[Samba] BIND Problem on CentOS 6.3

M F mf_in_mun at hotmail.de
Tue Jul 31 08:10:03 MDT 2012 

Hi,

I've set up a Samba4 PDC on a CentOS 6.3 and so far it's up and running, 
following the howto on the wiki.
This means I've joined the AD domain with a dedicated Win 7 virtual machine, 
I've installed the RSAT tools on that machine and I can administrate the AD 
domain.

I've set up this PDC in an existing small network with an AVM FRITZ.BOX adsl 
router, which is already the primary DNS nameserver. Within this network 
there are some more (Linux-) servers which are not part of the AD domain:
- for example    srv-alfresco.fritz.box
                          srv-redmine.fritz.box

When I now try to connect to one of those servers from the dedicated 
machine, this is not working. The domain name can't be resolved.

When I open a terminal on that Samba4 PDC and try
- ping srv-alfresco --> unknown host
- ping srv-alfresco.fritz.box --> unknown host
- dig srv-alfresco --> Status NOERROR, IP resolved
- dig srv-alfresco.fritz.box --> Status NXDOMAIN

When I remove that specific includes from the named.conf the above commands 
are working, but naturally the PDC is not working.

I'm sorry but after a couple of days doing around I have no idea how to 
solve that problem.

Any help would be appriciated.

Sebastian

Configuration:
--- Centos 6.3, BIND 9.8.2 (via yum), Samba Version 4.0.0beta5-GIT-35c0f16

--- current smb.conf
[global]
server role = active directory domain controller
workgroup = FRITZ
realm = FRITZ.BOX
netbios name = SRV-SAMBA4
passdb backend = samba4
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, 
spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey
server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, 
ntp_signd, kcc, dnsupdate, s3fs
nsupdate command = /usr/local/samba/bin/nsupdate
dsdb:schema update allowed = Yes

log file = /var/log/samba.log

[netlogon]
path = /usr/local/samba/var/locks/sysvol/fritz.box/scripts
read only = No

[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No

[profiles]
path = /usr/local/samba/var/profiles
read only = No

--- current named.conf
/*
    Very simple named.conf for testing purposes
*/
options {
listen-on port 53 { 127.0.0.1; 192.168.178.0/24; };
directory  "/var/named";
dump-file  "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

recursion yes;
forwarders { 192.168.178.1; };

managed-keys-directory "/var/named/dynamic";
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";

};
include "/usr/local/samba/private/named.conf";


--- current resolv.conf
domain fritz.box
nameserver 127.0.0.1
nameserver 192.168.178.1

More information about the samba mailing list