[Samba] Horrible BIND9_DLZ DNS breakage after DC replaced and samba-tool domain demote --remove-other-dead-server
Rowland Penny
rpenny at samba.org
Tue Aug 16 14:04:15 UTC 2016
On Tue, 16 Aug 2016 09:20:56 +0100
Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Mon, 15 Aug 2016 19:59:56 +0100
> Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> > On Mon, 15 Aug 2016 16:02:38 +0100
> > Rowland Penny via samba <samba at lists.samba.org> wrote:
> >
> >
> > So, as the OP said, this is a bit of a chicken and egg situation,
> > you need the SOA records to add the SOA records via samba_dnsupdate.
> >
> > Rowland
> >
> >
>
> And after further testing, but this time using the internal DNS
> server, the problem doesn't exist, so it is a 'using Bind9 with Samba
> problem'
>
> Rowland
>
After much further testing, I 'think' I have the magic incantation to
get this working ;-)
Install samba and Bind9 as normal on the second DC.
Edit /etc/resolv.conf so that the nameserver points to the first DC.
Now join the computer as a DC, once the join is finalised and before
you start bind9 or Samba, edit /etc/resolv.conf again, but this time,
point the nameserver at the new DCs ipaddress or 127.0.0.1 i.e. itself.
Start bind9 and then samba, this should run samba_dnsupdate and add all
the missing records. You can check this with:
host -t SRV _ldap._tcp.example.com.
You should get a result similar to this:
_ldap._tcp.example.com has SRV record 0 100 389 devdc1.example.com.
_ldap._tcp.example.com has SRV record 0 100 389 devdc2.example.com.
edit /etc/resolv.conf on both DCs to use the other as a nameserver and
then itself:
DC1:
search example.com
nameserver 192.168.0.251
nameserver 127.0.0.1
DC2:
search example.com
nameserver 192.168.0.250
nameserver 127.0.0.1
Finally, restart samba on both DCs
Rowland
More information about the samba
mailing list