[Samba] Samba 4.2.14 Group Policy (GPO) sync error

rme at bluemail.ch rme at bluemail.ch
Thu Aug 4 07:46:34 UTC 2016

Hello Louis,

Thanks for your reply.

 > No, your output is not good.

So let's have a look.

 > >C:\Temp>netdom verify cyb64w10-monster
 > >The format of the specified computer name is invalid.
 > Thats not good.

Well, it quite clearly states the format is invalid. If I use the the FQDN of 
the AD domain it works fine. The DNS search is also including the AD domain as 
well as the primary DNS suffix is set to the AD domain (see below).

 > > C:\Temp>nslookup cyb64w10-monster
 > > Server:  UnKnown
 > > Address:  fdea:5b48:d4c1:1:1::6
 > Also not good.

It resolves fine. Just I missed the correct IPv6 PTR record from the DNS.

I did quickly fix this now (with no change to the result in GPO sync):
C:\Temp>nslookup cyb64w10-monster
Server:  skynet.cyberdyne.local
Address:  fdea:5b48:d4c1:1:1::6

Name:    cyb64w10-monster.ad.cyberdyne.local
Addresses:  2a02:120b:2c38:2951:8d95:bd76:deaa:73db

 > open dos box and type ipconfig /all

 > check you primary dns suffix AND dns search.
 > Normaly these are the same, can you check this?

 > My guess, your missing the dns-search

I actually get both suffixes and the primary DNS Suffix is set to 
ad.cyberdyne.local. The reason for this is that I am running a DNS zone 
including host data for my local LAN (cyberdyne.local) while the AD zone is 
entirely managed by bind_dlz (ad.cyberdyne.local). So in my DHCP configuration I 
am assigning the cyberdyne.local DNS domain name (dhcp.conf:
     option domain-name "cyberyne.local";

C:\Temp>ipconfig /all

Windows IP Configuration

    Host Name . . . . . . . . . . . . : cyb64w10-monster
    Primary Dns Suffix  . . . . . . . : ad.cyberdyne.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : ad.cyberdyne.local

 > Are you using ipv6 in your lan? If not, try disable it.
 > And try again.
 > If your using ipv6, then disable it, try it and enable it back.

Well, I am using IPv6 mainly for all services and don't want to disable it. 
Though I might try this temporary which will be quite a bunch of reconfiguration 
to disable IPv6 in all services. So I will come back with results on this later.

 > And post the resolv.conf and hosts files

My resolv.conf:

# Generated by net-scripts for interface lan0
domain ad.cyberdyne.local
search ad.cyberdyne.local cyberdyne.local
nameserver fdea:5b48:d4c1:1:1::6

my /etc/hosts:

# IPv4 and IPv6 localhost aliases       localhost
::1             localhost        skynet skynet.cyberdyne.local skynet.ad.cyberdyne.local
fdea:5b48:d4c1:1:1::6   skynet skynet.cyberdyne.local skynet.ad.cyberdyne.local

On clients I don't have any modifications to the stock Windows 10 hosts file, 
just containing localhost entries.

best regards,

More information about the samba mailing list