[Samba] Problems with internal DNS

Rowland penny rpenny at samba.org
Tue Oct 22 15:07:01 UTC 2019


On 22/10/2019 15:52, Thomas Schweikle wrote:
>
> On Mon, Oct 21, 2019 at 5:03 PM Rowland penny via samba 
> <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote:
>
>     On 21/10/2019 15:47, Thomas Schweikle via samba wrote:
>     > Hi!
>     >
>     > Samba server set up for domain rufus.ada.de
>     <http://rufus.ada.de> a proxy is reachable in
>     > proxy.ada.de <http://proxy.ada.de>.
>
>     How are you running Samba ?
>
> As ADDC.
>
>     Please post your smb.conf.
>
> OK. Here it is:
>
> [global]
>         netbios name = AD01
>         realm = RUFUS.ADA.DE <http://RUFUS.ADA.DE>
>         server role = active directory domain controller
>         workgroup = RUFUS
>         idmap_ldb:use rfc2307 = yes
>         allow dns updates = secure only
>         dns forwarder = 172.18.8.1
>
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
>
> [netlogon]
>         path = /var/lib/samba/sysvol/rodos.bfs.de/scripts 
> <http://rodos.bfs.de/scripts>
>         read only = No

First problem, netlogon says your dns domain is 'rodos.bfs.de' but your 
REALM is 'RUFUS.ADA.DE', ignoring the case, they must be the same.

Next, your AD DC must be Authoritative for the AD dns domain and your AD 
clients must use the DC as their first nameserver and anything it 
doesn't know, it asks its forwarder.

Your /etc/resolv.conf file on the DC should be:

search <your actual dns domain>
nameserver <your DCs ipaddress>

Rowland





More information about the samba mailing list