[Samba] DC's are unavailable when PDC halted
Rowland Penny
rpenny at samba.org
Wed Nov 8 16:27:22 UTC 2017
On Wed, 8 Nov 2017 17:20:09 +0100
Ervin Hegedüs <airween at gmail.com> wrote:
> Hi,
>
>
> On Wed, Nov 08, 2017 at 03:21:28PM +0000, Rowland Penny wrote:
> > On Wed, 8 Nov 2017 14:33:28 +0100
> > Ervin Hegedüs <airween at gmail.com> wrote:
> >
> > > When I turned off the open-ldap2, and open-ldap works, then the
> > > wbinfo -a returns with succeed, but only after 30 seconds.
> >
> >
> > OK, the problem here is not that you have turned off the first DC,
> > it is that the client keeps trying to connect to it for 30 seconds.
> >
> > You need to add:
> >
> > 'timeout:1 attempts:2 rotate'
> >
> > to /etc/resolv.conf
>
> okay, may be I've found something interest: the DC's have 2
> network interfaces (eth0: 192.168.100.n/26, eth1: 10.10.20.m/25).
>
> We planned, that the eth0 and that network will be used.
>
> But I've added the another network addresses to DNS too.
>
> Perhaps this was my mistake, because I've removed the 10.10.20.x
> addresses from DNS (from domain, and from DC's A record), and now I
> turned off any DC (till another works, of course), and client can
> authenticate!
>
> But. :)
>
> After some minutes, the 10.10.20.x address gone back to DNS...
> and I didn't set it up...
>
> # host -t A core.mydomain.hu
> core.mydomain.hu has address 192.168.255.100
> core.mydomain.hu has address 192.168.255.99
>
> (takes few minutes...)
>
> # host -t A core.mydomain.hu
> core.mydomain.hu has address 192.168.255.100
> core.mydomain.hu has address 10.10.20.202
> core.mydomain.hu has address 192.168.255.99
>
>
> How can I prevent that this record appears in zone?
>
> I can delete that with samba-tool:
>
> # samba-tool dns delete open-ldap.core.mydomain.hu core.mydomain.hu
> core.mydomain.hu A 10.10.20.202 -Uadministrator at core.mydomain.hu
> Password for [administrator at core.mydomain.hu]: Record deleted
> successfully # host -t A core.mydomain.hu
> core.mydomain.hu has address 192.168.255.100
> core.mydomain.hu has address 192.168.255.99
>
>
> but it comes again after some minutes...
>
>
> Thanks,
>
>
> a.
>
Something must be putting it back, do you have a dhcp client running on
the machine ?
I have thought of something else, are both of your DCs Authoritative
for the dns domain ?
Rowland
More information about the samba
mailing list