[Samba] samba_dns_question

Rowland Penny rpenny at samba.org
Tue Jan 22 12:07:16 UTC 2019

On Tue, 22 Jan 2019 13:18:40 +0200
Hajdu Szabolcs via samba <samba at lists.samba.org> wrote:

> options {
>      directory "/var/cache/bind";
>       forwarders {
> ;;
>       };
>      dnssec-validation no;
>      auth-nxdomain no;    # conform to RFC1035
>      listen-on-v6 { any; };
>      notify no;
>      empty-zones-enable no;
>      tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
> };

My name,conf.options file is a bit different to yours, but I don't
think any of the differences would stop your problem.

The 'CNF' is coming from something creating the records and
then, very shortly afterwards, something else creates the same records.
This could something on the same DC, but it is most likely to be
replication. Whatever it is, the first record gets marked with 'CNF'
and the second record is used.

As your Samba and Bind files seem to be OK, I think we need to step
back a bit.

From what you posted, you installed Samba and then joined it as a DC to
an existing AD domain, what is this AD domain composed of and did the
DNS records already exist in AD ?

You are having problems with reverse zones, these are not created
automatically, are you creating these manually and if so, how ?


More information about the samba mailing list