[Samba] User names not replicating to secondary DC
Rowland penny
rpenny at samba.org
Thu Feb 27 20:16:50 UTC 2020
On 27/02/2020 19:56, durwin at mgtsciences.com wrote:
>
> > Why are you using the internal dns server on one DC and Bind9 on the
> other ?
> I am very familiar with configuring Named on Fedora. I thought it
> would be
> just as easy on Ubuntu. After discovering the files were in different
> places
> and so many more being 'included', I decided to use internal on the
> second
> one. I believe there is a command to switch over to internal, correct?
There is, samba_upgradedns, but in your case, I would suggest you
upgrade the internal dns to bind9. Every DC is authoritative for the dns
domain, there are no slaves. this means that your forwarders must be
outside the AD dns domain.
Try this /etc/bind/named.conf.options:
acl "trusted" {
172.23.93.0/24;
127.0.0.1;
};
options {
directory "/var/cache/bind";
notify no;
empty-zones-enable no;
allow-query { trusted;};
allow-recursion { trusted;};
forwarders { 8.8.8.8; };
allow-transfer { none;};
dnssec-validation no;
dnssec-enable no;
dnssec-lookaside no;
listen-on-v6 { none; };
listen-on port 53 { 172.23.93.25; 127.0.0.1; };
tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
};
Rowland
More information about the samba
mailing list