearly the first and subsequent DCs should be as similar as
possible.
It seems the move to bind-dns was not complete.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list