[Samba] Samba4 AD DC Sites / Rename Default-First-Site-Name and internal DNS

Matthieu Patou mat at samba.org
Sun Dec 30 21:06:07 MST 2012

On 12/30/2012 07:10 PM, Achim Gottinger wrote:
>> As you have noticed, we are very good at adding DNS records, but never
>> remove the old ones.  What you have done seems reasonable, if you have
>> renamed the site, removing the remaining DNS references seems entirely
>> reasonable.
>> Please file a bug about the left-behind DNS stuff, we really should
>> clean that up.
>> Andrew Bartlett
> There is this menu option "cleanup old resource entries" in the DNS 
> snap-in, guess it's normal AD behaviour.  :-)
Not it's not, there is KB about DNS server about how to clean old 
records that were set by a client via DDNS
> This does not yet work against an Samba4 AD DC. But I'll file an 
> bugreport.
>> I'm not 100% sure that we implement everything that is needed for a 
>> client to pickup the correct site, so you might see some issues still. 
> It had happened in very seldom cases with the samba3/bind/openldap 
> before. In the Samba4 test environment it happened only once after i 
> had removed the mentioned SRV records pointig to site2's dc in site1 
> folders. I'll report back if it happens on an regular basis.
>>> As an last step i renamed the site "Default-First-Site-Name" into 
>>> "site1". Restarted the samba services at both sites check 
>>> replication. But there are still a few DNS entries left whom i 
>>> deleted manual. 
>> It's really not a good idea to delete rename the default-First site 
>> lots of Windows admins don't advise to do so, you'd better leave it 
>> empty. Matthieu 
> So to be on the safe side you recommend i create two new sites and 
> assign the two servers to them, leaving Default-First-Site-Name with 
> on assigned server.
> I thought it is safer to leave the first server in that default site 
> because i had read the sites thing is a work in progress. Renaming it 
> was somethin i did after abit of online research which mentioned it is 
> safe and not forbidden. Beside that now empty structure elements in 
> dns the test environment is still work functional.
> http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/2afc3cf5-7389-4368-bdeb-887e60c0081f 
> Beside all that for me samba4 is a great step forward an will simplify 
> things alot compared to the previous samba3/bind/openldap solution
Ok good to know.


Matthieu Patou
Samba Team

More information about the samba mailing list