[Samba] DNS Issues when joining a Domain as a DC
Daniel Müller
mueller at tropenklinik.de
Thu Oct 16 04:12:56 MDT 2014
Is your first DC a Samba4 host?
Did you: samba-tool domain join YOURDOMAIN DC -Uadministrator
--realm=your.realm --dns-backend=BIND9_DLZ
samba-tool dns add your.master.dc your.realm YOUR.NEW.DC A your.new.dc.ip
-Uadministrator
host -t A YOUR.NEW.DC. must show no errors!!
What about your krb5.conf?
What about : samba-tool drs kcc -Uadministrator Your.domain.controllers ?
Ex:
samba-tool drs kcc -Uadministrator s4master.tplk.loc
Password for [TPLK\administrator]:
Consistency check on s4master.tplk.loc successful.
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Thomas Kempf
Gesendet: Donnerstag, 16. Oktober 2014 11:35
An: samba at lists.samba.org
Betreff: [Samba] DNS Issues when joining a Domain as a DC
Hi,
yesterday i tried to join a domain as a DC with bind9 as dns-backend on
Debian Wheezy with samba 4.1.11 from backports. I followed the tutorial in
the wiki https://wiki.samba.org/index.php/Join_a_domain_as_a_DC but didn'
find the instruction completely clear, so perhaps i made a mistake during
the join.
It is written there:
"If you choose BIND as DNS backend, instead of the internal DNS, then you,
of course, have to finish this before you continue"
I could not figure out how to finish configuring bind as a backend, when the
keytab file and the other bind-related files get created after joining the
domain.
So i ran the join command first, and with the files created in this step, i
was able to get the DC up and running...
I had to manually create the A and CNAME records on the old DC like it is
written in the wiki in the part "Check required DNS entries of the new
host". my guess was, that those entries should be replicated later on to the
new DC seems not to work.
When i check the name resolving of the A record on the newly joined DC it
does not resolve whereas on the old one it works fine.
AD-Domain is ad.hueper.de
old DC is dns2.ad.hueper.de
new DC is dns1.ad.hueper.de
dns1:~# host -t A dns1.ad.hueper.de dns2.ad.hueper.de Using domain server:
Name: dns2.ad.hueper.de
Address: 192.168.0.2#53
Aliases:
dns1.ad.hueper.de has address 192.168.0.1
dns1:~# host -t A dns1.ad.hueper.de dns1.ad.hueper.de Using domain server:
Name: dns1.ad.hueper.de
Address: 192.168.0.1#53
Aliases:
Host dns1.ad.hueper.de not found: 3(NXDOMAIN)
When i look at the servers using RSAT DNS-Manager i can see the A-Record on
both DNS-Servers, so i wonder why doesn't it resolve on the new DC ?
Is it save to delete the A and CNAME Records and recreate them using RSAT ?
kind regards
Tom
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list