[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS
Rowland penny
rpenny at samba.org
Wed Apr 29 13:33:46 UTC 2020
On 29/04/2020 11:42, Rowland penny via samba wrote:
> On 29/04/2020 10:58, Olaf Dreyer via samba-technical wrote:
>>
>> I run a setup with two Samba DC (currently samba 4.12.2 on debian 10
>> VMs). I started with a Windows 2003 DC but the last Windows DC has
>> been removed a few years ago from this setup.
>
> this is really the wrong list for this, so i have CC'ed the samba
> mailing list, please reply there.
>
> You say you started with Win 2003, but was the domain initially
> provisioned on 2000k ? or does it have the 2000k dns ?
>
> See here:
>
> https://support.microsoft.com/en-gb/help/817470/how-to-reconfigure-an-msdcs-subdomain-to-a-forest-wide-dns-application
>
>
> Rowland
>
>
>
Olaf Posted this to samba-technical (even though I asked him to reply here):
Hi Rowland,
this is a good question. Does this listing help or answer?
root at OMTNDC3:/usr/local/samba/private/sam.ldb.d# ls -al
total 93220 Node,CN=Schema,CN=Configuration,DC=omtn,DC=de
drwxr-x--- 2 root bind 4096 Apr 28 16:03 .
drwx------ 7 root root 4096 Apr 29 11:25 ..
-rw------- 1 root staff 30384128 Apr 29 12:46
'CN=CONFIGURATION,DC=OMTN,DC=DE.ldb'
-rw------- 1 root staff 33878016 Apr 29 12:46
'CN=SCHEMA,CN=CONFIGURATION,DC=OMTN,DC=DE.ldb'
-rw-rw---- 1 root bind 4247552 Apr 29 12:46
'DC=DOMAINDNSZONES,DC=OMTN,DC=DE.ldb'
-rw-rw---- 1 root bind 6885376 Apr 29 12:46
'DC=FORESTDNSZONES,DC=OMTN,DC=DE.ldb'
-rw------- 1 root staff 19218432 Apr 29 12:46 'DC=OMTN,DC=DE.ldb'
-rw-rw---- 1 root bind 831488 Apr 29 11:07 metadata.tdb
Some output from ldb
/usr/local/samba/bin/ldbsearch --cross-ncs --show-binary -H
/usr/local/samba/private/sam.ldb -b dc=omtn,dc=de -s sub
'(&(objectclass=dnsNode)(name=*))' > ~/addns
oot at OMTNDC8:~# grep dn: ~/addns | grep DNS | grep "_ms"
dn:
DC=_kerberos._tcp.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_ldap._tcp.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_ldap._tcp.b66950c4-e9b8-4bc9-b625-5b7d8a36f903.domains._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_ldap._tcp.CorporateDataCenter._sites.gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=7abd666f-d3bc-4e8f-9ff3-cf3abd802ee5._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_ldap._tcp.gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_tcp.CorporateDataCenter._sites.gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn: DC=gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn: DC=_msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_kerberos._tcp.CorporateDataCenter._sites.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_ldap._tcp.pdc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=8e100b0b-c414-4fef-9137-a16749633c5d._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=2d035437-cec0-4a24-bdd0-0b599915e3b6._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
dn:
DC=_ldap._tcp.CorporateDataCenter._sites.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
So, in answer to the question Olaf posed, yes it helps, he has the 2000k
dns which isn't compatible with the Samba dns.
Rowland
More information about the samba
mailing list