[Samba] Samba4 DNS SOA Records
Julien TEHERY
julien.tehery at openevents.fr
Mon May 27 08:39:40 UTC 2019
Le 27/05/2019 à 10:34, Rowland penny via samba a écrit :
> On 27/05/2019 09:12, Julien TEHERY via samba wrote:
>> Le 27/05/2019 à 09:50, Rowland penny via samba a écrit :
>>> On 27/05/2019 08:28, Julien TEHERY via samba wrote:
>>>> Hi
>>>>
>>>> I have a setup with 2 DC on a main site, et 14 DCs which are
>>>> located on 7 AD sites.
>>>> I recently noticed in my DNS zones that my SOA record is associated
>>>> to the last DC that was joined to the domain.
>>>> But this DC is located on one of the remote sites.
>>>>
>>>> Is this behavior normal or would it be better if I updated this
>>>> record via "samba-tool dns update" to point it to one of my 3 main
>>>> DCs ?
>>>>
>>>>
>>> All DC's are authoritative for the dns domain (they are all masters,
>>> it's called multi-master), so they should all be associated with the
>>> SOA record.
>>>
>>> If I ask each DC in my domain (I have two) for the SOA, I get this:
>>>
>>> root at dc4:~# host -t soa samdom.example.com
>>> samdom.example.com has SOA record dc4.samdom.example.com.
>>> hostmaster.samdom.example.com. 8283 900 600 86400 3600
>>>
>>> root at dc5:~# host -t soa samdom.example.com
>>> samdom.example.com has SOA record dc5.samdom.example.com.
>>> hostmaster.samdom.example.com. 8283 900 600 86400 3600
>>>
>>> As you can see, each claims to be the master.
>>>
>>> Rowland
>>>
>> Correct, I have the same behavior on each DC.
>>
>> But In ADUC console I saw in DNS zones that the 5th DC (remote site)
>> is declared as SOA and is the only one
> I don't use ADUC much and I don't use 'sites' either, so I don't
> really know.
>>
>> In CLI on my main DC, if I do " samba-tool dns query localhost
>> mydomain.lan @ ALL -U Administrator" I get:
>>
>> Name=, Records=33, Children=0
>> SOA: serial=286, refresh=900, retry=600, expire=86400,
>> minttl=3600, ns=dc-5.mydomain.lan., email=hostmaster.mydomain.lan.
>> (flags=600000f0, serial=286, ttl=3600)
>>
>>
>> Does it matter ?
>
> As long as that is a 'cropped' output and you get the same output on
> all DC's, then no, it doesn't matter.
>
> Rowland
>
>
Ok, well yes they all answer the same result. Thanks for your
explanations :)
More information about the samba
mailing list