[Samba] Recurrent DNS issues after DC loss
ole.traupe at tu-berlin.de
Wed Jun 6 14:26:53 UTC 2018
On 06.06.2018 16:02, Rowland Penny via samba wrote:
> On your DC, set the AD DNS domain in the domain and the IP of your DC in the nameserver parameter of the /etc/resolv.conf file. For example:
> domain samdom.example.com
> nameserver 10.99.0.1
So "domain" and not "search"? I had "search" set due to the result of
some discussion on the list.
>> I seem to remember having read here on the list, that it is no good
>> idea to mix samba versions in a domain. If there is sound advice to
>> do it anyways, I would be up for trying it. However, as I have
>> written above, I messed up the uid/gid ranges. To my understanding,
>> later versions of Samba (like 4.5) _require_ the ranges to comply to
>> the defaults as denoted by the wiki.
> There is nothing to stop you using different versions on DCs and you
> can do the same with Unix domain members, unless you are using the 'ad'
> backend and are NOT using Domain Users as the users Unix primary group.
Why and how would I _not_ do this?
> It is however, best practise to use the same major version, just to get
> similar capabilities on all machines.
>> I will do that. I am using RSAT. Would I eradicate the complete site
>> associated with the dead DC? Or which containers/objects in
> If the DC was the only one at a site and you have no other computers at
> that site, then yes you can delete the site.
No, there are other computers at the site, Windows clients and Linux
I was able to remove the NTDS "connection" entry from Sites and Services.
However, I wasn't able to remove the DC itself from Sites and Service as
well as from "Domain Controllers" in ADUC. I get "Windows cannot delete
object [...] because: The specified module could not be found."
Thanks a lot, Rowland!
More information about the samba