[Samba] Samba Internal DNS vs. BIND_DLZ

Jim Seymour jseymour at LinxNet.com
Tue Sep 1 19:01:52 UTC 2015 

On Fri, 28 Aug 2015 14:41:09 +0200
L.P.H. van Belle <belle at bazuin.nl> wrote:

[snip]
> 
> If you can read bash scripts, and if not, try, its not that hard. 
> 
> get this script if you use ubuntu 14.04.. 
> https://secure.bazuin.nl/scripts/4-jessie-samba-DC.sh 
> read through it, it explains itself, i just didnt test it on ubuntu,

Doesn't work.  Some things that went wrong:

    Usage: samba-tool domain provision [options]

    samba-tool domain provision: error: no such option: --site

    stat: cannot stat ‘/var/lib/samba/private/dns.keytab’: No such file
    or directory
    (also chown and chmod failed)

    enable-ing access for bind in /var/lib/samba/private

    sed: can't read /etc/samba/smb.conf: No such file or directory
    (4 times)

    Setting up the SePrivileges, this wil take a while
    kinit: Cannot contact any KDC for realm 'EXAMPLE.COM' while getting
    initial credentials
    Enter Administrator's password:
    Could not connect to server 127.0.0.1
    Connection failed: NT_STATUS_CONNECTION_REFUSED
    (Those last three lines many times)

    Failed to connect host 172.24.125.35 on port 135 -
    NT_STATUS_CONNECTION_REFUSED

    Failed to connect host 172.24.125.35 (host.example.com) on port 135
    - NT_STATUS_CONNECTION_REFUSED.

    ERROR(runtime): uncaught exception - (-1073741258, 'The connection
    was refused')

      File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
      line 175, in _run return self.run(*args, **kwargs)

      File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
      847, in run dns_conn = dns_connect(server, self.lp, self.creds)
      
      File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
      37, in dns_connect dns_conn = dnsserver.dnsserver(binding_str,
      lp, creds)

And more, but there's probably little point in reproducing the rest.

> but the basics are the same. 
> Just keep the install order as in the script, thats most important. 

I guess I'll just read the script and try it manually.

[snip]
> 
> etc. . 
> all you need to know is in this script. 
> try it, and i say, you wil have a perfect working samba 4 AD DC with
> bind9_DLZ. 
[snip]

We'll see.

Thanks for your help.  I'll give it one more go.  If that fails they I
revert to a plain old Samba server and if they ever want AD they can
buy a MS-Win server.

Thanks,
Jim
-- 
Note: My mail server employs *very* aggressive anti-spam
filtering.  If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.LinxNet.com/contact/scform.php>.

More information about the samba mailing list