[Samba] Secondary DNS - samba 4 domain

Ryan Whelan rcwhelan at gmail.com
Wed May 30 18:09:05 MDT 2012

I was able to get the DomainDnsZone and ForestDnsZone replicated to the
second machine.  I ran the samba_upgradedns script and it created the
private/dns dir and populated it with with the ldbs.  Bind starts fine with
the dlopen.  However, bind fails to resolve anything. Trying to do a zone
transfer (via `dig`) from the second machine fails- looking at the log, it
says the zone has no SOA.  However, running `samba-tool dns query smb2
cngtest.local cngtest.local SOA` returns:

  Name=, Records=0, Children=0
  Name=_msdcs, Records=0, Children=0
  Name=_sites, Records=0, Children=1
  Name=_tcp, Records=0, Children=4
  Name=_udp, Records=0, Children=2
  Name=DomainDnsZones, Records=0, Children=2
  Name=ForestDnsZones, Records=0, Children=2
  Name=smb1, Records=0, Children=0
  Name=tester, Records=0, Children=0

If i try to resolve a single host (via `dig`) returns SERVFAIL.  I've tried
restarting both bind and samba. It didn't help.

On Wed, May 30, 2012 at 7:10 PM, Amitay Isaacs <amitay at gmail.com> wrote:

> Hi Ryan,
> On Thu, May 31, 2012 at 5:52 AM, Ryan Whelan <rcwhelan at gmail.com> wrote:
> > How do I do about setting up a second samba DC as a DNS server?  I have 2
> > DCs in the domain (setup via the How-to on the wiki)
> >
> > If I try to follow the steps I used for the first controller on the
> second,
> > bind won't start because /usr/local/samba/private/dns hasn't been created
> > or populated. (I'm using the dlz backend).  Searching the wiki has
> provided
> > nothing.  How to I create the needed ldb zone files?  Do i just copy them
> > from the first machine?
> It's slightly more involved. First you have to make sure that DNS
> partitions are getting replicated between two DCs. If the DNS
> partitions are not replicated correctly you won't be able to run DNS
> server on secondary DC. Next step is to use samba_upgradedns script to
> "fix" the provision on secondary DC and to create the files required
> by DLZ backend.
> The main issue reported by few users is that the replication fails at
> times and I have not yet been able to figure out the root cause of
> this. So if you notice issues with replication, let me know.
> Amitay

More information about the samba mailing list