[Samba] DNS problems when adding samba DC to win2008R2
L.P.H. van Belle
belle at bazuin.nl
Mon Sep 14 10:30:16 UTC 2020
Hai,
See below.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Carlos Jesus via samba
> Verzonden: maandag 14 september 2020 11:40
> Aan: Rowland penny
> CC: sambalist
> Onderwerp: Re: [Samba] DNS problems when adding samba DC to win2008R2
>
....
> >
> >
> grep: /etc/samba/smb.conf: No such file or directory
> ./samba.sh: line 328: [: : integer expression expected
Hmm, it does not find smb.conf ?
Thats strange or was this a typo on your side?
( Ah, after some scrolling, its a self compiled samba ) ;-)
> DC2:/home/carlos# more /tmp/samba-debug-info.txt
> Collected config --- 2020-09-14-10:27 -----------
>
> Hostname: DC2
> DNS Domain: MyDomain.lx.pt
> FQDN: DC2.MyDomain.lx.pt
> ipaddress: 192.168.59.112
> -----------
> Kerberos SRV _kerberos._tcp.MyDomain.lx.pt record verified ok, sample
> output:
> Server: 192.168.59.112
> Address: 192.168.59.112#53
>
> _kerberos._tcp.MyDomain.lx.pt service = 0 100 88
> dc2.MyDomain.lx.pt.
Here, if you have 2 DC's you should also see the 2 DC's.
So where is DC1 ?
> Samba is running as an AD DC
> -----------
> Checking file: /etc/os-release
> PRETTY_NAME="Debian GNU/Linux 10 (buster)"
> NAME="Debian GNU/Linux"
> VERSION_ID="10"
> VERSION="10 (buster)"
> VERSION_CODENAME=buster
> ID=debian
> HOME_URL="https://www.debian.org/"
> SUPPORT_URL="https://www.debian.org/support"
> BUG_REPORT_URL="https://bugs.debian.org/"
> -----------
>
> This computer is running Debian 10.5 x86_64
> -----------
> running command : ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state
> UNKNOWN group
> default qlen 1000
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq
> state UP group
> default qlen 1000
> link/ether 00:15:5d:3b:6f:09 brd ff:ff:ff:ff:ff:ff
> inet 192.168.59.112/24 brd 192.168.59.255 scope global eth0
> -----------
> Checking file: /etc/hosts
> 127.0.0.1 localhost
> 192.168.59.112 DC2.MyDomain.lx.pt DC2
> -----------
> Checking file: /etc/resolv.conf
> domain MyDomain.lx.pt
> search MyDomain.lx.pt
> nameserver 192.168.59.112
# AFter a join and a reboot, you can enable the DC1 Nameserver but add it below this server
> nameserver 192.168.59.111
> -----------
> Checking file: /etc/krb5.conf
> [libdefaults]
> default_realm = MyDomain.LX.PT
> dns_lookup_realm = false
> dns_lookup_kdc = true
> -----------
> Checking file: /etc/nsswitch.conf
>
> passwd: files systemd winbind
> group: files systemd winbind
> shadow: files
> gshadow: files
>
> hosts: files mdns4_minimal [NOTFOUND=return] dns
hosts: files dns mdns4_minimal [NOTFOUND=return]
Moved dns before mDNS (avahi-daemon)
> networks: files
>
> protocols: db files
> services: db files
> ethers: db files
> rpc: db files
>
> netgroup: nis
> -----------
> Checking file: /usr/local/samba/etc/smb.conf
> [global]
> netbios name = DC2
> realm = MyDomain.LX.PT
> server role = active directory domain controller
> workgroup = MyDomain
> idmap_ldb:use rfc2307 = yes
> log level = 1 auth_json_audit:2@/var/log/samba/auth.log sam:2@
> /var/log/samba/sam.log
> log file = /var/log/samba/samba.log
> server services = -dns
>
> winbind nss info = template
> template shell = /bin/bash
> template homedir = /home/%U
> server min protocol = SMB2
>
> [sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
> [netlogon]
> path =
> /usr/local/samba/var/locks/sysvol/MyDomain.lx.pt/scripts
> read only = No
> -----------
> Detected bind DLZ enabled..
