[Samba] SRV records not added by subsequent DC's

Henry Jensen hjensen at mailbox.org
Tue Jul 24 15:14:44 UTC 2018 

On Tue, 24 Jul 2018 14:15:04 +0100
Rowland Penny via samba <samba at lists.samba.org> wrote:

> On Tue, 24 Jul 2018 15:00:27 +0200

> > dc1 and dc2 have created SRV DNS records:
> > 
> > # host -t SRV _ldap._tcp.dc._msdcs.iww.lan
> > _ldap._tcp.dc._msdcs.iww.lan has SRV record 0 100 389 dc1.iww.lan.
> > _ldap._tcp.dc._msdcs.iww.lan has SRV record 0 100 389 dc2.iww.lan.
> > 
> > 
> > # host -t SRV _kerberos._tcp.dc._msdcs.iww.lan
> > _kerberos._tcp.dc._msdcs.iww.lan has SRV record 0 100 88 dc1.iww.lan.
> > _kerberos._tcp.dc._msdcs.iww.lan has SRV record 0 100 88 dc2.iww.lan.
> > 
> > But dcirm and dchks didn't create SRV records. However, they did
> > create DNS A records and they are listed as Domain Controllers in the
> > AD Tree. samba-tool drs showrepl shows no errors. 

> Try restarting the DC's without the records, this should create the
> missing records, if not, check syslog.

Thank you for that hint.

OK, the log says:

  samba: setproctitle not initialized, please either call setproctitle_init() or link against libbsd-ctor.                                                                                                                                                                               
  [2018/07/24 14:32:17.590559,  0] ../source4/dsdb/dns/dns_update.c:290(dnsupdate_nameupdate_done)                                                                                                                                                                                       
  ../source4/dsdb/dns/dns_update.c:290: Failed DNS update - with error code 26                                                                                                                                                                                                         

So i digged further and found a mail from you from October 2017, suggesting to run samba_dnsupdate [0]


So, i ran

  /usr/sbin/samba_dnsupdate 

(using DNS) which fails.

Running  

  /usr/sbin/samba_dnsupdate --use-samba-tool

succedd and the missing SRV entries are created. So I added 

  dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool

to my smb.conf now.

But as the original OP I am curious ;) and want to know why. You
explained that this is a Kerberos problem. And then Andrew wrote 

> This should be fixed in Samba 4.7 finally. [1]

Erm, I am using Samba 4.7.8, either it didn't get fixed after all or I
did something wrong. 

note: the line 

 samba: setproctitle not initialized, please either call setproctitle_init() or link against libbsd-ctor.

is still there.


Kind regards,

Henry

[0] https://lists.samba.org/archive/samba/2017-October/211723.html
[1] https://lists.samba.org/archive/samba/2017-October/211740.html

More information about the samba mailing list