[Samba] DNS managment error

Wed Aug 28 10:29:30 MDT 2013

Wow! I'm impressed! :-) I also ensured that the domain was at 2003 
native but with no improvement.

When you say that "in the DNS tool I configured forest wide zone 
replication", is that the Win DNS MMC or samba-tool? Can you be 
specific? That may have been my problem.

Thanx,
Garth

On 08/28/2013 09:52 AM, Antun Horvat wrote:
> Hello again,
>
> I wanted to notify everybody that I managed to overcome this problem.
> The issue was that CN=MicrosoftDNS,DC=ForestDnsZones,... branch was 
> missing because
> the Forest was operating in Windows 2000 native functional level.
> The thing that I did was, transfer all FSMO roles back to Windows 2003 
> server plugged off Samba servers, cleaned Samba server metadata and 
> then raised the level of the domain to Windows 2003 Native.
> Then in the DNS tool I configured forest wide zone replication.
> Then i did fresh install of Samba on Linux servers and joined the them 
> to the domain.
>
> When I was sure that all changes are being replicated across all 
> domain controllers, I transfered all FSMO roles
> back to one Linux server and unplugged Windows 2003 from the network.
>
> Now I have full access to DNS services and all other levels of Domain 
> are functional.
>
> To be exact, I still have some minor issues such as long logon times , 
> but soon I will resolve them to.
>
> All best,
> Antun
>
> On 08/27/2013 09:00 PM, Antun Horvat wrote:
>> Well that's the thing, I can only replicate DNS changes from WinDC to 
>> Samba, but not in other way.
>> I can't even update DNS records on Samba side, only on Windows side.
>>
>> I managed to figure out an error on Samba caused by RPC call:
>> dnsserver: Found DNS zone .
>> Failed to find DNS Zones in 
>> CN=MicrosoftDNS,DC=ForestDnsZones,DC=Radio101,DC=local
>>
>> Now I am surfing on the web trying to find some kind of solution.
>>
>> All best,
>> Antun
>>
>> On 08/27/2013 08:46 PM, Garth Keesler wrote:
>>> Interesting. Are Forest and Domain records being replicated in both 
>>> directions from all DCs? It always worked from the WinDC to the S4DC 
>>> but not in the other direction. Also, were you able to use the WIN 
>>> DNS MMC to examine the DNS records on any of the Samba DCs? If so, 
>>> you are probably close to having it working; something I never 
>>> managed to do.
>>>
>>> See ya...
>>> Garth
>>>
>>> On 08/27/2013 12:07 PM, Antun Horvat wrote:
>>>> Thanks for such quick reply,
>>>>
>>>> I have just executed "samba-tool drs showrepl" command and it seems 
>>>> that Forest and Domain LDAP DIT are being replicated successfully.
>>>> But I still doubt that it can not be fixed since all RR records 
>>>> that are added to w2k3 server are successfully propagated and 
>>>> present. All name resolution queries on samba reflect the state of 
>>>> w2k3 DNS.
>>>>
>>>> Is there some way to debug RPC calls so that we can more precisely 
>>>> locate the error?
>>>>
>>>>
>>>> All best,
>>>> Antun
>>>>
>>>> On 08/27/2013 06:40 PM, Garth Keesler wrote:
>>>>> This issue has been discussed at length before with no resolution 
>>>>> to my knowledge. If you use "samba-tool drs showrepl", you will 
>>>>> probably notice that Forest and Domain DNS is not being replicated 
>>>>> to/from all DCs. Additionally, if you use Win2003 DNS MMC, you 
>>>>> will not be able to detect that DNS is running on the Samba DCs 
>>>>> nor that they are DCs at all. I have only tested this using 
>>>>> internal Samba DNS but have found no workaround and have dropped 
>>>>> trying to use Samba to demote/replace a Win2003 DC for now.
>>>>>
>>>>> Good luck,
>>>>> Garth
>>>>>
>>>>> On 08/27/2013 09:58 AM, Antun Horvat wrote:
>>>>>>
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> i have an issue with existing installation of samba4 domain 
>>>>>> controller
>>>>>> that is specific to dns managment.
>>>>>> In the domain I have two samba4 4.0.7 and one windows 2003 server 
>>>>>> that I
>>>>>> plug periodically to manage the dns.
>>>>>> All fsmo roles are transfered to samba.
>>>>>>
>>>>>> All aspects of the domain work perfectly, except one, the 
>>>>>> samba-tool dns
>>>>>> commands do not work.
>>>>>> All commands when executed on samba server return "ERROR(runtime):
>>>>>> uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE')" 
>>>>>> error. The
>>>>>> same command pointed to windows server works fine.
>>>>>> All commands that add hosts to window are replicated to samba 
>>>>>> instances.
>>>>>>
>>>>>> The domain is functioning at 2003 native level (reported by windows
>>>>>> tool), but samba can't figure out the level.
>>>>>> Also when i try to demote the w2k3 server i get the error that 
>>>>>> "Active
>>>>>> Directory could not find another domain controller to transfer the
>>>>>> remaining data in the directory partition
>>>>>> DC=DomainDnsZones,Dc=example,dc=com"
>>>>>>
>>>>>> Could you please point me to the right resources so that i can 
>>>>>> resolve
>>>>>> my current issues.
>>>>>>
>>>>>> Thanks in advance, and I wish best to all Samba community.
>>>>>>
>>>>>> ps
>>>>>> If you need some kind of help, such as testing rc's in certain
>>>>>> configuration, please contact me.
>>>>>>
>>>>>>
>>>>>
>>>