[Samba] Secondary Samba4 DC doesn't show up in "host -t SVR _ldap..." output.
Martinx - ジェームズ
thiagocmartinsc at gmail.com
Thu Jul 10 02:14:29 MDT 2014
Guys,
I just deployed "Samba4 AC DC", with a Secondary DC in place, the
replication seems to be working as expected, the command "samba-tool drs
showrepl" shows INBOUND / OUTBOUND / KCC CONNECTIONS, plus, "log level = 3"
on both servers shows a lot of information about the replication...
But, when I run:
---
host -t SRV _ldap._tcp.central.tcmc.com.br
---
I'm seeing only the "Primary DC" there, like this:
---
_ldap._tcp.central.tcmc.com.br has SRV record 0 100 389
ubuntu-ad-1.central.tcmc.com.br.
---
But, the current "Windows AD Servers" that I have up and running, shows all
3 AD Servers, like this:
---
root at ubuntu-desk-1:~# host -t SRV _ldap._tcp.tcmc.intranet
_ldap._tcp.tcmc.intranet has SRV record 0 100 389 adserver03.tcmc.intranet.
_ldap._tcp.tcmc.intranet has SRV record 0 100 389 adserver02.tcmc.intranet.
_ldap._tcp.tcmc.intranet has SRV record 0 100 389 adserver01.tcmc.intranet.
---
My plan is to remove those "Windows AD", by Samba4 AD and, now, I'm not
sure if the "Secondary DC" is active, or not...
More info:
---
root at ubuntu-ad-1:~# lsb_release -ra
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04 LTS
Release: 14.04
Codename: trusty
root at ubuntu-ad-1:~# samba -V
Version 4.1.6-Ubuntu
---
Domain provisioned with:
---
samba-tool domain provision --realm central.tcmc.com.br --domain TCMC
--adminpass 123456Test --server-role=dc --use-xattr=yes --use-rfc2307
--function-level=2008_R2 --dns-backend=BIND9_DLZ
---
Secondary DC joined with:
---
samba-tool domain join central.tcmc.com.br DC -Uadministrator --realm=
central.tcmc.com.br --dns-backend=BIND9_DLZ
---
Secondary DC IPs manually registered with:
---
samba-tool dns add 192.168.15.221 central.tcmc.com.br
ubuntu-ad-2.central.tcmc.com.br A 192.168.15.222 -Uadministrator
samba-tool dns add 2001:1291:2bf:fffa::66 central.tcmc.com.br
ubuntu-ad-2.central.tcmc.com.br AAAA 2001:1291:2bf:fffa::99 -Uadministrator
samba-tool dns add 192.168.15.221 _msdcs.central.tcmc.com.br
f8dbeaed-ae73-4e62-9b9b-02af880d084b CNAME ubuntu-ad-2.central.tcmc.com.br
-Uadministrator
---
---
root at ubuntu-ad-1:~# samba-tool domain level show
ldb_wrap open of secrets.ldb
Domain and forest function level for domain
'DC=central,DC=tcmc,DC=com,DC=br'
Forest function level: (Windows) 2008 R2
Domain function level: (Windows) 2008 R2
Lowest function level of a DC: (Windows) 2008 R2
---
So, why Secondary DC (ubuntu-ad-2), which is another Samba4 on top of
Ubuntu 14.04 (almost a clone of PDC ubuntu-ad-1), doesn't get its _ldap DNS
entry? Can I manually add it? I'm thinking that if it is not there,
something is wrong, so, it is not safe to point it by hand, am I right?
Thanks!
Thiago
More information about the samba
mailing list