[Samba] FW: samba_kcc issue after joining the domain as a DC
Alex
samba at abisoft.biz
Wed Feb 12 09:24:22 UTC 2020
>>>> # samba-tool dns zonelist 172.26.1.81
>>>> Password for [administrator at domain.com]:
>>>> 2 zone(s) found
>>>>
>>>> pszZoneName : _msdcs.domain.com
>>>> Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>>>> ZoneType : DNS_ZONE_TYPE_PRIMARY
>>>> Version : 50
>>>> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>>>> pszDpFqdn : ForestDnsZones.domain.com
>>>>
>>>> pszZoneName : domain.com
>>>> Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>>>> ZoneType : DNS_ZONE_TYPE_PRIMARY
>>>> Version : 50
>>>> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>>>> pszDpFqdn : ForestDnsZones.domain.com
>>>>
>>> I have three zones, one being the reverse zone, but my domain zone is this:
>>> pszZoneName : samdom.example.com
>>> Flags : DNS_RPC_ZONE_DSINTEGRATED
>>> DNS_RPC_ZONE_UPDATE_SECURE
>>> ZoneType : DNS_ZONE_TYPE_PRIMARY
>>> Version : 50
>>> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
>>> DNS_DP_ENLISTED
>>> pszDpFqdn : DomainDnsZones.samdom.example.com
>>> Notice the difference in the last line.
>> I see the difference. I guess it's b/c you didn't upgrade the zone to
>> forest-wide. Should I revert my zones to be domain-wide?
>>
> Alex, mine is correct, yours is wrong.
Rowland, I really appreciate your help and you're probably right. But could you
please shed some light on why yours is correct (or why mine is not)? At this
moment, my AD is fully functional, no issues at all.
In my humble opinion, this looks more like a bug in Samba joining procedure, b/c
it should work well the existing AD configuration. However, it doesn't.
> I could probably dump a list of dns DN's if needed.
Yes, please do.
--
Best regards,
Alex Alex
More information about the samba
mailing list