[Samba] Recurrent DNS issues after DC loss

Ole Traupe ole.traupe at tu-berlin.de
Thu Jun 7 11:53:30 UTC 2018

Quick update on the actual issue: after removing just all the DNS 
entries associated with the dead DC, and restarting Windows clients and 
also Samba processes on the file server, my domain appears to be stable 
for roughly 18h now (=no logon or share/file access issues).


On 06.06.2018 21:54, lingpanda101 wrote:
> On 6/6/2018 11:02 AM, Ole Traupe via samba wrote:
>> On 06.06.2018 16:02, Rowland Penny via samba wrote:
>>>> I seem to remember having read here on the list, that it is no good
>>>> idea to mix samba versions in a domain. If there is sound advice to
>>>> do it anyways, I would be up for trying it. However, as I have
>>>> written above, I messed up the uid/gid ranges. To my understanding,
>>>> later versions of Samba (like 4.5) _require_ the ranges to comply to
>>>> the defaults as denoted by the wiki.
>>> There is nothing to stop you using different versions on DCs and you
>>> can do the same with Unix domain members, unless you are using the 'ad'
>>> backend  and are NOT using Domain Users as the users Unix primary 
>>> group.
>>> It is however, best practise to use the same major version, just to get
>>> similar capabilities on all machines.
>> So in theory, if I hadn't messed up my id map ranges (domain groups 
>> start with 2000), and if I hadn't begun removing stuff manually, and 
>> if I wouldn't use Domain Users as primary group, I could have joined 
>> an up-to-date DC and used the new script for demoting the dead one.
>> I am not trying to sound sarcastic. I am trying to understand, and 
>> see whether perhaps there is still hope for such a maneuver.
>> Ole
> Ole,
>     Yes. However can you point me to the patch notes where you 
> indicate you are unable to upgrade? I don't see why you still can't 
> join a new machine if you cleanup the current DC. I assume reading the 
> patch notes would clarify this for me.
> -James

More information about the samba mailing list