[Samba] Issues with RODC
Rowland Penny
rpenny at samba.org
Mon May 6 06:59:14 UTC 2019
On Mon, 6 May 2019 08:42:03 +0200
Adam Minski <aminski316 at gmail.com> wrote:
>
> Good Morning.
>
> I've tested RODC functionality using samba-4.9.4 and
> samba-4.11.0pre1-GIT-f1a1c300e19 built on Debian 9. The builds using
> the internal Heimdal KDC and the internal DNS backend.
>
> For me there's no lack of LDAP SPNs and samba_dnsupdate works as
> expected, except the GC SRV entry isn't created. But this seems
> intended (why?), look at source4/scripting/bin/samba_dnsupdate line
> 699.
From my understanding, samba_dnsupdate cannot write to an RODC, so it
must be forwarding the changes to an RWDC. As for why is an RODC not a
GC, ask Microsoft, as this is the default for RODC's.
>
> You must configure dns forwarder to get it working.
Oh yes, dns must work.
> In the Windows world DNS records of RODCs are added automatically.
Then, Samba should do this.
Rowland
More information about the samba
mailing list