[Samba] Samba4 AD DC Sites / Rename Default-First-Site-Name and internal DNS
Rob Townley
rob.townley at gmail.com
Mon Dec 31 10:26:38 MST 2012
On Sun, Dec 30, 2012 at 10:06 PM, Matthieu Patou <mat at samba.org> wrote:
> On 12/30/2012 07:10 PM, Achim Gottinger wrote:
>
>> As you have noticed, we are very good at adding DNS records, but never
>>> remove the old ones. What you have done seems reasonable, if you have
>>> renamed the site, removing the remaining DNS references seems entirely
>>> reasonable.
>>>
>>> Please file a bug about the left-behind DNS stuff, we really should
>>> clean that up.
>>>
>>> Andrew Bartlett
>>>
>>
>> There is this menu option "cleanup old resource entries" in the DNS
>> snap-in, guess it's normal AD behaviour. :-)
>>
> Not it's not, there is KB about DNS server about how to clean old records
> that were set by a client via DDNS
>
> This does not yet work against an Samba4 AD DC. But I'll file an
>> bugreport.
>>
>> I'm not 100% sure that we implement everything that is needed for a
>>> client to pickup the correct site, so you might see some issues still.
>>>
>> It had happened in very seldom cases with the samba3/bind/openldap
>> before. In the Samba4 test environment it happened only once after i had
>> removed the mentioned SRV records pointig to site2's dc in site1 folders.
>> I'll report back if it happens on an regular basis.
>>
>>> As an last step i renamed the site "Default-First-Site-Name" into
>>>> "site1". Restarted the samba services at both sites check replication. But
>>>> there are still a few DNS entries left whom i deleted manual.
>>>>
>>> It's really not a good idea to delete rename the default-First site lots
>>> of Windows admins don't advise to do so, you'd better leave it empty.
>>> Matthieu
>>>
>>
>> So to be on the safe side you recommend i create two new sites and assign
>> the two servers to them, leaving Default-First-Site-Name with on assigned
>> server.
>> I thought it is safer to leave the first server in that default site
>> because i had read the sites thing is a work in progress. Renaming it was
>> somethin i did after abit of online research which mentioned it is safe and
>> not forbidden. Beside that now empty structure elements in dns the test
>> environment is still work functional.
>>
>> http://social.technet.**microsoft.com/Forums/en-US/**
>> winserverNIS/thread/2afc3cf5-**7389-4368-bdeb-887e60c0081f<http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/2afc3cf5-7389-4368-bdeb-887e60c0081f>
>>
>> Beside all that for me samba4 is a great step forward an will simplify
>> things alot compared to the previous samba3/bind/openldap solution
>>
> Ok good to know.
>
> Matthieu.
>
>
> --
> Matthieu Patou
> Samba Team
> http://samba.org
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>
MS ADS utilities would demand restoring from backups for deleting dns
records.
Assuming you are trying to have two different sites in the same domain,
you would not want to delete DNS records at all, but change the dns SRV
record such that the remote site has a lower priority (higher number) and
the local site has a better priority (lower number). In many computer
systems, higher priority is represented by a lower number. zero is often
the highest priority. Weight is different than priority. More Weight is
represented by a higher number. You may want to leave weight alone
because rfc2782 says WEIGHT zero is a special case. rfc2782 is a little
confusing as to what weight zero implies. It also states the order of
ResourceRecords returned matters in the selection process. Details are in
the URLs below. i would recommend reading about PRIORITY and WEIGHT in
2782.
http://en.wikipedia.org/wiki/SRV_record
http://tools.ietf.org/html/rfc2782
More information about the samba
mailing list