[Samba] migrate from win2012srv to samba 4.1.17-Sernet-Debian-9.wheezy

Rowland Penny rowlandpenny at googlemail.com
Tue Mar 17 09:38:44 MDT 2015

On 17/03/15 15:07, Sam wrote:
> I just go down in the script and found an acl called "thisserverip" 
> with value SETIPPDC1.
> And this variable is used for this line :
> listen-on port 53 {"thisserverip",; ];
> Is it not strange that the pdc1 windows server Ip is coming here?
> Thanks.
> Sam
> Le 17/03/2015 15:14, Rowland Penny a écrit :
>> On 17/03/15 14:00, Sam wrote:
>>>  Hello,
>>> I'm trying to join a debian/samba4 to a win 2012 srv with this 
>>> scripts : 
>>> https://secure.bazuin.nl/scripts/this_is_the_old_set_of_scripts/
>>> ( the join method is available only on 
>>> "this_is_the_old_set_of_scripts")
>>> I'm facing different problems with the dns (bind9)
>>> My question is :
>>> in 2-setup-sernet-samba4-ADDC-wheezy-JOIN-DC.sh script, What value 
>>> should I put for SETIPDC1 under BIND9/DNS related settings? Is it 
>>> the windows 2012 server ip or the new samba4 ip?
>>> I'm asking this because in this script, we can read :
>>> ## the ip of DC1 should match the hostname above. ( which is set by 
>>> default at
>>> ## hostname in single word, but you dont need to change this
>>> SETHOSTNAME=`hostname -s`)
>>> and we can read more down :
>>> ## Put here the IP of the first DC you installed.
>>> Just a bit strange, so I would like to be sure for put these value 
>>> correctly...
>>> Thanks! :)
>> It says '## Put here the IP of the first DC you installed' it may 
>> better put as ' ## Put here the IP of the DC with the PDC FSMO.'
>> Which in your case would be the windows DC.
>> Rowland

Yes, If you look at where the DCs ipaddresses are set:

## Put here the IP of the first DC you installed.
SETIPDC2="`ifconfig eth0 | grep "inet addr" | awk -F: '{print $2}' | awk 
'{print $1}'`"

The first would be your original DC, the second gets the IP of the host 
you are running the script on

Next (if you installed with dhcp), /etc/hosts would be rewritten with 
the *wrong* ip

echo "==========Hosts==============================="
if [ ! -z  "`cat /etc/hosts | grep ${SETHOSTNAME} | grep`" ]; then
     echo "your system was setup with dhcp, i'll correct your hosts file 
for you."
     echo "       localhost" > /etc/hosts
     echo "${SETIPDC1}     ${SETFQDN}   ${SETHOSTNAME}"  >> /etc/hosts

Then /etc/resolv.conf would be rewritten

echo "==========Resolv.conf 1 ==============================="
cat << EOF > /etc/resolv.conf
nameserver ${SETIPDC1}
nameserver ${SETIPDC2}

Note: You do not need the 'domain' line and in fact should remove it.

Finally, This is just wrong, 'SETIPDC1' should be 'SETPIDC2'

cat << EOF > /etc/bind/named.conf.options
// Defined ACL Begin
acl thisserverip {

None of this really matters to you, as Marc has pointed out, you cannot 
join a samba4 DC to a windows 2012 Domain.


More information about the samba mailing list