[Samba] Join AD fails DNS update

Rowland Penny rowlandpenny at googlemail.com
Wed Jun 25 03:09:04 MDT 2014 

On 25/06/14 09:44, L.P.H. van Belle wrote:
> Dear Rowland... ;-) good friend.. ;-)
>
> It does not upset me and i just try to explain what happens here.
> there are 2 different ways how resolving can be done...
>
> try to understand this ....from the manual.. .
> ( and stop thinking for 1 second about the resolv.conf about whats right or wrong... )
>
> domain Local domain name.
> 	 If no domain entry is present, the domain is determined from the  local  hostname  returned  by
>         gethostname(2); the domain part is taken to be everything after the first '.'.
> 	 Finally, if the hostname does not contain a domain part, the root domain is assumed.
>
> 	The GNU C library does not employ the gethostname() system call; instead, it implements
>        gethostname() as a library function that calls uname(2) and copies up to len bytes from the returned nodename field into name.
>
> so this is exaly what happens within ubuntu.
>
> and when you also read..
> The uname() function documentation includes the following information:
> Note that there is no standard that says that the hostname set by sethostname(2)
> is the same string as the nodename field of the struct returned by uname()
>
> (indeed, some systems allow a 256-byte hostname and an 8-byte nodename), but this is true on Linux.
> The same holds for setdomainname(2) and the domainname field.
>
>
> This is why so many poeple have problems with this..
>
> 1 program uses the resolv.conf => man resolv.conf
>
> The other uses the GNU C library which in the end in a library function that calls uname(2)
> => man 2 uname
>
>
> The only thing i dont know is which program is doing what. :-/
>
>
> Just google around and you wil see lots of people who have problems with this.
>
>
> Louis
>
>
>
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: rowlandpenny at googlemail.com
>> [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>> Verzonden: woensdag 25 juni 2014 9:58
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Join AD fails DNS update
>>
>> On 25/06/14 08:35, L.P.H. van Belle wrote:
>>> And Again, there are 2 ways how resolving is done... read
>> the last part, i've put in a example...
>>> And, yes i know that....
>>>
>>>> The domain and search keywords are mutually exclusive.  If
>>>> more than one instance of these keywords is present, the
>> last instance wins.
>>> And yes, above is correct
>>>
>>> but you really need to understand that putting the domain
>> there also make this much easier to understand for none
>> experienced users.
>> No it doesn't, you cannot advise users to read manpages and
>> then ignore
>> what is in them!
>>
>>>>>     the domain name is determined from the hostname and the
>> domain search path is constructed from  the  domain name.
>>> and
>>>>>     The  search  list is normally determined from the local
>> domain name; by default, it contains only the local domain name.
>>>         This may be changed by listing the desired domain
>> search path following
>>> and
>>>>>     The domain and search keywords are mutually exclusive.
>> If more than one instance of these keywords is present, the
>> last instance wins.
>>> And to make sure you set the correct domain/search you can
>> put it like this, it wont hurt,
>>
>> No, it wont hurt, it wont help but it wont hurt.
>>
>>> it isnt wrong
>> Oh yes it is.
>>
>>> and it helps people put in the correct domain/search.
>> But you only need one.
>>
>>> it just adds the primary domain in the search 2 times.
>>>
>>> This is not wrong.
>>> domain search1.domain
>>> search search1.domain
>>> nameserver 1.1.1.1
>> Yes it is
>>
>>> this is the same and also not wrong..
>>> search search1.domain
>>> nameserver 1.1.1.1
>> you could use that
>>
>>> and this is also the same, and not wrong.
>>> domain search1.domain
>>> nameserver 1.1.1.1
>> Or that
>>
>>> but which one helps a newbe the most with what he/she is do-ing.
>>>
>>> ....
>> Either of the last two, but not the first.
>>
>>>    
>>>
>>> even...
>>> this is the same and not wrong. ( if you installed the right way )
>>> nameserver 1.1.1.1
>>>
>>> and dont forget this one.
>>>
>>> man gethostname
>>>>> The  GNU C library does not employ the gethostname()
>> system call; instead, it implements gethostname() as a library
>> function that calls uname(2)
>>> To draw another parallel, you seem to want the output of the
>> command  hostname --fqdn  (which depends on the resolver),
>> while others want  hostname .
>>
>> No, I don't, all I want is for correct info to be given, if
>> the manpage
>> says 'it is pointless doing this' then it is pointless advising other
>> people to do it. You personally can do what you like, but you
>> shouldn't
>> advise other people to do an incorrect thing, sorry if this
>> upsets you,
>> but it is just my opinion.
>>
>> Rowland
>>> getfqdn  seems to return a different result than
>> gethostname  if the hostname of the machine is an alias.
>>> For example if I have this in  /etc/hosts and with some
>> python testing.
>>> 127.0.0.1   localhost localhost.localdomain localhost2
>> localhost2.localdomain2 mypersonaldomainname.tld
>>>
>>> python -c 'import socket; print socket.getfqdn()'
>>> 	gives localhost.localdomain
>>>
>>> python -c 'import socket; print socket.gethostname()'
>>> 	gives  mypersonaldomainname.tld
>>>
>>>
>>> and same with cfengine.
>>> P.S. cfengine has sys.fqhost, sys.domain, sys.uqhost (which
>> seem to be DNS based) and sys.host (which seems to be
>> extracted from uname)
>>> I hope its now more clear.
>>>
>>> Best regards,
>>>
>>> Louis
>>>
>>>    
>>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
Hi Louis, yes I understand and agree with all that, but, I still cannot 
agree with advising somebody to do something that is technically 
incorrect. Adding both 'domain' and 'search' lines to resolv.conf is not 
required and which ever of them is the last to be added wins.

I think that a better suggestion would to advise users this:
Whether using dhcp or a static address, check that /etc/resolv.conf 
contains just a nameserver line pointing to the AD server and a search 
line pointing to the AD domain (which should be the dns domain).

If you are interested I found a thread discussing just what /etc/hosts 
should contain, which I think gives an insight on this problem: 
https://lists.debian.org/debian-devel/2013/07/msg00809.html

Rowland

More information about the samba mailing list