[Samba] samba_dnsupdate NOTAUTH
Rowland penny
rpenny at samba.org
Tue Feb 23 13:31:48 UTC 2016
On 23/02/16 13:15, Jason Voorhees wrote:
> Hello Rowland, thanks for your help.
>
> My replies lines below:
>
>
>> Do the DCs point at each other for dns ?
>>
>> i.e. is /etc/resolv.conf on the first DC something like this:
>>
>> search your.domian.com
>> nameserver ip.of.second.dc
>> nameserver ip.of.this.dc
>>
>> and on the second DC:
>>
>> search your.domian.com
>> nameserver ip.of.first.dc
>> nameserver ip.of.this.dc
>>
> Yes, they both point to each other just as you suggested.
>
>> I would also ensure that ntp is running on both DCs, using the same external
>> ntp servers and then your workstations would use your DCs for their time
>> servers.
>>
> I've just configured NTP on both servers, they now have only 1 seconds
> of difference.
>
>> One last comment, you haven't got a primary DC and a backup DC, you just
>> have two DCs. The only difference between your two DCs is the FSMO roles and
>> these can be moved from DC to DC.
>>
> What type of DCs are these two servers? Some kind of two Primary or
> Master DC each one? Shouldn't I have a PDC and a BDC? (I thought this
> the recommeded setup for DCs). Please let me know if I'm doing
> anything wrong here.
You can call them what you want, but all Samba AD DCs are the same, they
both hold the same replicating database, the only difference is what
FSMO roles each DC holds and you can move these roles. The terms 'PDC' &
'BDC' are used with an NT4-style domain, where they mean something.
Whilst there is a 'PDC emulator' FSMO role (see here for info:
https://support.microsoft.com/en-us/kb/197132), there isn't a 'BDC
emulator' FSMO role.
>
> I'm going to check if samba_dnsupdate error messages dissapear in the
> following minutes/hours after synchronizing both servers using NTP,
> but I don't know what caused this error. Was it really caused by time
> differences between servers? or is there anything else that might need
> to be fixed?
It could be the time difference, but if it seems not then have a look here:
https://wiki.samba.org/index.php/Samba_AD_DC_Troubleshooting
Rowland
>
> Thanks again
More information about the samba
mailing list