[Samba] Samba internal dns problem / No domain service

Rowland Penny rowlandpenny at googlemail.com
Fri Nov 7 02:11:56 MST 2014 

On 07/11/14 08:27, sr wrote:
> All seems ok because I have only "1341/samba" listenning process. But 
> I don't have the 953 port line...
> If I read the /etc/service file I have for the port 953 tcp and udp 
> "rndc control sockets (BIND9)"
> Should I remove this lines since I don't have named installed?
> ( and manualy add this line? Or restart samba install... )
> thanks.
>
>
> Le 06/11/2014 17:38, Rowland Penny a écrit :
>> On 06/11/14 16:27, sr wrote:
>>> Does this problem could come from a port occupied by another program 
>>> in the / etc / services file? And which one?
>>
>> If something else is listening on port 53, then yes, as you are using 
>> the internal DNS server, you shouldn't have any other DNS program 
>> running on the same server, i.e. dnsmasq, bind etc
>>
>> Try running 'netstat -tulpn | grep 53 | grep LISTEN' on the samba4 AD DC
>>
>> I use Bind9 and get:
>>
>> tcp        0      0 192.168.0.2:53          0.0.0.0:* LISTEN 2346/named
>> tcp        0      0 127.0.0.1:53            0.0.0.0:* LISTEN 2346/named
>> tcp        0      0 127.0.0.1:953           0.0.0.0:* LISTEN 2346/named
>>
>> Rowland
>>
>>>
>>> Samuel
>>>
>>> Le 06/11/2014 13:41, sr a écrit :
>>>>
>>>> Le 06/11/2014 12:25, Rowland Penny a écrit :
>>>>> On 06/11/14 10:59, sr wrote:
>>>>>>
>>>>>> Le 06/11/2014 11:23, Rowland Penny a écrit :
>>>>>>> On 06/11/14 10:16, sr wrote:
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I'm trying to move from a windows 2008R2 domain controler to 
>>>>>>>> samba4 ( centos 6.5 x64 + samba v 4.1.13 )
>>>>>>>> For now, both of server are working as AD controlers.
>>>>>>>
>>>>>>> How did you join the Samba4 DC to the windows domain ?
>>>>>> I followed the wiki guide "Join a domain as a DC" with no problem 
>>>>>> unless for the msdcs CNAME entry of the new dc, which return 
>>>>>> error ( I did it with the win2000 graphical interface, like 
>>>>>> others guys in the same situation )
>>>>>
>>>>> SO, 'host -t CNAME YOUR_objectGUID._msdcs.samba4.domain.com.' does 
>>>>> not return a CNAME, have you run:
>>>>>
>>>>> samba-tool dns add IP-of-your-DNS _msdcs.samba4.domain.com 
>>>>> YOUR_objectGUID CNAME DC2.samba4.domain.com -Uadministrator
>>>>>
>>>>> Also, I see that you mention 'the win2000 graphical interface' , I 
>>>>> wonder if this is the problem, the lowest function level of Samba4 
>>>>> AD is 2003 ?
>>>>>
>>>>> Rowland
>>>> No, the command 'host -t CNAME 
>>>> YOUR_objectGUID._msdcs.samba4.domain.com.' return 'host -t CNAME 
>>>> YOUR_objectGUID._msdcs.samba4.domain.com is an alias for 
>>>> samba4.domain.com'.
>>>> whops! I would says "win2008 graphical interface. ;)
>>>> I tryed a first install with domain and forest with a 2008 
>>>> functional level with the same problem... ( now it's a 2003 domain 
>>>> and forest functional level )
>>>> Thanks.
>>>>
>>>> Samuel
>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> But I can't manage DNS from a windows client with the graphical 
>>>>>>>> tool... ( it says "active directory not available, ..." )
>>>>>>>>
>>>>>>>> On samba server if I try the following command
>>>>>>>> "samba-tool dns zonelist samba4.domain.com"
>>>>>>>>
>>>>>>> Is 'samba4.domain.com' your dns domain on both DC's ? also I 
>>>>>>> take that you are adding '-UAdministrator' to the above command.
>>>>>> Yes. Like the W2008 server
>>>>>>>
>>>>>>> Rowland
>>>>>>>
>>>>>>>> the following message appears
>>>>>>>> "9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE"
>>>>>>>>
>>>>>>>> and if I shutdown the win2008 server the message is 
>>>>>>>> "NT_STATUS_IO_TIMEOUT"
>>>>>>>>
>>>>>>>> any help will be fully appreciate! :)
>>>>>>>> Thanks! :)
>>>>>>>>
>>>>>>>> Samuel
>>>>>>>
>>>>>> thanks
>>>>>
>>>>
>>>
>>
>
You can ignore the lack of the '953' line, it is, as you say, the bind 
command port.
Do you by any chance have selinux running, I have spent time in the 
past, trying to find out just why a program wouldn't work and it turned 
out that Selinux was stopping something happening.

I wonder if the directory structure is ok? try running this on the 
samba4 DC:

ldbedit -e nano -H /var/lib/samba/private/sam.ldb --cross-ncs -b 
"CN=MicrosoftDNS,DC=ForestDnsZones,DC=example,DC=com"

You may have to alter the path to sam.ldb.

Rowland

More information about the samba mailing list