[Samba] DC2: TKEY is unacceptable, Failed DNS update?

Andrew Bartlett abartlet at samba.org
Thu May 26 19:11:04 UTC 2016

On Thu, 2016-05-26 at 17:32 +0200, Jo wrote:
> Hi Marc,
> I appreciate that you reply, but I got it resolved by following the
> advice of Mathias. I was aware of the links below, however the first
> is about using the BIND9_DLZ backend, and at the time I experienced
> the issue I was using the internal one. 
> Marc & Mathias,
> The 2nd link that Marc references is about a DC should not use itself
> for DNS queries is exactly the opposite of your recommendation to use
> localhost. In fact I am not really decided yet, given the fact that
> using the other DC is long term via a VPN connection, albeit at least
> slow if not unreliable, and also relying on both DCs up at the same
> time, whereas using the local instance for sure requires some extra
> monitoring in order to prevent stuck replications. 
> Any idea?
> Thanks & Best regards, Joachim

Yes, it should use itself as the DNS server, once the initial
registration work is done.

We know this area isn't ideal, and we are actively working to improve
it.  I expect Samba 4.5 to be much more sensible in this regard, given
the patches I've seen from other Samba team members and the work my
team at Catalyst is currently doing for our clients. 


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list