[Samba] SRV records not added by subsequent DC's
Henry Jensen
hjensen at mailbox.org
Tue Jul 24 13:00:27 UTC 2018
Hello,
sorry to ask this many questions, but I want to know why things happen
they way they do and if perhaps something is wrong.
Our new, shiny domain created by classicupgrade consists of 4 (four) domain controllers.
dc1 was the first, which was created by classicupgrade. Then I added dc2, dchks and dcirm using
samba-tool domain join iww.lan DC -U "IWW\Administrator" --dns-backend=SAMBA_INTERNAL
dc1 and dc2 have created SRV DNS records:
# host -t SRV _ldap._tcp.dc._msdcs.iww.lan
_ldap._tcp.dc._msdcs.iww.lan has SRV record 0 100 389 dc1.iww.lan.
_ldap._tcp.dc._msdcs.iww.lan has SRV record 0 100 389 dc2.iww.lan.
# host -t SRV _kerberos._tcp.dc._msdcs.iww.lan
_kerberos._tcp.dc._msdcs.iww.lan has SRV record 0 100 88 dc1.iww.lan.
_kerberos._tcp.dc._msdcs.iww.lan has SRV record 0 100 88 dc2.iww.lan.
But dcirm and dchks didn't create SRV records. However, they did create
DNS A records and they are listed as Domain Controllers in the AD Tree.
samba-tool drs showrepl shows no errors.
All DC' are running Debian or Devuan with Louis' Samba 4.7.8 packages.
All of them are runing in a LXC container.
The differences is that dcirm and dchks are located
on remote locations which are connected through VPN connections with
reduced bandwith.
It is my understanding that those records are important for a client to
find a DC, so if for some reason dc1 and dc2 would fail, clients
wouldn't be able to locate a DC,although the other two DC's are still
available - am I correct?
If so, how can the correct SRV records be added?
Kind Regards,
Henry
More information about the samba
mailing list