[Samba] Recommended DNS configuration on Domain Controllers causes share by IP name to fail

L.P.H. van Belle belle at bazuin.nl
Wed Nov 30 15:18:47 UTC 2016 

Hai James, 

..
> 
> I think the wiki is correct but see comment below.
> 
>      I don't believe islanding to be a big concern either but what about
> the possibility of a "race condition" between DNS and AD? In a Microsoft
> environment, AD has the possibility of starting first before DNS has
> started. This of course creates failure in name resolution during boot.
> Is this a concern using Bind or Samba internal DNS?  If not then I see
> no issue setting a DC to itself as a primary DNS server.
> 
> --
> - James
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba


>AD has the possibility of starting first before DNS has started.

No, not true, 
Active Directory Domain Services depends on DNS Server ( and others) in windows. 

And yes the wiki does have a few errors imo. 
One needed correction are the /etc/hosts file for example : 
127.0.0.1 localhost any-other.alias
See also : http://www.ietf.org/rfc/rfc1912.txt


>Is this a concern using Bind or Samba internal DNS?
I ask at Oliver ( todays subject : [Samba] Add new DomainController ) 
I think this is related with bind. Let wait what he tells us. 

And if its systemd 
(and in my debian jessie system im still missing some startup dependecies.)
Something like : 
After=network.target bind9.service
Requires=network-online.target

... 
The network.target only indicates that the network management stack is up.
Whether any network interfaces are already configured when it is reached is undefined.

I'll go through the debian bug list for this. 

Setting a DC to itself as a primary DNS server, yes its possible. 
But only client software uses it (resolv.conf). 
Any pc used the DNS itself. 

At a DC join you MUST point to the first DC and only after everything is replicated yes you can point back to itself, not that i advice it. 

I've setup as followed. 
All DC's point to the DC1 (with FSMO roles) + DC2 (this order for all DC's)
(and all DC's have in /etc/hosts all the DC hostnames as backup.) 

All members servers and PC's point to the DC2 and DC3 
( incase you have only 2 DC.s i suggest order DC2 DC1  )

Never had any resolving problems this way and load is split over the servers. 

But this can be setup in multiple ways. 
This is best for me, for you, it can be different. 


Greetz, 

Louis

More information about the samba mailing list