[Samba] Samba AD-DC idmap config
Rowland penny
rpenny at samba.org
Fri Oct 18 18:09:12 UTC 2019
On 18/10/2019 18:48, John Redmond wrote:
> DNS is another area where I have read and experimented a lot. Result:
> confusion. Again, I'm using fresh installs of Ubuntu 18.04 LTS
> "server" for both the AD-DC and the fileserver machines. Here's what
> the various config files on the fileserver look like now. Test
> results are not exactly what they should be, according to
> wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
> <https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member>.
> I'm not sure if or how DNS is broken.
>
> Thanks for your assistance!
>
> John
>
> # /etc/hosts
>
> 127.0.0.1 localhost localhost.samdom.example.com
> <http://localhost.samdom.example.com>
> 10.199.251.11 fsvr0 fsvr0.samdom.example.com
> <http://fsvr0.samdom.example.com>
> 10.199.251.10 dc0 dc0.samdom.example.com
> <http://dc0.samdom.example.com>
>
Replace the above with this:
127.0.0.1 localhost
10.199.251.11 fsvr0.samdom.example.com fsvr0
>
> # The following lines are desirable for IPv6 capable hosts
> ::1 ip6-localhost ip6-loopback
> fe00::0 ip6-localnet
> ff00::0 ip6-mcastprefix
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
>
> # EOF
>
> # /etc/netplan/01-netconfig.yaml
Ah, netplan, I personally just brute force it by removing it, but you
might want to read this instead:
https://github.com/thctlo/samba4/blob/master/full-howto-Ubuntu18.04-samba-AD_DC.txt
> network:
> version: 2
> ethernets:
> eth0:
> dhcp4: no
> addresses: [10.199.251.11/24
> <http://10.199.251.11/24>]
> gateway4: 10.199.251.1
> nameservers:
> search: [samdom.example.com
> <http://samdom.example.com>]
> addresses: [10.199.251.10]
>
> #EOF
>
> # /run/systemd/resolve/stub-resolv.conf
>
> nameserver 127.0.0.53
> options edns0
> search samdom.example.com <http://lan.lenkin.com> workgroup
>
> #EOF
That may or may not work
>
> # /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
>
> network:
> config: disabled
>
> #EOF
>
> Testing DNS
>
> _admin at fsvr0:/$ nslookup dc0.samdom.example.com
> <http://dc0.samdom.example.com>_
>
> Server: 127.0.0.53
>
> Address: 127.0.0.53#53
>
>
> Non-authoritative answer:
>
> Name: dc0.samdom.example.com <http://dc0.samdom.example.com>
>
> Address: 10.199.251.10
>
>
> _admin at fsvr0:/$ nslookup 10.199.251.10_
>
> 10.251.199.10.in-addr.arpa name = dc0.
>
> 10.251.199.10.in-addr.arpa name = dc0.samdom.example.com
> <http://dc0.samdom.example.com>.
>
>
> Authoritative answers can be found from:
>
>
> _admin at fsvr0:/$ nslookup_
>
> > set type=SRV
>
> > _ldap._tcp.samdom.example.com <http://tcp.samdom.example.com>.
>
> Server: 127.0.0.53
>
> Address: 127.0.0.53#53
>
>
> Non-authoritative answer:
>
> _ldap._tcp.lan.lenkin.com <http://tcp.lan.lenkin.com> service
> = 0 100 389 dc0.samdom.example.com
> <http://dc0.samdom.example.com>.
>
> Authoritative answers can be found from:
>
> >
>
> _admin at fsvr0:/$ getent hosts fsvr0_
>
> 10.199.251.11 fsvr0 fsvr0.samdom.example.com
> <http://fsvr0.samdom.example.com>
>
Lokks like it does ;-)
Rowland
More information about the samba
mailing list