[Samba] Internal DNS and Replication

Alan Schmitz aschmitz at silo.lib.ia.us
Wed Mar 27 20:26:52 MDT 2013

On 03/26/2013 08:32 PM, Dustin C. Hatch wrote:

> Can you post the full output of `samba-tool drs showrepl`?

I joined and removed my Samba server from Active Directory several times 
while testing, so I decided to start everything over from scratch. 
After I rebuilt Server 2008 and the Active Directory on Server1, I 
joined a Windows 7 machine named adwks11 to the domain.

Then I joined Server2 running Samba 4.0.4 as a DC.  The A record and 
CNAME record weren't added, so added them following the HOW-TO.  I also 
ran the ntdsutil commands that you provided earlier.

Here's the output for samba-tool drs and samba-tool dns:

samba-tool drs showrepl

samba-tool dns query localhost ankeny.local @ ALL

samba-tool dns query server1 ankeny.local @ ALL

The record for server2 never shows up in it's own DNS.  Later I joined 
another Windows 7 machine to the domain.  It shows up in server1's DNS, 
but it never gets replicated to server2.

> No, the client is only supposed to update the DC it authenticated
> against. The replication should pass the information along.

Does the internal DNS use Kerberos authentication for replication?  I'm 
using Centos 6, so I think I'm using the kinit from MIT Kerberos.  Could 
that be causing problems?


More information about the samba mailing list