[Samba] Win 2008srv to Samba4 DNS problems

Sam sr42354 at gmail.com
Mon Mar 30 08:28:08 MDT 2015 

Maybe this KB 817470 MUST be done only on windows 2003 srv?
I don't find the KB for 2008... and 2008 is not on the APPLIES TO section...
I think I'm going to test this KB on a 2003... ( window2000 -> windows 
2003 -> KB 817470 -> Samba4 join )
I Hope it will rocks!

Le 30/03/2015 11:17, Denis Cardon a écrit :
> Hi Sam,
>
>> I try to migrate form an old windows AD ( win 2000 )
>> So I use a temporary windows2008R2 to move AD from win2000 to S4.
>> Forest and domain level are W2008R2.
>> Now I have some problems with the dns in samba4. I have no answers even
>> in local from samba4.
>>
>> If I try to move from a new empty windows 2008 ad, The service start and
>> answer well...
>> So I think something in my old DNS database is missing or disturbing...
>
> You may check if it is not an issue with the _msdcs zone: in win2k, 
> the _msdcs zone was a subzone under the domain.lan zone. From win2k3 
> onward, it is a separate zone because it is located in a separate AD 
> partition. The change from dc=domain,dc=lan partition to the 
> dc=ForestDNSZones,dc=domain,dc=lan partition is not automatic.
>
> You may take a look at http://support.microsoft.com/en-us/kb/817470
>
> Cheers,
>
> Denis
>
>>
>> I just have done this on the dns :
>> (http://support.microsoft.com/fr-fr/kb/817470)
>>
>>
>> But in the new Windows 2008, I can see something that I don't have in
>> the old:
>>
>>
>> What I am missing? Is there a best practice guide for preparing DNS to
>> follow before joining a samba4? ( remove windows 2000 AD compatibility
>> for instance...)
>>
>> Thanks all!
>>
>> Samuel
>>
>> ps : here is my syslog details :
>>
>> Mar 27 11:46:00 S4 named[2226]: starting BIND 9.8.4-rpz2+rl005.12-P1 -u
>> bind -4
>> Mar 27 11:46:00 S4 named[2226]: built with '--prefix=/usr'
>> '--mandir=/usr/share/man' '--infodir=/usr/share/info'
>> '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads'
>> '--enable-largefile' '--with-libtool' '--enable-shared'
>> '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr'
>> '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6'
>> 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2'
>> Mar 27 11:46:00 S4 named[2226]:
>> ----------------------------------------------------
>> Mar 27 11:46:00 S4 named[2226]: BIND 9 is maintained by Internet Systems
>> Consortium,
>> Mar 27 11:46:00 S4 named[2226]: Inc. (ISC), a non-profit 501(c)(3)
>> public-benefit
>> Mar 27 11:46:00 S4 named[2226]: corporation.  Support and training for
>> BIND 9 are
>> Mar 27 11:46:00 S4 named[2226]: available at https://www.isc.org/support
>> Mar 27 11:46:00 S4 named[2226]:
>> ----------------------------------------------------
>> Mar 27 11:46:00 S4 named[2226]: adjusted limit on open files from 4096
>> to 1048576
>> Mar 27 11:46:00 S4 named[2226]: found 2 CPUs, using 2 worker threads
>> Mar 27 11:46:00 S4 named[2226]: using up to 4096 sockets
>> Mar 27 11:46:00 S4 named[2226]: loading configuration from
>> '/etc/bind/named.conf'
>> Mar 27 11:46:00 S4 named[2226]: reading built-in trusted keys from file
>> '/etc/bind/bind.keys'
>> Mar 27 11:46:00 S4 named[2226]: using default UDP/IPv4 port range:
>> [1024, 65535]
>> Mar 27 11:46:00 S4 named[2226]: using default UDP/IPv6 port range:
>> [1024, 65535]
>> Mar 27 11:46:00 S4 named[2226]: no IPv6 interfaces found
>> Mar 27 11:46:00 S4 named[2226]: listening on IPv4 interface lo,
>> 127.0.0.1#53
>> Mar 27 11:46:00 S4 named[2226]: listening on IPv4 interface eth0,
>> 172.20.2.2#53
>> Mar 27 11:46:00 S4 named[2226]: generating session key for dynamic DNS
>> Mar 27 11:46:00 S4 named[2226]: sizing zone task pool based on 5 zones
>> Mar 27 11:46:01 S4 named[2226]: Loading 'AD DNS Zone' using driver 
>> dlopen
>> Mar 27 11:46:01 S4 ntpd[2301]: ntpd 4.2.6p5 at 1.2349-o Sat Feb  7 11:05:48
