[Samba] DNS names for AD joined samba server
Rowland penny
rpenny at samba.org
Wed May 20 19:15:18 UTC 2020
On 20/05/2020 19:29, Orion Poplawski via samba wrote:
> I'm trying to figure out a puzzling thing that we are seeing with some
> recently joined or re-joined samba servers. Our linux servers are in a
> different DNS domain than our AD machines
Then they cannot join the domain.
> (nwra.com or cora.nwra.com vs
> ad.nwra.com for the AD machines). Generally when we've joined a machine to AD
> the DNS name recorded in AD is their regular linux FQDN.
If this is happening, then we need to know just how you are doing the
join, so we can open a bug report. All AD machines must be in the same
DNS domain.
> But a couple
> machines have ended up with the "ad.nwra.com" domain.
That is what is supposed to happen.
> In some way this is preferred as it allow for easier lookup of the appropriate
> SPNs. But I have no idea what is controlling this. Could it possibly be a
> change between 4.9.1-10.el7_7 and 4.10.4-10.el7 (but not in 4.10.4-101.el8_1) ?
Doubt it, you seem to have found a bug, you shouldn't be able to join a
machine if it isn't in the same dns domain.
Rowland
More information about the samba
mailing list