[Samba] Recurrent DNS issues after DC loss

[lingpanda101]

On 6/6/2018 10:02 AM, Rowland Penny via samba wrote:
> On Wed, 6 Jun 2018 15:40:48 +0200
> Ole Traupe via samba <samba at lists.samba.org> wrote:
>
>>
>> On 06.06.2018 14:44, lingpanda101 wrote:
>>>> ** SNIP **
>>>>
>>>> Actually, the DCs (resolv.conf) were pointing to each other
>>>> initially, and I think that was at least one root of the evil. I
>>>> think this advice in the Samba wiki actually is rather bad (and
>>>> unnecessary with Samba, as has been pointed out, before?).
>>> Using Bind I find it's necessary to point the DC to itself. I had
>>> no issues pointing to another DC with the internal DNS. The Wiki
>>> actually mentions best practice for a multi DC environment as it
>>> relates to a Windows setup. I do think it's unnecessary with Samba
>>> however.
> Just where does it say this ?
> I will fix it
Hi Rowland,

     I'm referencing here under ' DNS Configuration on Domain Controller'

https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#DNS_Configuration_on_Domain_Controllers

"The following is a best practice for DNS configuration on domain 
controllers (DC):
Set the local IP of a DC as secondary or tertiary|nameserver|entry in 
its|/etc/resolv.conf|file and use a different Active Directory (AD) DNS 
server IP from the forest as primary name server"

It's saying to point to each other as primary. Which is best practice to 
avoid a island issue. I don't think it's really an issue with Samba though.


> Basically all you need is what is on the DC page:
>
> Configuring the DNS Resolver
>
> Domain members in an AD use DNS to locate services, such as LDAP and Kerberos. For that, they need to use a DNS server that is able to resolve the AD DNS zone.
>
> On your DC, set the AD DNS domain in the domain and the IP of your DC in the nameserver parameter of the /etc/resolv.conf file. For example:
>
> domain samdom.example.com
> nameserver 10.99.0.1
>
> ** SNIP **
> Rowland
>
>
>
-JAMES