[Samba] Recurrent DNS issues after DC loss

lingpanda101 lingpanda101 at gmail.com
Wed Jun 6 14:55:22 UTC 2018 

On 6/6/2018 10:48 AM, Rowland Penny via samba wrote:
> On Wed, 6 Jun 2018 10:25:43 -0400
> lingpanda101 <lingpanda101 at gmail.com> wrote:
>
>> On 6/6/2018 10:02 AM, Rowland Penny via samba wrote:
>>> On Wed, 6 Jun 2018 15:40:48 +0200
>>> Ole Traupe via samba <samba at lists.samba.org> wrote:
>>>
>>>> On 06.06.2018 14:44, lingpanda101 wrote:
>>>>>> ** SNIP **
>>>>>>
>>>>>> Actually, the DCs (resolv.conf) were pointing to each other
>>>>>> initially, and I think that was at least one root of the evil. I
>>>>>> think this advice in the Samba wiki actually is rather bad (and
>>>>>> unnecessary with Samba, as has been pointed out, before?).
>>>>> Using Bind I find it's necessary to point the DC to itself. I had
>>>>> no issues pointing to another DC with the internal DNS. The Wiki
>>>>> actually mentions best practice for a multi DC environment as it
>>>>> relates to a Windows setup. I do think it's unnecessary with Samba
>>>>> however.
>>> Just where does it say this ?
>>> I will fix it
>> Hi Rowland,
>>
>>       I'm referencing here under ' DNS Configuration on Domain
>> Controller'
>>
>> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#DNS_Configuration_on_Domain_Controllers
>>
>> "The following is a best practice for DNS configuration on domain
>> controllers (DC):
>> Set the local IP of a DC as secondary or tertiary|nameserver|entry in
>> its|/etc/resolv.conf|file and use a different Active Directory (AD)
>> DNS server IP from the forest as primary name server"
>>
>> It's saying to point to each other as primary. Which is best practice
>> to avoid a island issue. I don't think it's really an issue with
>> Samba though.
>>
> It doesn't say that any more ;-)
>
> This is from my DCs
>
> root at dc4:~# cat /etc/resolv.conf
> search samdom.example.com
> nameserver 192.168.0.6
> root at dc4:~# hostname -i
> 192.168.0.6
>
> root at dc3:~# cat /etc/resolv.conf
> search samdom.example.com
> nameserver 192.168.0.7
> root at dc3:~# hostname -i
> 192.168.0.7
>
> And everything works!
>
>>> domain samdom.example.com
>>> nameserver 10.99.0.1
> Er no, 'domain' should be 'search'
>
> Rowland
>
Looks good to me. Easy to understand!

Your setup is exactly how I run today in a multi DC environment.

-- 

-JAMES

More information about the samba mailing list