[Samba] Samba generating wrong ipv6 and ipv4 address

Rowland penny rpenny at samba.org
Sat Aug 3 07:21:21 UTC 2019 

On 03/08/2019 03:01, Patrik via samba wrote:
> My config is this:
> # Global parameters
> [global]
> # bind interfaces only = Yes
> # if this is turned on, always perfect
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> #        interfaces = lo 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> # if all interfaces known, order is important, the last is the required
> # interfaces = lo 192.168.78.20 192.168.81.20
> # interfaces = lo enp1s0f3  enp1s0f2
> netbios name = SERVER
> realm = P3X-DC.PATRIKX3.COM
> # server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
> ntp_signd, kcc
>
It looks to me that you already know the answer, even if you don't 
realise it ;-)

You have turned off the culprit, 'dnsupdate', this uses a list 
'dns_update_list' to add any missing dns entries. Amongst the records it 
checks for are:

A ${HOSTNAME}                                           $IP
AAAA ${HOSTNAME}                                           $IP

${IF_RWDC}A ${DNSDOMAIN}                                          $IP
${IF_RWDC}AAAA ${DNSDOMAIN}                                          $IP

There are others.

You need to decide which interface to use and set this in smb.conf, you 
will then need to delete the incorrect dns records from AD.

Also, you are using the AD DC as a fileserver (not recommended), so can 
I suggest you change your smb.conf to this:

[global]
     netbios name = SERVER
     realm = P3X-DC.PATRIKX3.COM
     server role = active directory domain controller
     server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbindd, ntp_signd, kcc, dnsupdate
     workgroup = P3X-DC
     idmap_ldb:use rfc2307 = yes
     bind interfaces only = Yes
     interfaces = lo enp1s0f2
     # log level = 3
     template shell = /bin/bash
     template homedir = /home/%U

[netlogon]
     path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
     read only = No

[sysvol]
     path = /var/lib/samba/sysvol
     read only = No

[media]
         path = /media
         read only = no

[mounts]
         path = /mnt
         read only = no

[router-logs]
         path = /var/log-router
         read only = yes

Then go and read this:

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

If you must use a DC as a fileserver, you cannot set the permissions as 
if it is a Unix domain member.

Rowland

More information about the samba mailing list