[Samba] Samba 4.2.14 Group Policy (GPO) sync error
rme at bluemail.ch
rme at bluemail.ch
Thu Aug 4 09:12:20 UTC 2016
> > Just I missed the correct IPv6 PTR record from the DNS.
> Ok and whats obligated for a correct working kerberos environment.
Well, I thought Samba bind_dlz is going to configure also the required PTR and
all other kerberos DNS entries in ad.cbyerdyne.local zone which is entirely
managed by Samba.
I don't intend to run any Kerberos services in cyberdyne.local DNS domain.
> Next.. your hosts files...
Updated according to your suggestions:
# IPv4 and IPv6 localhost aliases
127.0.0.1 localhost localhost.localdomain
10.0.1.6 skynet.ad.cyberdyne.local skynet
fdea:5b48:d4c1:1:1::6 skynet.ad.cyberdyne.local skynet
::1 localhost ip6-localhost ip6-loopback
And just for testing to resolve the client I am currently testing with:
# nslookup cyb64w10-hpnb
> Why above. :
> > # Generated by net-scripts for interface lan0
> > domain ad.cyberdyne.local
> So you server is in domain ad.cyberdyne.local
Well actually this was a mistake inserted manually during tests (my bad).
The DNS domain for the server should be cyberdyne.local.
This if fixed after the suggested reboot, the resolv.conf looks as follows:
# Generated by net-scripts for interface lan0
search ad.cyberdyne.local cyberdyne.local
(yes the server got 2 IPv4 interfaces)
I have assigned both of the DNS search suffix though.
> Now after these changes reboot the server, when up, reboot the pc.
> And check again.
Just did that. Tried gpupdate on the client with IPv6 disabled with the same result.
> For the : skynet.cyberdyne.local
> setup an alias in your dns, if needed, but since you have dns search also to
both domains that “should” not be needed.
I can resolve this name properly as the DNS zone is managed by the server:
(from client with IPv6 disabled)
> Dont make an A record for this in .cyberdyne.local CNAME.
Not sure what you mean by this. Of course the host has an A record
"skynet.cyberdyne.local". The zone ad.cyberdyne.local is managed by bind_dlz and
cyberdyne.local is having it's own A recoreds (for example for the various
network devices, printers etc.).
> p.s. you do know that .local is reserved for apple’s mDNS (zeroconf ) and is
“adviced” not to use.
I know about this. This Samba domain is runing since > 10 years and got upgraded
to Samba AD somewhen last year. I don't intend to run any mDNS stuff and never
experienced any issues with this. Moreover I don't intend to register a domain
just for internal tests and this is exaclty what .local was meant to be. In
general I can't imagine this issue to be connected to the .local domain.
Meanwhile I have tried also to configure Samba to listen only on IPv4
interfaces. Though this didn't do any change either.
Again, many thanks for your investigations.
More information about the samba