>> UTC 2015 (1)
>> Mar 27 11:46:01 S4 ntpd[2302]: proto: precision = 0.100 usec
>> Mar 27 11:46:01 S4 ntpd[2302]: Listen normally on 0 lo 127.0.0.1 UDP 123
>> Mar 27 11:46:01 S4 ntpd[2302]: Listen normally on 1 eth0 172.20.2.2 
>> UDP 123
>> Mar 27 11:46:01 S4 ntpd[2302]: peers refreshed
>> Mar 27 11:46:01 S4 ntpd[2302]: Listening on routing socket on fd #18 for
>> interface updates
>> Mar 27 11:46:01 S4 ntpd[2302]: MS-SNTP signd operations currently block
>> ntpd degrading service to all clients.
>> Mar 27 11:46:02 S4 samba[2374]: [2015/03/27 11:46:02.896676,  0]
>> ../source4/smbd/server.c:370(binary_smbd_main)
>> Mar 27 11:46:02 S4 samba[2374]:   samba version
>> 4.1.17-SerNet-Debian-10.wheezy started.
>> Mar 27 11:46:02 S4 samba[2374]:   Copyright Andrew Tridgell and the
>> Samba Team 1992-2013
>> Mar 27 11:46:03 S4 named[2226]: samba_dlz: started for DN
>> DC=ariane,DC=intra
>> Mar 27 11:46:03 S4 named[2226]: samba_dlz: starting configure
>> Mar 27 11:46:03 S4 named[2226]: samba_dlz: configured writeable zone
>> '_msdcs.ariane.intra'
>> Mar 27 11:46:03 S4 named[2226]: using built-in root key for view 
>> _default
>> Mar 27 11:46:03 S4 named[2226]: set up managed keys zone for view
>> _default, file 'managed-keys.bind'
>> Mar 27 11:46:03 S4 named[2226]: command channel listening on 
>> 127.0.0.1#953
>> Mar 27 11:46:03 S4 named[2226]: zone 0.in-addr.arpa/IN: loaded serial 1
>> Mar 27 11:46:03 S4 named[2226]: zone 127.in-addr.arpa/IN: loaded 
>> serial 1
>> Mar 27 11:46:03 S4 named[2226]: zone 255.in-addr.arpa/IN: loaded 
>> serial 1
>> Mar 27 11:46:03 S4 named[2226]: zone localhost/IN: loaded serial 2
>> Mar 27 11:46:03 S4 named[2226]: managed-keys-zone ./IN: loaded serial 2
>> Mar 27 11:46:03 S4 named[2226]: running
>> Mar 27 11:46:04 S4 ntpdate[1701]: the NTP socket is in use, exiting
>> Mar 27 11:46:04 S4 ntpdate[1670]: the NTP socket is in use, exiting
>> Mar 27 11:46:04 S4 ntpdate[1668]: the NTP socket is in use, exiting
>> Mar 27 11:46:04 S4 /usr/sbin/cron[2525]: (CRON) INFO (pidfile fd = 3)
>> Mar 27 11:46:04 S4 /usr/sbin/cron[2527]: (CRON) STARTUP (fork ok)
>> Mar 27 11:46:04 S4 /usr/sbin/cron[2527]: (CRON) INFO (Running @reboot 
>> jobs)
>> Mar 27 11:46:04 S4 samba[2376]: [2015/03/27 11:46:04.862709,  0]
>> ../source4/smbd/server.c:488(binary_smbd_main)
>> Mar 27 11:46:04 S4 samba[2376]:   samba: using 'standard' process model
>> Mar 27 11:46:04 S4 samba[2376]: [2015/03/27 11:46:04.885661,  0]
>> ../lib/util/become_daemon.c:136(daemon_ready)
>> Mar 27 11:46:07 S4 kernel: [   17.220877] eth0: no IPv6 routers present
>> Mar 27 11:46:07 S4 samba[2792]: [2015/03/27 11:46:07.388008,  0]
>> ../source4/librpc/rpc/dcerpc_util.c:681(dcerpc_pipe_auth_recv)
>> Mar 27 11:46:07 S4 samba[2792]:   Failed to bind to uuid
>> 12345678-1234-abcd-ef00-01234567cffb for
>> 12345678-1234-abcd-ef00-01234567cffb at ncalrpc:127.0.0.1[DEFAULT,sign,seal] 
>> NT_STATUS_ACCESS_DENIED
>>
>> Mar 27 11:46:07 S4 smbd[2785]: [2015/03/27 11:46:07.551928,  0]
>> ../lib/util/become_daemon.c:136(daemon_ready)
>> Mar 27 11:46:08 S4 kernel: [   17.940675] eth1: no IPv6 routers present
>> Mar 27 11:46:21 S4 samba[2791]: [2015/03/27 11:46:21.280522,  0]
>> ../source4/dsdb/repl/replicated_objects.c:818(dsdb_replicated_objects_commit) 
>>
>>
>> Mar 27 11:46:21 S4 samba[2791]:
>> ../source4/dsdb/repl/replicated_objects.c:818 Failed to prepare commit
>> of transaction: operations error at
>> ../source4/dsdb/samdb/ldb_modules/descriptor.c:1147
>> Mar 27 11:46:21 S4 samba[2791]: [2015/03/27 11:46:21.283141,  0]
>> ../source4/dsdb/repl/drepl_out_helpers.c:758(dreplsrv_op_pull_source_apply_changes_trigger) 
>>
>>
>> Mar 27 11:46:21 S4 samba[2791]:   Failed to commit objects:
>> WERR_GENERAL_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
>>
>

More information about the samba mailing list