[Samba] samba dlz. bind9 nslookup is wrong
L.P.H. van Belle
belle at bazuin.nl
Mon Aug 5 12:20:42 UTC 2019
A wrong assumtion here.
You server name is ns1.patrikx3.com according to you SOA record, but you domain : patrikx3.com, is using ns1.he.net for DNS lookups.
Just by what i see here and below.
This server, how i would setup it up.
Hostname : server1.p3x-dc.patrikx3.com
Domain name: p3x-dc.patrikx3.com
REALM : P3X-DC.PATRIKX3.COM
( ps, i suggest, use a other domainname for the domain where you AD-DC DNS is in. )
IPv4:A 192.168.78.20
IPv6:AAAA 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
PTR-4: 192.168.78.20 server1.p3x-dc.patrikx3.com
PTR-6: to 2001:470:1f1b:5b3:21b:21ff:fea6:ce93 server1.p3x-dc.patrikx3.com
I also noticed your setup for DNS CAA DKIM etc.
That migth change below a bit, start with this.
All other domains.
patrikx3.com
corifeus.com
Add as new domain, and only A records where needed.
Per ip only one PTR
Example :
resolv.conf
search p3x-dc.patrikx3.com
nameserver 192.168.78.20
nameserver 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
options edns0
This is the base you should start with.
Anything else, add it in the samba dns.
So far,
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Patrik via samba
> Verzonden: maandag 5 augustus 2019 13:34
> Aan: Rowland penny
> CC: sambalist
> Onderwerp: Re: [Samba] samba dlz. bind9 nslookup is wrong
>
> the patrikx3.com is my domain
> my AD DC domain is p3x-dc.patrikx3.com, you can see:
>
> root at server:~# cat /etc/bind/zones/enp1s0f3/patrikx3.com
> ; Replaces on ennp1s0f2 to ennp1s0f3
> ; 192.168.81. 192.168.78.
> ; 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> ; format is done with xed Linux Mint, not using tab, only space
>
> $TTL 3600
> @ 86400 IN SOA ns1.patrikx3.com. hostmaster.ns1.patrikx3.com. (
> 1
> ; Serial
> 1200
> ; Refresh
> 120
> ; Retry
> 2419200
> ; Expire
>
> 3600 )
> ; Negative Cache TTL
>
> ; Name servers
> patrikx3.com. 300 IN NS
> ns1.patrikx3.com
> .
> patrikx3.com. 300 IN MX 10
> mail.patrikx3.com.
> patrikx3.com. 300 IN TXT "v=spf1 a:
> mail.patrikx3.com -all"
> patrikx3.com. 300 IN CAA 0 issue "
> letsencrypt.org"
>
> mail._domainkey.patrikx3.com. 300 IN TXT (
> "v=DKIM1;
> h=sha256; k=rsa; "
> "p=secure"
> "secure" ) ; ----- DKIM key mail for patrikx3.com
>
> patrikx3.com. 300 IN A
> 192.168.78.20
> patrikx3.com. 300 IN AAAA
> 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
>
> uptimerobot 300 IN CNAME
> stats.uptimerobot.com.
>
>
> ; A records for name servers
> @ 300 IN A
> 192.168.78.20
> @ 300 IN AAAA
> 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> ns1 300 IN A
> 192.168.78.20
> bitang 300 IN A
> 192.168.78.40
> workstation 300 IN A
> 192.168.78.30
> ipv6 300 IN AAAA
> 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> printer 300 IN A
> 192.168.78.50
> mail 300 IN A
> 192.168.78.20
> mail 300 IN AAAA
> 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> tuti 300 IN A
> 192.168.78.21
>
> ; Other A records
> www 300 IN CNAME
> patrikx3.com.
> ;this p3x-dc domain comes from the dlz.... see it is commented
> *;p3x-dc 300 IN CNAME
> patrikx3.com
> <http://patrikx3.com>.*
> server 300 IN CNAME
> patrikx3.com.
> home.router 300 IN CNAME
> patrikx3.com.
> business.router 300 IN CNAME
> patrikx3.com.
> office.router 300 IN CNAME
> patrikx3.com.
> address-book 300 IN CNAME
> patrikx3.com.
> fortune-cookie 300 IN CNAME
> patrikx3.com.
> torrent 300 IN CNAME
> patrikx3.com.
> test 300 IN CNAME
> patrikx3.com.
> mysql 300 IN CNAME
> patrikx3.com.
> git 300 IN CNAME
> patrikx3.com.
> webhook 300 IN CNAME
> patrikx3.com.
> sync 300 IN CNAME
> patrikx3.com.
> cloud 300 IN CNAME
> patrikx3.com.
> redis 300 IN CNAME
> patrikx3.com.
> server 300 IN CNAME
> patrikx3.com.
> npm 300 IN CNAME
> patrikx3.com.
> gitlist 300 IN CNAME
> patrikx3.com.
> afraid 300 IN CNAME
> patrikx3.com.
> blog 300 IN CNAME
> patrikx3.com.
> stats 300 IN CNAME
> patrikx3.com.
> github 300 IN CNAME
> patrikx3.com.
> mongo 300 IN CNAME
> patrikx3.com.
> ldap 300 IN CNAME
> patrikx3.com.
> p3x.redis 300 IN CNAME
> patrikx3.com.
> php.redis 300 IN CNAME
> patrikx3.com.
> commander.redis 300 IN CNAME
> patrikx3.com.
>
> resume.bitang 300 IN CNAME
> bitang.patrikx3.com.
> mysql.bitang 300 IN CNAME
> bitang.patrikx3.com.
> ngivr.bitang 300 IN CNAME
> bitang.patrikx3.com.
> layout.ngivr.bitang 300 IN CNAME
> bitang.patrikx3.com.
> gitlist.bitang 300 IN CNAME
> bitang.patrikx3.com.
>
>
> resume.workstation 300 IN CNAME
> workstation.patrikx3.com.
> mysql.workstation 300 IN CNAME
> workstation.patrikx3.com.
> ngivr.workstation 300 IN CNAME
> workstation.patrikx3.com.
> layout.ngivr.workstation 300 IN CNAME
> workstation.patrikx3.com.
> gitlist.workstation 300 IN CNAME
> workstation.patrikx3.com.
>
> test1 300 IN CNAME
> tuti.patrikx3.com.
> test2 300 IN CNAME
> tuti.patrikx3.com.
>
> *Patrik*
> WWW <https://patrikx3.com> | GitHub
> <https://github.com/patrikx3/> | NPM
> <https://www.npmjs.com/~patrikx3> | Corifeus
> <https://corifeus.com> | +36
> 20 342 8046
>
>
>
>
> On Mon, Aug 5, 2019 at 1:28 PM Rowland penny via samba <
> samba at lists.samba.org> wrote:
>
> > On 05/08/2019 11:53, Patrik wrote:
> > > the file "/etc/bind/zones/enp1s0f3/patrikx3.com
> > > <http://patrikx3.com/>"; are my domain names A, AAAA,
> CNAME-s, that is
> > > where i store then, there is know AD records at all. it
> is all DLZ.
> > > *_
> > > _*
> >
> > If 'patrikx3.com' is a registered dns domain name, then you
> should have
> > used a subdomain of this for the AD dns domain.
> >
> > The file you refer to is a FLATFILE and you SHOULDN'T be
> storing your AD
> > dns records there and it ISN'T bind9_dlz.
> >
> > Rowland
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list