[Samba] Active Directory DNS Registration

[Casey Allen Shobe]

On Thu, Dec 3, 2009 at 10:55 AM, Robert LeBlanc <robert at leblancnet.us>
wrote:
> When you use net ads join to join the computer to the domain, it should
> register the machine in DNS as well.

Well, prior to reading this I actually got things changed over to use
security = ads insead of domain, and re-joined the domain using kerberos.
The DNS issue was exactly the same.

> Since you say that the machine object shows the name in lowercase, I
> assume you did not create the object previously.

No, I did not.  I deleted it using active directory users and groups before
rejoining with kerberos also.

> If looking in DNS management does not show you machine in the
> forward zone,

How can I check for sure?  wbinfo -I and -N work, btw, but not DNS
resolution.  I do not have any access to the Windows DNS stuff as it runs on
servers I cannot log in to.  Well, actually, I have a non-admin login right
on one of them, but I don't think I can do anything useful with that.

> try on the Samba server "sudo net ads dns register -P" That will try to
> register the machine again in DNS.

That command hung for long time, then finally returned:
"DNS update failed!"

> I'm not sure if pre-creating the object will cause problems as I have not
> pre-created objects in my domain.

I deleted the computer from AD, and pre-created it using uppercase letters,
then re-joined the domain using net ads join.  Now DNS resolution seems to
work!

> If you need additional IP's or CNAMEs, you may have to enter those
> manually in DNS management.

I'm assuming this is something on the Windows DC that is outside of my
control.  Is it possible to set up a (linux-based) DNS server for our site
that can resolve some custom things I put in, but passes anything it doesn't
know an answer for (e.g. any Windows hostname) to the Windows DNS?

Cheers,
-- 
Casey Allen Shobe
casey at shobe.info