[Samba] Internal DNS migrate to Bind9_DLZ

Eben Victor eben.victor at gmail.com
Mon Jul 30 20:46:50 UTC 2018 

Hello Louis,

My search order is correct, I have even tried shifting around and it's
still failing with the same errors.

Kind Regards

On Mon, Jul 30, 2018 at 5:13 PM L.P.H. van Belle via samba <
samba at lists.samba.org> wrote:

> > > > 30-Jul-2018 10:26:40.027 samba_dlz: starting configure
> > > > 30-Jul-2018 10:26:40.049 dns_rdata_fromtext: buffer-0x7facd1f60dc0:1:
> > > > near eof: unexpected end of input
> > > > 30-Jul-2018 10:26:40.049 Failed to put rr
> > > > 30-Jul-2018 10:26:40.269 zone domain.corp/NONE: has 0 SOA records
> > > > 30-Jul-2018 10:26:40.269 zone domain.corp/NONE: has no NS records
> > > > 30-Jul-2018 10:26:40.270 samba_dlz: Failed to configure zone
> > > > 'domain.corp' 30-Jul-2018 10:26:40.270 loading configuration: bad
> zone
> > > > 30-Jul-2018 10:26:40.270 exiting (due to fatal error)
>
>
> I've seen this before, but long ago.
> What is happening here is that for some reason, domain.corp is loaded (
> and as said, this not the primary domain )
> But its loaded before the primary domain and that causes the crash.
>
> Check the search or domain order of resolv.conf, and make sure your
> primary domain is set first.
> If thats already the case.
>
> It is fixable, but pff, i cant remember how i fixed that.
>
> Main couse.
> Your.domain.tld ( primary )
> You created the alias, err.
>
> Beter is.
> Your.domain.tld ( primary )
> Extra zone: domain.tld
> And alais the hosts not the domain.
>
> If i can recall more tonight, i'll post that tomorrow.
>
>
> Greetz,
>
> Louis
>
>
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Rowland Penny via samba
> > Verzonden: maandag 30 juli 2018 16:15
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] Internal DNS migrate to Bind9_DLZ
> >
> > On Mon, 30 Jul 2018 15:42:45 +0200
> > Eben Victor <eben.victor at gmail.com> wrote:
> >
> > > Hello Rowland,
> > >
> > > selinux has been disabled, I also ran th follow
> > >
> > > # systemctl stop sernet-samba-ad
> > > # samba_upgradedns --dns-backend=BIND9_DLZ
> > > # named -d3 -f -g -u named
> > >
> > > Which then still fails, see below smb.conf
> > >
> > > [global]
> > >         workgroup = DOMAIN
> > >         realm = DOMAIN.CORP
> > >         netbios name = PDC
> > >         server role = active directory domain controller
> > >         idmap_ldb:use rfc2307 = yes
> > >         idmap config * : range = 3000-7999
> > >         winbind offline logon = Yes
> > >         guest account = nobody
> > >         restrict anonymous = 1
> > >         winbind max clients = 2000
> > >         log level = 2
> > >         ldap server require strong auth = no
> > >         ntlm auth = mschapv2-and-ntlmv2-only
> > >         template homedir = /home/%D/%U
> > >         template shell = /bin/bash
> > >         interfaces = lo ens192
> > >         bind interfaces only = yes
> > >        server services = -dns
> > >         max xmit = 65535
> > >         dead time = 15
> > >
> > > # Disable printer share
> > >         load printers = No
> > >         printcap name = /dev/null
> > >         disable spoolss = Yes
> > >
> > > # Enable domain TLS
> > >         tls enabled  = yes
> > >         tls keyfile  = tls/key.pem
> > >         tls certfile = tls/cert.pem
> > >         tls cafile   = tls/ca.pem
> > >
> > > [netlogon]
> > >         path = /var/lib/samba/sysvol/domain.corp/scripts
> > >         read only = Yes
> > >
> > > [sysvol]
> > >         path = /var/lib/samba/sysvol
> > >         read only = Yes
> > >
> >
> > Before I comment, can I ask a general question ?
> >
> > Does anybody read the Samba wiki and/or man smb.conf ????
> >
> > If I remove all the default options and lines that shouldn't be there
> > (as in 'winbind offline logon = Yes', really, on a DC ?), I get this:
> >
> > [global]
> >         workgroup = DOMAIN
> >         realm = DOMAIN.CORP
> >         netbios name = PDC
> >         server role = active directory domain controller
> >         idmap_ldb:use rfc2307 = yes
> >         log level = 2
> >         ldap server require strong auth = no
> >         ntlm auth = mschapv2-and-ntlmv2-only
> >         template shell = /bin/bash
> >         interfaces = lo ens192
> >         bind interfaces only = yes
> >         server services = -dns
> >
> > # Disable printer share
> >         load printers = No
> >         printcap name = /dev/null
> >         disable spoolss = Yes
> >
> > [netlogon]
> >         path = /var/lib/samba/sysvol/domain.corp/scripts
> >         read only = Yes
> >
> > [sysvol]
> >         path = /var/lib/samba/sysvol
> >         read only = Yes
> >
> > However, even with the smb.conf that is in use, there doesn't seem to
> > be any reason why it isn't working. The only other thing I
> > can think of
> > is, what version of ldb is installed ?
> >
> > Rowland
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
Eben Victor
Cell:  +27 82 759 5266
Email: eben.victor at gmail.com

More information about the samba mailing list