[Samba] Replication problems bdc to pdc
Rowland Penny
rpenny at samba.org
Mon Dec 11 21:34:53 UTC 2017
On Mon, 11 Dec 2017 21:59:58 +0100
Jiří Knotek via samba <samba at lists.samba.org> wrote:
> Hello Rowland,
> thank You for a quick response.
>
>
> > You haven't set any forwarders.
>
> My network has only 10 stations and can not access the Internet. I
> just need Windows domain users. Bind9 I chose for future use.
OK, I can understand the lack of forwarders.
> >> smb.conf:------------------------------
> >>
> >> # Global parameters
> >> [global]
> >> netbios name = RY11CITDC
> >> realm = RY11CIT.LOCAL
> >> workgroup = RY11CIT
> >> server role = active directory domain controller
> >>
> > Why haven't you got a 'server services' line ?
> > you should have if you are using Bind9
>
> Because of
> "https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html"
> they write that "Default: //|server services|/ = |s3fs rpc nbt wrepl
> ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate dns| /".
>
> But according to
> "https://wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC"
> here I will add "server services = -dns". It is correct?
If you provisioned with '--dns-backend=BIND9_DLZ' , you would have
found a 'server services' line in smb.conf and it would have look this:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
Note the lack of 'dns' on the end, you can however write this as:
server services = -dns
Both lines mean the same thing, you are going to use BIND9_DLZ and not
to run the internal dns server. Without one of the two lines, the
internal dns server will be run and as you also seem to be running
Bind9, you will now have two dns servers trying to claim port 53.
Rowland
More information about the samba
mailing list