[Samba] adjust SOA record
mourik jan heupink - merit
heupink at merit.unu.edu
Wed Aug 13 11:21:49 MDT 2014
Hi,
We have outdated SOA information in our samba DNS. We used to have a
DC1, and it is no more, however it's listed in our SOA records on both
remaining DC's. I think this is not correct.
I am under the impression that in order to get full failover support,
all DC's need to have listed themselves as SOA. This is also what google
tells me:
http://serverfault.com/questions/285021/in-a-2-dc-environment-should-both-dcs-host-ad-integrated-primary-zones-to-ensur
So, I would like to change the SOA, but the microsoft MMC DNS tools
don't let me do that, I'm getting
"The start of authority (SOA) record cannot be updated. The record does
not exist."
I'm not sure what the correct 4.1.7 samba-tool line should be:
> samba-tool dns update <server> <zone> <name> <A|AAAA|PTR|CNAME|NS|MX|SOA|SRV|TXT> <olddata> <newdata>
I'm unsure about <olddata> and <netdata>. Here is my current SOA, I
should replace <olddata> with this:
SOA: serial=3, refresh=900, retry=600, expire=86400, minttl=0,
ns=dc1.samba.company.com., email=hostmaster.samba.company.com.
(flags=600000f0, serial=3, ttl=3600)
Would this translate into something like:
> samba-tool dns update dc3.samba.company.com samba.company.com samba.company.com SOA dc1.samba.company.com. dc3.samba.company.com. hostmaster.samba.company.com. 4 900 600 86400 0 -U username
This can never be right? (and yes, I've tried it on my testserver, and
it does not work, getting "ERROR: Data requires 7 elements - nameserver,
email, serial refresh, retry, expire, minimumttl
Can anyone tell me what the correct magic is? (or: should I even be
updating the SOA to point to each separate DC at all?)
Regards,
MJ
More information about the samba
mailing list