[Samba] Samba 4.2.14 Group Policy (GPO) sync error

L.P.H. van Belle belle at bazuin.nl
Thu Aug 4 08:14:11 UTC 2016 

Just I missed the correct IPv6 PTR record from the DNS.                                     

Ok and whats obligated for a correct working kerberos environment. 

Ahh.. Yes... dns A and PTR records. ;-) so one thing fixed thats ok..  

 

The PC, ( ipconfig /all ) looks good now. 

 

 

Next.. your hosts files... 

> my /etc/hosts:

> 

> # IPv4 and IPv6 localhost aliases

> 127.0.0.1       localhost

> ::1             localhost

> 

> 10.0.1.6        skynet skynet.cyberdyne.local skynet.ad.cyberdyne.local

> fdea:5b48:d4c1:1:1::6   skynet skynet.cyberdyne.local

> skynet.ad.cyberdyne.local

 

Which looks ok but it isnt. 

 

# look at this layout i made..  ( the localhost.localdomain is optional. )

127.0.0.1            localhost localhost.localdomain 

#

10.0.1.6                skynet.ad.cyberdyne.local skynet

fdea:5b48:d4c1:1:1::6   skynet.ad.cyberdyne.local skynet

#

# The following lines are desirable for IPv6 capable hosts

::1     localhost ip6-localhost ip6-loopback

ff02::1 ip6-allnodes

ff02::2 ip6-allrouters

 

Why above. : 

> # Generated by net-scripts for interface lan0

> domain ad.cyberdyne.local

So you server is in domain ad.cyberdyne.local 

 

Now after these changes reboot the server, when up, reboot the pc. 

And check again. 

 

For the : skynet.cyberdyne.local 

setup an alias in your dns, if needed, but since you have dns search also to both domains that “should” not be needed.

Dont make an A record for this in .cyberdyne.local CNAME.

 

p.s. you do know that .local is reserved for apple’s mDNS (zeroconf ) and is “adviced” not to use.

https://en.wikipedia.org/wiki/.local

see also note 5 there.

 

But ! if your already up and running DONT change the domain, that wil give more problems.. 

 

 

Greetz, 

 

Louis

 

 

 

> -----Oorspronkelijk bericht-----

> Van: samba [mailto:samba-bounces at lists.samba.org] Namens rme at bluemail.ch

> Verzonden: donderdag 4 augustus 2016 9:47

> Aan: samba at lists.samba.org

> Onderwerp: Re: [Samba] Samba 4.2.14 Group Policy (GPO) sync error

> 

> Hello Louis,

> 

> Thanks for your reply.

> 

> 

>  > No, your output is not good.

> 

> So let's have a look.

> 

> 

>  > >C:\Temp>netdom verify cyb64w10-monster

>  > >The format of the specified computer name is invalid.

>  > Thats not good.

> 

> Well, it quite clearly states the format is invalid. If I use the the FQDN

> of

> the AD domain it works fine. The DNS search is also including the AD

> domain as

> well as the primary DNS suffix is set to the AD domain (see below).

> 

> 

> 

>  > > C:\Temp>nslookup cyb64w10-monster

>  > > Server:  UnKnown

>  > > Address:  fdea:5b48:d4c1:1:1::6

>  > Also not good.

> 

> It resolves fine. Just I missed the correct IPv6 PTR record from the DNS.

> 

> I did quickly fix this now (with no change to the result in GPO sync):

> C:\Temp>nslookup cyb64w10-monster

> Server:  skynet.cyberdyne.local

> Address:  fdea:5b48:d4c1:1:1::6

> 

> Name:    cyb64w10-monster.ad.cyberdyne.local

> Addresses:  2a02:120b:2c38:2951:8d95:bd76:deaa:73db

>            fdea:5b48:d4c1:1:1::100

>            fdea:5b48:d4c1:1:8d95:bd76:deaa:73db

>            10.0.1.119

> 

> 

>  > open dos box and type ipconfig /all

> 

>  > check you primary dns suffix AND dns search.

>  > Normaly these are the same, can you check this?

> 

>  > My guess, your missing the dns-search

> 

> 

> I actually get both suffixes and the primary DNS Suffix is set to

> ad.cyberdyne.local. The reason for this is that I am running a DNS zone

> including host data for my local LAN (cyberdyne.local) while the AD zone

> is

> entirely managed by bind_dlz (ad.cyberdyne.local). So in my DHCP

> configuration I

> am assigning the cyberdyne.local DNS domain name (dhcp.conf:

>      option domain-name "cyberyne.local";

> 

> 

> C:\Temp>ipconfig /all

> 

> Windows IP Configuration

> 

>     Host Name . . . . . . . . . . . . : cyb64w10-monster

>     Primary Dns Suffix  . . . . . . . : ad.cyberdyne.local

>     Node Type . . . . . . . . . . . . : Hybrid

>     IP Routing Enabled. . . . . . . . : No

>     WINS Proxy Enabled. . . . . . . . : No

>     DNS Suffix Search List. . . . . . : ad.cyberdyne.local

>                                         cyberdyne.local

> 

> 

>  > Are you using ipv6 in your lan? If not, try disable it.

>  > And try again.

>  > If your using ipv6, then disable it, try it and enable it back.

> 

> Well, I am using IPv6 mainly for all services and don't want to disable

> it.

> Though I might try this temporary which will be quite a bunch of

> reconfiguration

> to disable IPv6 in all services

> later. . So I will come back with results on this

> 

> 

>  > And post the resolv.conf and hosts files

> 

> My resolv.conf:

> 

> # Generated by net-scripts for interface lan0

> domain ad.cyberdyne.local

> search ad.cyberdyne.local cyberdyne.local

> nameserver fdea:5b48:d4c1:1:1::6

> nameserver 10.0.1.6

> 

> 

> my /etc/hosts:

> 

> # IPv4 and IPv6 localhost aliases

> 127.0.0.1       localhost

> ::1             localhost

> 

> 10.0.1.6        skynet skynet.cyberdyne.local skynet.ad.cyberdyne.local

> fdea:5b48:d4c1:1:1::6   skynet skynet.cyberdyne.local

> skynet.ad.cyberdyne.local

> 

> 

> On clients I don't have any modifications to the stock Windows 10 hosts

> file,

> just containing localhost entries.

> 

> 

> best regards,

> Rainer

> 

> --

> To unsubscribe from this list go to the following URL and read the

> instructions:  https://lists.samba.org/mailman/options/samba

 

More information about the samba mailing list