[Samba] Question about adding DNS records

Daniel Müller mueller at tropenklinik.de
Thu Jul 24 03:27:23 MDT 2014 

You set properties in resolv.con?
You did join the DC as descriped without any errors!?
Both Dcs can ping each other !?
On your first DC: 
samba-tool dns add FIRSTDC YOUR.REALM SECONDDC A 172.16.32.222
-Uadministrator

ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)' --cross-ncs
objectguid

You must see 2 records FIRSTDC SECONDDC ex:

# record 1
dn: CN=NTDS
Settings,CN=S4MASTER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Confi
guration,DC=tplk,DC=loc
objectGUID: 8b83fe75-2e98-464b-b121-2c434c179c82

# record 2
dn: CN=NTDS
Settings,CN=S4SLAVE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Config
uration,DC=tplk,DC=loc
objectGUID: 0fae0583-b14c-421b-b622-00fbfaf1826c   

# returned 2 records
# 2 entries
# 0 referrals

Then with the right objectGUID:
samba-tool dns add FIRSTDC  _msdcs.tplk.loc  xxxx-xxxx-xxxx-xxxx-xxxxxxx
CNAME SECONDDC.your.realm  -Uadministrator

make your reverse entry for SECONDDC:
samba-tool dns add FIRTSTDC  YOUR.REVERSE.ZONE.in-addr.arpa XXX  PTR
SECONDDC.your.realm

Test from your SECONDDC:

samba-tool drs kcc -Uadministrator seconddc.your.realm
ex:
samba-tool drs kcc -Uadministrator s4master.tplk.loc
Password for [TPLK\administrator]:
Consistency check on s4master.tplk.loc successful.

Good Luck
Daniel


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de




-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Bouke J. Henstra
Gesendet: Mittwoch, 23. Juli 2014 21:29
An: samba at lists.samba.org
Betreff: [Samba] Question about adding DNS records

Hello all,

I managed to install an extra DC.
The first DC is comsrv01a with ip 192.168.0.200.
I run Samba 4.1.9 and BIND 9.8.1-P1.

The new DC is srv01ham with ip 172.16.32.222.
I use the internal DNS.
I run Samba 4.1.9.

I use a permanent LAN-2-LAN VPN via my Draytek routers.
The first DC (comsrv01a, 192.168.0.200) is my primary DNS server. This is
configured in all my routers and DHCP servers.

I followed the documents:
1. "Join a domain as a DC"
>> http://wiki.samba.org/index.php/Join_a_domain_as_a_DC
2. Samba AD DC HOWTO
>> http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO

I would like to add the new DC to DNS.
I followed the information that I found at
http://wiki.samba.org/index.php/Join_a_domain_as_a_DC#Check_required_DNS_e
ntries_of_the_new_host

Unfortunately I get the following error message.

root at comsrv01a:/opt/samba/bin# ./samba-tool dns add 192.168.0.200 th01.inet
SRV01HAM A 172.16.32.222 -Uadministrator Password for [TH01\administrator]:
ERROR(runtime): uncaught exception - (9717,
'WERR_DNS_ERROR_DS_UNAVAILABLE')
  File "/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File "/opt/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", line
1067, in run
    0, server, zone, name, add_rec_buf, None)

I would like to know how to fix this issue.
I found some information about this but I just can't get my head around.
Some indicate it is a bug and others write it has to do with RPC... I am
lost at this moment.

Also the log files don't lead me into the direction of a solution.
Help would be very much appreciated. Please let me know if I need to post
more details. Please help. I will reward you with beer or wine (when
successful).

Kind regards,

Bouke
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list