[Samba] Internal DNS migrate to Bind9_DLZ

L.P.H. van Belle belle at bazuin.nl
Mon Jul 30 15:12:47 UTC 2018 

> > > 30-Jul-2018 10:26:40.027 samba_dlz: starting configure
> > > 30-Jul-2018 10:26:40.049 dns_rdata_fromtext: buffer-0x7facd1f60dc0:1:
> > > near eof: unexpected end of input
> > > 30-Jul-2018 10:26:40.049 Failed to put rr
> > > 30-Jul-2018 10:26:40.269 zone domain.corp/NONE: has 0 SOA records
> > > 30-Jul-2018 10:26:40.269 zone domain.corp/NONE: has no NS records
> > > 30-Jul-2018 10:26:40.270 samba_dlz: Failed to configure zone
> > > 'domain.corp' 30-Jul-2018 10:26:40.270 loading configuration: bad zone
> > > 30-Jul-2018 10:26:40.270 exiting (due to fatal error)


I've seen this before, but long ago. 
What is happening here is that for some reason, domain.corp is loaded ( and as said, this not the primary domain ) 
But its loaded before the primary domain and that causes the crash. 

Check the search or domain order of resolv.conf, and make sure your primary domain is set first. 
If thats already the case. 

It is fixable, but pff, i cant remember how i fixed that. 

Main couse.
Your.domain.tld ( primary )
You created the alias, err. 

Beter is. 
Your.domain.tld ( primary )
Extra zone: domain.tld 
And alais the hosts not the domain. 

If i can recall more tonight, i'll post that tomorrow. 


Greetz, 

Louis




> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Rowland Penny via samba
> Verzonden: maandag 30 juli 2018 16:15
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Internal DNS migrate to Bind9_DLZ
> 
> On Mon, 30 Jul 2018 15:42:45 +0200
> Eben Victor <eben.victor at gmail.com> wrote:
> 
> > Hello Rowland,
> > 
> > selinux has been disabled, I also ran th follow
> > 
> > # systemctl stop sernet-samba-ad
> > # samba_upgradedns --dns-backend=BIND9_DLZ
> > # named -d3 -f -g -u named
> > 
> > Which then still fails, see below smb.conf
> > 
> > [global]
> >         workgroup = DOMAIN
> >         realm = DOMAIN.CORP
> >         netbios name = PDC
> >         server role = active directory domain controller
> >         idmap_ldb:use rfc2307 = yes
> >         idmap config * : range = 3000-7999
> >         winbind offline logon = Yes
> >         guest account = nobody
> >         restrict anonymous = 1
> >         winbind max clients = 2000
> >         log level = 2
> >         ldap server require strong auth = no
> >         ntlm auth = mschapv2-and-ntlmv2-only
> >         template homedir = /home/%D/%U
> >         template shell = /bin/bash
> >         interfaces = lo ens192
> >         bind interfaces only = yes
> >        server services = -dns
> >         max xmit = 65535
> >         dead time = 15
> > 
> > # Disable printer share
> >         load printers = No
> >         printcap name = /dev/null
> >         disable spoolss = Yes
> > 
> > # Enable domain TLS
> >         tls enabled  = yes
> >         tls keyfile  = tls/key.pem
> >         tls certfile = tls/cert.pem
> >         tls cafile   = tls/ca.pem
> > 
> > [netlogon]
> >         path = /var/lib/samba/sysvol/domain.corp/scripts
> >         read only = Yes
> > 
> > [sysvol]
> >         path = /var/lib/samba/sysvol
> >         read only = Yes
> >
> 
> Before I comment, can I ask a general question ?
> 
> Does anybody read the Samba wiki and/or man smb.conf ????
> 
> If I remove all the default options and lines that shouldn't be there
> (as in 'winbind offline logon = Yes', really, on a DC ?), I get this:
> 
> [global]
>         workgroup = DOMAIN
>         realm = DOMAIN.CORP
>         netbios name = PDC
>         server role = active directory domain controller
>         idmap_ldb:use rfc2307 = yes
>         log level = 2
>         ldap server require strong auth = no
>         ntlm auth = mschapv2-and-ntlmv2-only
>         template shell = /bin/bash
>         interfaces = lo ens192
>         bind interfaces only = yes
>         server services = -dns
> 
> # Disable printer share
>         load printers = No
>         printcap name = /dev/null
>         disable spoolss = Yes
> 
> [netlogon]
>         path = /var/lib/samba/sysvol/domain.corp/scripts
>         read only = Yes
> 
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = Yes
> 
> However, even with the smb.conf that is in use, there doesn't seem to
> be any reason why it isn't working. The only other thing I 
> can think of
> is, what version of ldb is installed ?
> 
> Rowland
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list