[Samba] Samba, AD, 'short' name resolving...

Marco Gaiarin gaio at sv.lnf.it
Fri Jun 15 14:03:15 UTC 2018 

Mandi! L.P.H. van Belle via samba
  In chel di` si favelave...

> But thats a wild guess, but if a dev knows any reply may help here. 
> We cant know everything..  

Sorry, i was busy on other things...


I repeat: TSIG errors are ''sporadically'' and happen mostly on a DC
that have in these days some connectivity troubles.

My original post on this subject was an excuse, to simply try to
understand:

a) why client register itself on ''far DC'' and not on the DC in the
 site; Louis, you reply me on that, but that policy you point me are
still a bit mysterious...

b) i've noted that dns registration in my ''old'' DNS/DHCP setup tend
 to ''diverge'' from the AD DNS registration.

I've done some test now, and seems that b) was caused by a) and the
connectivity trouble; now all registration seems coherent...


Anyway... yes, i've no reverse zone (they are on my old setup), and mu
bind cnfiguration is simple:

 root at vdcsv1:~# less /etc/bind/named.conf.options | grep -v '//' | grep -v '^[[:space:]]*$'
 acl "trusted" {
	localhost;
	10.5.1.0/24;
	10.5.2.0/24;
	10.27.1.3/32;
	10.27.1.5/32;
	10.27.1.21/32;
	10.27.1.23/32;
	10.99.1.1/32;
	10.99.1.3/32;
	10.99.25.1/32;
	10.99.25.2/32;
 };
 options {
	directory "/var/cache/bind";
	forwarders {
		10.5.1.3;
		10.5.1.5;
	};
	forward only;
	allow-query { "any"; };
	allow-recursion { "trusted"; };
	allow-query-cache { "trusted"; };
	allow-notify { "none"; };
	auth-nxdomain yes;    # conform to RFC1035
	listen-on-v6 { any; };
	notify no;
	empty-zones-enable no;
	tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
 };


Thanks and happy WE!!!

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list