[Samba] Internal DNS migrate to Bind9_DLZ

Eben Victor eben.victor at gmail.com
Tue Aug 21 20:56:08 UTC 2018


Hello Louis,

I have checked everything possible.
The permissions and locations of files are all correct.

I’ve been playing around, setting up a test dc and some test data.
When doing the migration from internal dns to bind9_dlz then it works perfect. (I even test by adding and removing different domain from DNS and resolve.conf)

Using the exact same configuration on my production DC's it still fails.
Could my database be corrupt somehow on 1 of my 7 DC's?

Really struggling to get this working. Any guidance or suggestions would be helpful.

Kind Regards

On 2018/07/31, 11:33, "samba on behalf of L.P.H. van Belle via samba" <samba-bounces at lists.samba.org on behalf of samba at lists.samba.org> wrote:

    Hai, 
    
    Did you make sure that your root and localhost zones are loaded last in the bind config. 
    
    The order matters, at least if you also use bind_DLZ. 
    
    I suggest, you try it. 
    Im Just thinking about this,  if your . (root) zone is loaded, and its trying to lookup you company.corp domain. 
    It hits resolv.conf then you bind, and bind_dlz is not loaded yet, so lookup on the internet.
    Its a possible option this happens, i dont know the bind9_dlz code. 
    
    And this, >>  domain.corp is just an alias, not the actual domain name. 
    Setup a with a real zone. 
    
    But pretty im sure your problem is caused by one of these 2. 
    
    I suguest start with making sure your localhost and root zones are loaded last on named.conf.
    
    In my Debian server the order is as followed.
    include "/etc/bind/named.conf.options";		< here (withing the options line:  at the bottum of the global options: tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
    include "/etc/bind/named.conf.local";		< here only one line:  include "/var/lib/samba/private/named.conf";  
    include "/etc/bind/named.conf.default-zones";	< here are my root and localhost zones ( default bind, not in DLZ )
    
    
    Greetz, 
    
    Louis
    
    
    
    
    
    > -----Oorspronkelijk bericht-----
    > Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
    > Rowland Penny via samba
    > Verzonden: dinsdag 31 juli 2018 10:23
    > Aan: samba at lists.samba.org
    > Onderwerp: Re: [Samba] Internal DNS migrate to Bind9_DLZ
    > 
    > On Mon, 30 Jul 2018 23:36:46 +0200
    > Eben Victor <eben.victor at gmail.com> wrote:
    > 
    > > It is part of the Sernet packages and is currently on 1.3.4
    > > /usr/lib64/samba/libldb.so.1.3.4
    > > 
    > > We started using sernet-samba-ad from v4 using the internal dns and
    > > updated as versions were released. We have now recently updated from
    > > 4.8.2 to 4.8.3 and still using internal dns.
    > > Our DNS is working as it should, it's only been since recently that
    > > we have to migrate to bind9.
    > > 
    > 
    > So, you are using Samba without problem, it is just that when you try
    > to use Bind9 instead of the internal dns server, your problems start.
    > 
    > Let's just recap
    > 
    > You have run 'samba_upgradedns'
    > You have altered smb.conf
    > You have configured 'named.conf' correctly
    > The Samba 'named.conf' file is readable by 'named' (this should be
    > 'rw-r--r--' i.e. world readable)
    > 
    > But, even though everything looks okay, Bind9 will not start.
    > 
    > This is strange, there doesn't seem to be any reason for it.
    > 
    > Is anybody using the combination of Centos 7, Samba 4.8.3 and Bind9
    > without problems ?
    > 
    > Rowland
    > 
    > -- 
    > To unsubscribe from this list go to the following URL and read the
    > instructions:  https://lists.samba.org/mailman/options/samba
    > 
    > 
    
    
    -- 
    To unsubscribe from this list go to the following URL and read the
    instructions:  https://lists.samba.org/mailman/options/samba
    





More information about the samba mailing list