[Samba] Samba4 AD DC Sites / Rename Default-First-Site-Name and internal DNS

Achim Gottinger achim at ag-web.biz
Sat Dec 29 05:38:19 MST 2012 

Hello,

I'm running a  few tests here with two locations.

site1: server-site1.gsg.local subnet 192.168.200.0/24
site2: server-site2.gsg.local subnet 192.168.190.0/24

both are connected via VPN.

I migrated an samba3 domain at server-site1 it gets 
Default-First-Site-Name assigned. Then I joined the new samba4 domain 
withe server-site2. Both servers work and i can join and access them 
with clients at both locations. I created reverse zones for both subnets 
and added the required static entries.
Then I created an new site (name site2) and two subnets with MS AD Site 
Management. I assigned subnet 192.168.200.0/24 to the site 
"Default-First-Site-Name" and subnet 192.168.190.0/24 to the site 
"site2". And moved server-site2 from Default-First-Site-Name to site2.
Machines at site1 randomly picked server-site2 for logins. On site2 they 
always picked server-site2.

So I deleted a few DNS records.

_ldap._tcp.Default-First-Site-Name._sites.gsg.local SRV site2.gsg.local

_kerberos._tcp.Default-First-Site-Name._sites.gsg.local SRV site2.gsg.local

_gc._tcp.Default-First-Site-Name._sites.gsg.local SRV site2.gsg.local

_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.gsg.local SRV site2.gsg.local


And after an samba restart also

_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site2.gsg.local

_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site2.gsg.local

Afterwards machines at site1 also chose server-site1 most of the time. 
Hope i can optimize the behaviour of logon server choosing abit more but 
it happened really seldom and it all ran virtualized with 1GB bandwidth 
for the VPN connection, which will be 1-2MBit once in production.

As an last step i renamed the site "Default-First-Site-Name" into 
"site1". Restarted the samba services at both sites check replication. 
But there are still a few DNS entries left whom i deleted manual.

_ldap._tcp.Default-First-Site-Name._sites.gsg.local SRV site1.gsg.local
_kerberos._tcp.Default-First-Site-Name._sites.gsg.local SRV site1.gsg.local
_gc._tcp.Default-First-Site-Name._sites.gsg.local SRV site1.gsg.local
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.gsg.local SRV site1.gsg.local
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site1.gsg.local
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site1.gsg.local

So there are no more (visible) entries left in

Default-First-Site-Name._sites.gsg.local
Default-First-Site-Name._sites.gc._msdcs.gsg.local
Default-First-Site-Name._sites.dc._msdcs.gsg.local

But the structure remains an can not be deleted. (things like 
_tcp.Default-First-Site-Name._sites.gsg.local). Things still seem to 
work at both sites but i'm curious if these leftovers can be completely 
removed.

Thanks in advance
Achim Gottinger

More information about the samba mailing list