[Samba] joining second DC to domain and non creation of DC DNS records

[Dirk Laurenz]

Hello Rowland,

just hat a similar problem with 4.3.0. What fixed my problem was:

stop samba
switch to samba internal backend
remove dns-dc record
switch back to bind backend
afterwards, everything worked for me

Am 22.10.2015 um 22:06 schrieb Rowland Penny:
> Hi, I am in the middle of creating (or should that be re-creating) my 
> test domain, creation of the first DC went without incidence, so I 
> moved on to the second DC and this is where the problems started.
>
> I downloaded samba 4.3.1 and compiled it, I then setup bind9 etc and 
> joined the new DC to the domain, everything seemed ok, so I then 
> started testing DNS. This is where I found that my nice new DC did not 
> have a DNS record.
>
> I then remember that there was a problem, so scanned the wiki (well 
> somebody has to read it) and found this page:
>
> https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_joins
>
> This described my problem precisely, so I started to follow it, but it 
> didn't fully fix my problem, in fact it changed it to another.
>
> So I went to this page : 
> https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable
>
> and started to follow it, but it all went pear shaped when I deleted 
> the bind dns account and then samba flatly refused to recreate it, 
> saying it still existed, when plainly it didn't ( I later found lower 
> down the page, that this was another known bug, but I totally missed 
> it when I first read the page. Note to Marc, I will be altering that 
> page!)
>
> So, having totally missed the next bug, what did I do, well as this 
> was a new DC, I stopped bind and samba, removed /usr/local/samba and 
> re-ran 'make install' and tried again, this time everything worked. 
> The only difference was that this time the new DCs dns record was 
> already in AD on the first DC.
>
> I now know how to join any more DCs, precreate the new DCs dns records 
> in AD before joining it.
>
> Rowland
>
>