[Samba] DNS issues after FSMO seize

lingpanda101 at gmail.com lingpanda101 at gmail.com
Fri Apr 1 17:26:03 UTC 2016

On 3/31/2016 3:12 PM, IT Admin wrote:
> Aaaaaaand more problems... Welcome to the continuing saga of FILER.
> It appears that neither SOA or NS records were updated during the process
> of moving fsmo roles to CBADC01.  SOA entries on all three active DCs point
> to FILER.  There aren't any NS records for any of the new DCs, only FILER.
> In RSAT each DNS server's  properties show filer.cb.cliffbells.com is the
> primary server.  This looks at awful lot like this to me:
> https://lists.samba.org/archive/samba/2015-October/195352.html
> This process is killing me.
> I assume this misconfiguration is in large part responsible for
> authentication and share access issues I'm now experiencing (I sent a reply
> to my last thread on failing to join DCs to the domain but received no
> replies).  I'm of the opinion mentioning this potential failure along with
> the procedure to mitigate the issue would be useful on the wiki page
> detailing transfer/seize fsmo roles...  If I read things right if the
> original fsmo role holder has been demoted prior to identifying the failure
> samba-tool won't be able to query the original DC and manual intervention
> will be required?
> Please advise.  This client is about ready to throw me off the roof and
> abandon the system for quill and ink by candle light.  I'm considering just
> going with it.
> JS
I should mention the syntax to update the SOA if you do not know. I did 
this back in the Samba 4.0 days. Not sure if things have changed.

samba-tool dns update SOA "fqdn_dns fqdn_email serial refresh retry 
expire minimumttl"


More information about the samba mailing list