[Samba] DC server own hostname must be part of ad dc domain?

Rowland Penny rpenny at samba.org
Fri Nov 18 11:22:47 UTC 2016 

See inline comments:

On Fri, 18 Nov 2016 14:49:28 +0400
Mike Lykov via samba <samba at lists.samba.org> wrote:

> Hi all.
> 
> If I have AD domain dc.samges.ru, how to setup a hostname, hosts file 
> and resolv.conf file? DNS is samba internal type.
> 
> Now I have settigs as here:
> (ad41 is dc with fsmo roles, ip 172.16.214.141, ad51 is a second dc,
> ip 172.16.214.151)
> 
> root at ad51:~# hostname -s
> ad51
> root at ad51:~# hostname -d
> samges.ru
> root at ad51:~# hostname -f
> ad51.samges.ru
> 
> Must I have an $SERV.$ADDOMAIN hostname, like ad51.dc.samges.ru ?

Yes

> If I change hostname now, what will happen in AD domain ?

Your machine will not be found.

> 
> And second part of question:
> 
> root at ad51:~# cat /etc/hosts
> 
> 172.16.214.141 daeb1132-e379-4231-b114-5d03cc8925a9._msdcs.dc.samges.ru
> 127.0.0.1 localhost.localdomain localhost
> # Auto-generated hostname. Please do not remove this comment.
> 172.16.214.151 ad51.samges.ru  ad51 
> 23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru
> ::1             localhost ip6-localhost ip6-loopback
> 
> Are autogenerated string written bu provision script? Are it needed? 
> (provision was 4.1.9 version)

No, is DHCP putting it there ?? if your machine is using dhcp to get its
ip etc, then you only need this in resolv.conf:

127.0.0.1 localhost.localdomain localhost
::1 localhost ip6-localhost ip6-loopback

> Can I remove records from "hosts" for *_msdcs.dc.samges.ru, if it 
> resolvable by samba dns server? (There is a same records on both DCs)
> 

Yes, you can remove them and in fact, you should remove them, they
shouldn't be in in /etc/hosts

> root at ad51:/etc# dig @172.16.214.151 
> 23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru
> ;; QUESTION SECTION:
> ;23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru. IN A
> ;; ANSWER SECTION:
> 23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru. 900 IN
> CNAME ad51.dc.samges.ru.
> ad51.dc.samges.ru.      900     IN      A       172.16.214.151
> 
> (both records resolved and present in servers dns zone)
> (created as described here 
> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record)
> 
> Are bug 10928 still actual and for which version?

Yes it is still open and it seems to affect all supported versions of
Samba (This means 4.3.x, 4.4.x and 4.5.x)

> 
> this resolv.conf seems ok?
> 
> root at ad51:/etc# cat /etc/resolv.conf
> search dc.samges.ru
> nameserver 172.16.214.151
> 

Yes, provided '172.16.214.151' is the ipaddress of an AD DC

Rowland

More information about the samba mailing list