[Samba] Problems with replication and dns

Santiago Londoño Mejía santiago.londono at pragma.com.co
Wed Mar 15 15:03:59 UTC 2017 

Hello,
Thank you very much for your reply.
I have configured bind using the dlz backend and these are the results.

named log:

Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on 6 zones
Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone' using driver dlopen
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: started for DN
DC=pragma,DC=com,DC=co
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
zone 'waspruebas.proteccion.com.co'
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
zone 'segdllo02.suranet.com'
Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE:
has no NS records
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure
zone 'dbmed04.pragma.com.co'
Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone
Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error)


named.conf:

options {
	listen-on port 53 { 127.0.0.1; };
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
	allow-query     { localhost; };
	recursion yes;

	dnssec-enable yes;
	dnssec-validation yes;
 tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
	/* Path to ISC DLV key */
	bindkeys-file "/etc/named.iscdlv.key";

	managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/usr/local/samba/private/named.conf";


As you can see in the log, the zone dbmed04.pragma.com.co does not
have ns records according to the database.
I've tried deleting it with
./samba-tool dns zonedelete neptuno.pragma.com.co dbmed04.pragma.com.co

ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE')
  File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py"
, line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/dns.py",
line 780, in run
    raise e


Best regards,

Santiago.







2017-03-14 17:21 GMT-05:00, Rowland Penny via samba <samba at lists.samba.org>:
> On Tue, 14 Mar 2017 17:01:24 -0500
> Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:
>
>> Hello,
>>
>> Sorry for the few details.
>>
>> rsync:
>>
>> rsync -h -a -v /usr/local/samba/var/locks/sysvol/pragma.com.co/
>> root at server2:/usr/local/samba/var/locks/sysvol/pragma.com.co/
>
> OH dear, have a look here:
>
> https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround
>
>>
>> first dc smb.conf:
>> [global]
>>     tls verify peer = no_check
>>     ldap server require strong auth = no
>> 	netbios name = NEPTUNO
>> 	realm = PRAGMA.COM.CO
>> 	server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
>> drepl, winbindd, ntp_signd, kcc, dnsupdate
>> 	workgroup = PRAGMA
>> 	server role = active directory domain controller
>> #	interfaces = en160 en160:0 lo
>> 	wins support = Yes
>> 	name resolve order = wins lmhosts hosts bcast
>
> 'name resolve order' on something that is running (or should be) a DNS
> server ???
>
>
>> named.conf:
>
>> zone "pragma.com.co" {
>> 	type master;
>> 	file "dynamic/pragma.com.co";
>> };
>
> AHA, you are running Bind with the totally unsupported flatfiles, this
> does not work.
>
>>
>>
>>
>> include "/etc/named.rfc1912.zones";
>> include "/etc/named.root.key";
>> //include "/usr/local/samba/private/named.conf";
>
> Uncomment the above line, you need it.
>
> Can I suggest you read about DNS on the samba wiki:
>
> https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
Santiago Londoño Mejía
Analista de Infraestructura
t. (574) 605 25 23 ext. 1232
m. (57) 3148332567
Medellín | Carrera 50  C #10 Sur  80
Bogotá | Medellín | Cali
www.pragma.com.co

-- 


Este mensaje es confidencial. Puede contener información privilegiada que pertenece a PRAGMA S.A. y/o a sus clientes, contratistas, directores, empleados y asesores, por tanto no debe ser usado ni divulgado por personas distintas a su destinatario. Si obtiene este mensaje por error, equivocación u omisión, por favor bórrelo y avise al remitente.

Está prohibida su retención, grabación, utilización o divulgación con cualquier propósito.

Este mensaje ha sido sometido a programas antivirus. No obstante, PRAGMA S.A. no asume ninguna responsabilidad por eventuales daños generados por el recibo y uso de este material, siendo responsabilidad del destinatario verificar con sus propios medios la existencia de virus u otros defectos.

Las opiniones, conclusiones y otra información contenida en este correo no relacionadas con el negocio oficial de PRAGMA S.A., deben entenderse como personales y de ninguna manera son avaladas por la Compañía.

More information about the samba mailing list