[Samba] Samba DNS fails when queried with nslookup commands

Thu Aug 13 12:45:35 UTC 2020

Hi Louis and Rowland,

        Thanks for the help. Below is the information requested before I 
change anything.

nameserver 172.16.23.30
nameserver 172.16.23.28
nameserver 127.0.0.53
search domain.local  (I know)

@soldc4:~$ cat /etc/hosts
127.0.0.1 localhost
#127.0.1.1 soldc4
172.16.23.30    soldc4.domain.local       soldc4

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

@soldc4:~$ cat /etc/network/interfaces
# ifupdown has been replaced by netplan(5) on this system.  See
# /etc/netplan for current configuration.
# To re-enable ifupdown on this system, you can run:
#    sudo apt install ifupdown

@soldc4:~$ cat /etc/netplan/50-cloud-init.yaml
# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
     ethernets:
         enp0s3:
             addresses: [172.16.23.30/24]
             gateway4: 172.16.23.201
             dhcp4: no
             nameservers:
                     addresses: [172.16.23.30,172.16.23.28]
                     search: [domain.local]

     version: 2

@soldc4:~$ ls -la /etc/systemd/network/
total 8
drwxr-xr-x 2 root root 4096 Apr 20  2018 .
drwxr-xr-x 5 root root 4096 Jun 29 09:54 ..

@soldc4:~$ cat /etc/systemd/resolved.conf
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details

[Resolve]
#DNS=
#FallbackDNS=
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#Cache=yes
#DNSStubListener=yes

1 at soldc4:~$ cat /usr/local/samba/etc/smb.conf
# Global parameters
[global]
         netbios name = SOLDC4
         realm = DOMAIN.LOCAL
         server role = active directory domain controller
         workgroup = DOMAIN
         dns forwarder = 75.75.75.75 208.67.222.222
         idmap_ldb:use rfc2307 = Yes

         log file = /usr/local/samba/var/log.samba
         log level = 1 auth_audit:3 auth_json_audit:3
         debug timestamp = Yes
         debug uid = Yes
         debug pid = Yes

         ldap server require strong auth = no

[sysvol]
         path = /usr/local/samba/var/locks/sysvol
         read only = No

[netlogon]
         path = /usr/local/samba/var/locks/sysvol/domain.local/scripts
         read only = No

Thanks again for any help.

On 8/13/2020 3:19 AM, L.P.H. van Belle via samba wrote:
> Hai,
>
> Only the forwarder is running in this systemd setup.
> This :  127.0.0.53:53 does NOT conflict with normaly resolv.conf setting
> Because samba or any dns server does not run on 127.0.0.53
> Dont make the mistake to see this for : 127.0.0.1
>
> Please show :
> /etc/hosts
> /etc/resolv.conf
>
> Depending on which one your using:
>
> /etc/network/interfaces and/or
>
>
> /etc/netplan/01-netcfg.yaml
> /etc/systemd/network/..  Output of all files in this folder.
> /etc/systemd/resolved.conf
>
> On one (or more)  of these files is a misconfiguration.
>
> Greetz,
>
> Louis
>   
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> Rowland penny via samba
>> Verzonden: donderdag 13 augustus 2020 8:19
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Samba DNS fails when queried with
>> nslookup commands
>>
>> On 12/08/2020 21:49, James Atwell via samba wrote:
>>> Hello,
>>>
>>>       Having issues with a DC not responding to DNS requests. OS is
>>> Ubuntu 18.04.4 LTS. Samba version 4.12.2 compiled from source.
>>> Checking to see what is listening on port 53 reports;
>>>
>>> @soldc4:~# netstat -tulpn | grep ":53"
>>> tcp        0      0 127.0.0.53:53 0.0.0.0:* LISTEN
>>> 2935/systemd-resolv
>>> tcp6       0      0 :::53 :::*                    LISTEN
>> 2694/samba:
>>> task[dn
>>> udp        0      0 127.0.0.53:53 0.0.0.0:*
>>            
>>> 2935/systemd-resolv
>>> udp6       0      0 :::53 :::* 2694/samba: task[dn
>>>
>>>
>>> How do I disable systemd-resolve and ensure only samba is
>> listening on
>>> port 53 for DNS requests?  You can see below nslookup succeeds when
>>> querying another server in the network but fails on this one.
>>>
>>> root at soldc4:~# nslookup google.com soldc1
>>> Server:         soldc1
>>> Address:        172.16.23.28#53
>>>
>>> Non-authoritative answer:
>>> Name:   google.com
>>> Address: 172.217.7.238
>>> Name:   google.com
>>> Address: 2607:f8b0:4004:806::200e
>>>
>>> root at soldc4:~# nslookup google.com soldc4
>>> ;; connection timed out; no servers could be reached
>>>
>> Last time I set up a DC on 18.04 I did this:
>>
>> sudo systemctl stop systemd-resolved
>> sudo systemctl disable systemd-resolved.service
>>
>> Rowland
>>
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>