[Samba] Samba generating wrong ipv6 and ipv4 address
Rowland penny
rpenny at samba.org
Sat Aug 3 07:21:21 UTC 2019
On 03/08/2019 03:01, Patrik via samba wrote:
> My config is this:
> # Global parameters
> [global]
> # bind interfaces only = Yes
> # if this is turned on, always perfect
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> # interfaces = lo 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> # if all interfaces known, order is important, the last is the required
> # interfaces = lo 192.168.78.20 192.168.81.20
> # interfaces = lo enp1s0f3 enp1s0f2
> netbios name = SERVER
> realm = P3X-DC.PATRIKX3.COM
> # server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
> ntp_signd, kcc
>
It looks to me that you already know the answer, even if you don't
realise it ;-)
You have turned off the culprit, 'dnsupdate', this uses a list
'dns_update_list' to add any missing dns entries. Amongst the records it
checks for are:
A ${HOSTNAME} $IP
AAAA ${HOSTNAME} $IP
${IF_RWDC}A ${DNSDOMAIN} $IP
${IF_RWDC}AAAA ${DNSDOMAIN} $IP
There are others.
You need to decide which interface to use and set this in smb.conf, you
will then need to delete the incorrect dns records from AD.
Also, you are using the AD DC as a fileserver (not recommended), so can
I suggest you change your smb.conf to this:
[global]
netbios name = SERVER
realm = P3X-DC.PATRIKX3.COM
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
workgroup = P3X-DC
idmap_ldb:use rfc2307 = yes
bind interfaces only = Yes
interfaces = lo enp1s0f2
# log level = 3
template shell = /bin/bash
template homedir = /home/%U
[netlogon]
path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[media]
path = /media
read only = no
[mounts]
path = /mnt
read only = no
[router-logs]
path = /var/log-router
read only = yes
Then go and read this:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
If you must use a DC as a fileserver, you cannot set the permissions as
if it is a Unix domain member.
Rowland
More information about the samba
mailing list