[Samba] Unable to transfer ForestDns/DomainDNS

Rowland penny rpenny at samba.org
Thu Jul 7 16:29:32 UTC 2016


On 07/07/16 17:14, Jason Waters wrote:
> I'm going to keep going and see if I can get samba joined and then 
> migrated over.  Maybe I'm still focusing on the wrong thing! Ugh....
>
> On Thu, Jul 7, 2016 at 12:12 PM, Jason Waters <jason at geeknocity.com 
> <mailto:jason at geeknocity.com>> wrote:
>
>     So I wanted to test if something was broke in my DC so I setup a
>     "new" 2003 DC with a different domain, example.com
>     <http://example.com>.  I do the ldbsearch against that and I get
>     the same error instead of it listing the dns entries....So maybe
>     it is a 2003 thing?
>
>     On Thu, Jul 7, 2016 at 11:55 AM, Rowland penny <rpenny at samba.org
>     <mailto:rpenny at samba.org>> wrote:
>
>         On 07/07/16 16:19, Jason Waters wrote:
>>         search error - LDAP error 10 LDAP_REFERRAL -  <0000202B:
>>         RefErr: DSID-0310063C, data 0, 1 access points
>>                 ref 1: 'DomainDnsZones.fisherthompson.local'
>>         > <ldap://DomainDnsZones.fisherthompson.local/DC=DomainDnsZones,DC=fisherthompson,DC=local>
>
>         If you look here: https://www.ldap.com/ldap-result-code-reference
>
>         You will find this:
>
>
>                 10: Referral
>
>         This indicates that the server could not process the requested
>         operation, but that it may succeed if attempted in another
>         location, as specified by the referral URIs included in the
>         response.
>
>         Never having seen this before, all I can suggest is trying
>         what it is telling you to do, only problem is, I don't really
>         recognise the ldap URL
>
>         Rowland
>
>
>>
>>         On Thu, Jul 7, 2016 at 11:04 AM, Rowland penny
>>         <rpenny at samba.org <mailto:rpenny at samba.org>> wrote:
>>
>>             On 07/07/16 13:56, Jason Waters wrote:
>>
>>                 So I continue to struggle getting this moved away
>>                 from windows 2003 to
>>                 samba.  I've been working in VM's to test before
>>                 doing it on production.  I
>>                 think something is just wrong/broken with my windows
>>                 2003 AD.  These are a
>>                 couple of the things I have tried.
>>
>>                 - Going from Windows 2003 to Windows 2008 to Samba
>>                 - Seizing the roles and then joining another samba
>>                 domain controller.  But
>>                 I'm unable to move the DomainDnsZones and
>>                 ForestDnsZones fsmo's to the new
>>                 samba box.  Like it is coping bad data.
>>                 - Setup a new domain with samba, joined Windows 2008
>>                 and migrated
>>                 everything around fine!  Another reason why I think
>>                 something is wrong in
>>                 my data.
>>
>>
>>                 So the last thing I've been trying to figure out is
>>                 why the command
>>                 ldbsearch --cross-ncs -H ldap://pdc -b
>>                 "DC=DomainDnsZones,DC=fisherthompson,DC=local" -s sub
>>                 -Uadministrator
>>
>>                 returns a referral instead of the records.  On my
>>                 purely stock samba domain
>>                 it works fine, so something about the windows 2003 ad?
>>
>>
>>             I think it must be, on my DC it dumps all the domain DNS
>>             records. What does it actually return ?
>>
>>             Rowland
>>
>>
>>                 But if I open ASDIEDIT and connect to
>>                 DC=DomainDnsZones,DC=fisherthompson,DC=local on the
>>                 windows 2003 DC I see
>>                 everything like I should.....
>>
>>
>>                 It seems like samba and ldbtools isn't following the
>>                 referrals. Or they
>>                 shouldn't be referrals?  Or something else that I
>>                 have no idea about!
>>
>>                 Any other suggestions?  Thanks!
>>
>>                 Jason
>>
>>
>>
>>
>>             -- 
>>             To unsubscribe from this list go to the following URL and
>>             read the
>>             instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>
>
>

Try reading this: https://support.microsoft.com/en-us/kb/304489

I have also had another thought, join the samba4 DC using the internal 
DNS server, then use samba_upgradedns to upgrade to Bind9, this should 
create the dns partitions etc. Not really sure if this will work, I have 
never had this problem, but it worth trying in a test environment.

Rowland



More information about the samba mailing list