[Samba] SRV records not added by subsequent DC's
Rowland Penny
rpenny at samba.org
Tue Jul 24 13:15:04 UTC 2018
On Tue, 24 Jul 2018 15:00:27 +0200
Henry Jensen via samba <samba at lists.samba.org> wrote:
> Hello,
>
> sorry to ask this many questions, but I want to know why things happen
> they way they do and if perhaps something is wrong.
>
> Our new, shiny domain created by classicupgrade consists of 4 (four)
> domain controllers.
>
> dc1 was the first, which was created by classicupgrade. Then I added
> dc2, dchks and dcirm using
>
> samba-tool domain join iww.lan DC -U "IWW\Administrator"
> --dns-backend=SAMBA_INTERNAL
>
>
> dc1 and dc2 have created SRV DNS records:
>
> # host -t SRV _ldap._tcp.dc._msdcs.iww.lan
> _ldap._tcp.dc._msdcs.iww.lan has SRV record 0 100 389 dc1.iww.lan.
> _ldap._tcp.dc._msdcs.iww.lan has SRV record 0 100 389 dc2.iww.lan.
>
>
> # host -t SRV _kerberos._tcp.dc._msdcs.iww.lan
> _kerberos._tcp.dc._msdcs.iww.lan has SRV record 0 100 88 dc1.iww.lan.
> _kerberos._tcp.dc._msdcs.iww.lan has SRV record 0 100 88 dc2.iww.lan.
>
> But dcirm and dchks didn't create SRV records. However, they did
> create DNS A records and they are listed as Domain Controllers in the
> AD Tree. samba-tool drs showrepl shows no errors.
>
> All DC' are running Debian or Devuan with Louis' Samba 4.7.8 packages.
> All of them are runing in a LXC container.
>
> The differences is that dcirm and dchks are located
> on remote locations which are connected through VPN connections with
> reduced bandwith.
>
> It is my understanding that those records are important for a client
> to find a DC, so if for some reason dc1 and dc2 would fail, clients
> wouldn't be able to locate a DC,although the other two DC's are still
> available - am I correct?
>
> If so, how can the correct SRV records be added?
>
> Kind Regards,
>
> Henry
>
>
>
Try restarting the DC's without the records, this should create the
missing records, if not, check syslog.
Rowland
More information about the samba
mailing list