[Samba] Setup a Samba AD DC as an additional DC
Barry D. Adkins
Barry at daram.com
Thu Dec 6 03:44:18 UTC 2018
I had my zones set for Domain Replication. After your post I set them for Forest Replication. I have not had a chance to see if that made a difference. I did not know Samba cared if it were one vs. the other.
-Barry Adkins
From: andrew at ruscica.com [mailto:andrew at ruscica.com] On Behalf Of Andrew Ruscica
Sent: Wednesday, December 5, 2018 9:17 PM
To: Barry D. Adkins <Barry at daram.com>
Cc: samba at lists.samba.org
Subject: Re: [Samba] Setup a Samba AD DC as an additional DC
On Wed, Dec 5, 2018 at 1:24 PM Barry D. Adkins <Barry at daram.com<mailto:Barry at daram.com>> wrote:
If only this would have been my problem, yet the _msdcs.my.domain zone is in Windows DNS. Strange we are getting the same error.
_msdcs.my.domain zone is in Windows DNS
Being 'in' DNS is not the same as it existing as it's own dns zone. Up until my change today, the subdomain _msdcs existed as a subdomain under 'my.domain'.
To double check, show your output from the following command, adapted for your windows dns server name:
# samba-tool dns zonelist SERVER1 -U administrator
one of the zones returned needs to look like this:
pszZoneName : _msdcs.my.domain
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.my.domain
Regarding your error with the machine account, I didn't get that, but if it were me I'd clear the contents of /var/lib/samba/private (or whatever path for your installation) before attempting the next join.
More information about the samba
mailing list