[Samba] Internal DNS and Replication

Dustin C. Hatch admiralnemo at gmail.com
Tue Mar 26 14:48:39 MDT 2013 

On 3/26/2013 14:15, Alan Schmitz wrote:
> I'm trying to join a Linux server running Samba 4.0.4 as a DC to an
> existing AD domain.  The current DC (server1) is running Server 2008 not
> R2.  The Samba server (server2) is using internal DNS.  I'm following
> "Samba4/HOWTO/Join a domain as a DC" from the wiki.  The join seems to
> work, but I'm having problems with DNS replication.
>
> During the join many DNS records for server2 are added to server1's DNS.
>   The A records for server1 and several Windows workstations are also
> added to server2's DNS.
>
> After the join, I followed the steps listed under "Check required DNS
> entries of the new host", and I added the records that weren't added
> during the join.  I also ran "samba-tool drs kcc".
>
> A "samba-tool dns query" of the Samba server shows server2 as
> "Name=server2, Records=0, Children=0" with no corresponding IP address.
>
> "samba-tool drs showrepl server1" shows inbound neighbors, outbound
> neighbors, and kcc connection objects.  "samba-tool drs showrepl
> server2" shows no outbound neighbors and always ends with "Warning: No
> NC replicated for Connection".
>
> When I join a Windows 7 workstation to Active Directory, DNS entries are
> added to server1, but they never show up on server2.
>
> Running "samba_dnsupdate --verbose" shows no errors and ends with "No
> DNS Updates needed".
>
> Is DNS replication supposed to work between a DC running Server 2008 and
> Samba4 with internal DNS?  There's nothing showing up in the logs about
> DNS, so what should I do to debug this?
>
> Thanks,
> Alan

This sounds very similar to a problem I was having, though not quite. In 
my situation, DNS changes on the existing DC were replicated to the 
Samba server, but not vice versa. I ended up solving the problem by 
manually listing the Samba server as holding a replica of the 
DomainDnsZones and ForestDnsZones application partitions. Try running 
these commands on a Windows machine:

ntdsutil "part man" "conn" "con to ser <windowsdc>" q "add nc replica 
DC=DomainDnsZones,DC=<domain>,DC=<tld> <linuxdc>" q q
ntdsutil "part man" "conn" "con to ser <windowsdc>" q "add nc replica 
DC=ForestDnsZones,DC=<domain>,DC=<tld> <linuxdc>" q q

Replace the items in angle brackets with their actual values (removing 
the brackets), of course.

Hope this helps.

-- 
♫Dustin

More information about the samba mailing list