[Samba] FW: samba_kcc issue after joining the domain as a DC
Alex
samba at abisoft.biz
Wed Feb 12 09:54:58 UTC 2020
I'm sorry, after double-checking the Louis's link I've found that the domain
zone should be domain-wide, while the _msdcs stuff should be forest wide. I'll
change it and try again. Apologies.
>>>>> # samba-tool dns zonelist 172.26.1.81
>>>>> Password for [administrator at domain.com]:
>>>>> 2 zone(s) found
>>>>>
>>>>> pszZoneName : _msdcs.domain.com
>>>>> Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>>>>> ZoneType : DNS_ZONE_TYPE_PRIMARY
>>>>> Version : 50
>>>>> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>>>>> pszDpFqdn : ForestDnsZones.domain.com
>>>>>
>>>>> pszZoneName : domain.com
>>>>> Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>>>>> ZoneType : DNS_ZONE_TYPE_PRIMARY
>>>>> Version : 50
>>>>> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>>>>> pszDpFqdn : ForestDnsZones.domain.com
>>>>>
>>>> I have three zones, one being the reverse zone, but my domain zone is this:
>>>> pszZoneName : samdom.example.com
>>>> Flags : DNS_RPC_ZONE_DSINTEGRATED
>>>> DNS_RPC_ZONE_UPDATE_SECURE
>>>> ZoneType : DNS_ZONE_TYPE_PRIMARY
>>>> Version : 50
>>>> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
>>>> DNS_DP_ENLISTED
>>>> pszDpFqdn : DomainDnsZones.samdom.example.com
>>>> Notice the difference in the last line.
>>> I see the difference. I guess it's b/c you didn't upgrade the zone to
>>> forest-wide. Should I revert my zones to be domain-wide?
>>>
>> Alex, mine is correct, yours is wrong.
> Rowland, I really appreciate your help and you're probably right. But could you
> please shed some light on why yours is correct (or why mine is not)? At this
> moment, my AD is fully functional, no issues at all.
> In my humble opinion, this looks more like a bug in Samba joining procedure, b/c
> it should work well the existing AD configuration. However, it doesn't.
>> I could probably dump a list of dns DN's if needed.
> Yes, please do.
--
Best regards,
Alex Alex
More information about the samba
mailing list