[Samba] Domain joined with legacy DNS zones
Daniel Betschart
dbet1 at gmx.net
Fri Mar 27 10:31:45 UTC 2020
I have joined a Samba server 4.9.5 to a Microsoft SBS 2011 server, i.e.
a Windows Server 2008 R2. That worked, but only if I made the
replication of the DNS reverse zone Windows 2000 compatible. However,
Samba now cannot replicate the DNS.
Before I changed the replication typ of the reverse zone, I received
error 9003, 'WERR_DNS_ERROR_RCODE_NAME_ERROR' when trying to join.
Unfortunately, only afterwards did I see
https://wiki.samba.org/index.php/Samba_AD_DC_Troubleshooting#DNS what I
should have done.
Can I do this now after the join? What happens if I change the legacy
DNS zones to the modern locations? Is the DNS preserved? Can I join the
Samba server again afterwards or can I join the same machine only once?
Would it be better if I reinstalled the Samba server? On the Windows
server, I only have to delete it from the Domain Controllers structure,
right?
The replication error messages in /var/log/samba/log.samba:
[2020/03/27 11:07:29.302958, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: ; TSIG error with server: tsig verify
failure
[2020/03/27 11:07:29.306816, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: update failed: REFUSED
[2020/03/27 11:07:29.332424, 0]
../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done)
../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error
code 1
More information about the samba
mailing list