[Samba] Problems with internal DNS
Thomas Schweikle
tschweikle at gmail.com
Tue Oct 22 15:18:40 UTC 2019
On Tue, Oct 22, 2019 at 5:07 PM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 22/10/2019 15:52, Thomas Schweikle wrote:
> >
> > On Mon, Oct 21, 2019 at 5:03 PM Rowland penny via samba
> > <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote:
> >
> > On 21/10/2019 15:47, Thomas Schweikle via samba wrote:
> > > Hi!
> > >
> > > Samba server set up for domain rufus.ada.de
> > <http://rufus.ada.de> a proxy is reachable in
> > > proxy.ada.de <http://proxy.ada.de>.
> >
> > How are you running Samba ?
> >
> > As ADDC.
> >
> > Please post your smb.conf.
> >
> > OK. Here it is:
> >
> > [global]
> > netbios name = AD01
> > realm = RUFUS.ADA.DE <http://RUFUS.ADA.DE>
> > server role = active directory domain controller
> > workgroup = RUFUS
> > idmap_ldb:use rfc2307 = yes
> > allow dns updates = secure only
> > dns forwarder = 172.18.8.1
> >
> > [sysvol]
> > path = /var/lib/samba/sysvol
> > read only = No
> >
> > [netlogon]
> > path = /var/lib/samba/sysvol/rodos.bfs.de/scripts
> > <http://rodos.bfs.de/scripts>
> > read only = No
>
> First problem, netlogon says your dns domain is 'rodos.bfs.de' but your
> REALM is 'RUFUS.ADA.DE', ignoring the case, they must be the same.
>
Ahm yes. This was a mistake made by copy and paste ... I've corrected it.
It now reads:
path = /var/lib/samba/sysvol/rufus.ada.de/scripts
<http://rodos.bfs.de/scripts>
> Next, your AD DC must be Authoritative for the AD dns domain and your AD
> clients must use the DC as their first nameserver and anything it
> doesn't know, it asks its forwarder.
>
> Your /etc/resolv.conf file on the DC should be:
>
> search <your actual dns domain>
> nameserver <your DCs ipaddress>
>
Does "localhost" work?
search ada.de.
domain ada.de
nameserver localhost
Or does it have to be the extern reachable address?
If I look at
samba 1500 root 47u IPv6 26355 0t0 TCP *:53 (LISTEN)
samba 1500 root 49u IPv6 26356 0t0 UDP *:53
samba 1500 root 50u IPv4 26357 0t0 TCP *:53 (LISTEN)
samba 1500 root 51u IPv4 26358 0t0 UDP *:53
samba binds to "*" aka "all addresses". But does it mean it does not answer
to localhost incoming queries?
Rowland
>
--
Thomas
More information about the samba
mailing list