> Checking file: /etc/bind/named.conf
>
> include "/etc/bind/named.conf.options";
> include "/etc/bind/named.conf.local";
> include "/etc/bind/named.conf.default-zones";
> include "/usr/local/samba/bind-dns/named.conf";
> -----------
> Checking file: /etc/bind/named.conf.options
> acl internals { 127.0.0.0/8; 192.168.59.0/24; };
>
> options {
> directory "/var/cache/bind";
> version "Go Away 0.0.7";
> notify no;
> empty-zones-enable no;
> auth-nxdomain yes;
> forwarders { 8.8.8.8; 8.8.4.4; };
> allow-transfer { none; };
>
> dnssec-validation no;
> dnssec-enable no;
> dnssec-lookaside no;
> listen-on-v6 { none; };
> listen-on port 53 { 192.168.59.112; 127.0.0.1; ::1; };
>
> minimal-responses yes;
>
> allow-query { "internals"; };
> allow-query-cache { "internals"; };
>
> recursion yes;
> allow-recursion { "internals"; };
>
> tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab";
> };
> -----------
> Checking file: /etc/bind/named.conf.local
> -----------
> Checking file: /etc/bind/named.conf.default-zones
> zone "." {
> type hint;
> file "/usr/share/dns/root.hints";
> };
>
> zone "localhost" {
> type master;
> file "/etc/bind/db.local";
> };
>
> zone "127.in-addr.arpa" {
> type master;
> file "/etc/bind/db.127";
> };
>
> zone "0.in-addr.arpa" {
> type master;
> file "/etc/bind/db.0";
> };
>
> zone "255.in-addr.arpa" {
> type master;
> file "/etc/bind/db.255";
> };
> -----------
> Samba DNS zone list: 3 zone(s) found
>
> pszZoneName : 59.168.192.in-addr.arpa
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED
> DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : DomainDnsZones.MyDomain.lx.pt
>
> pszZoneName : MyDomain.lx.pt
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED
> DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : DomainDnsZones.MyDomain.lx.pt
>
> pszZoneName : _msdcs.MyDomain.lx.pt
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED
> DNS_DP_FOREST_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : ForestDnsZones.MyDomain.lx.pt
>
> Samba DNS zone list Automated check :
> zone : 59.168.192.in-addr.arpa ok, no Bind flat-files found
> -----------
> zone : MyDomain.lx.pt ok, no Bind flat-files found
> -----------
> zone : _msdcs.MyDomain.lx.pt ok, no Bind flat-files found
> -----------
> Installed packages:
> ii acl 2.2.53-4
> amd64 access control list - utilities
> ii attr 1:2.4.48-4
> amd64 utilities for manipulating filesystem
> extended attributes
> ii bind9 1:9.11.5.P4+dfsg-5.1+deb10u2
> amd64 Internet Domain Name Server
> ii bind9-host 1:9.11.5.P4+dfsg-5.1+deb10u2
> amd64 DNS lookup utility (deprecated)
> ii bind9utils 1:9.11.5.P4+dfsg-5.1+deb10u2
> amd64 Utilities for BIND
> ii fonts-quicksand 0.2016-2
> all sans-serif font with round attributes
> ii krb5-config 2.6
> all Configuration files for Kerberos Version 5
> ii krb5-kdc 1.17-3
> amd64 MIT Kerberos key server (KDC)
> ii krb5-locales 1.17-3
> all internationalization support for MIT Kerberos
> ii krb5-multidev:amd64 1.17-3
> amd64 development files for MIT Kerberos without
> Heimdal conflict
> ii krb5-user 1.17-3
> amd64 basic programs to authenticate using MIT Kerberos
> ii libacl1:amd64 2.2.53-4
> amd64 access control list - shared library
> ii libacl1-dev:amd64 2.2.53-4
> amd64 access control list - static libraries and headers
> ii libattr1:amd64 1:2.4.48-4
> amd64 extended attribute handling - shared library
> ii libattr1-dev:amd64 1:2.4.48-4
> amd64 extended attributes handling - static
> libraries and headers
> ii libbind9-161:amd64 1:9.11.5.P4+dfsg-5.1+deb10u2
> amd64 BIND9 Shared Library used by BIND
> ii libgssapi-krb5-2:amd64 1.17-3
> amd64 MIT Kerberos runtime libraries - krb5 GSS-API
> Mechanism
> ii libkrb5-26-heimdal:amd64 7.5.0+dfsg-3
> amd64 Heimdal Kerberos - libraries
> ii libkrb5-3:amd64 1.17-3
> amd64 MIT Kerberos runtime libraries
> ii libkrb5-dev:amd64 1.17-3
> amd64 headers and development libraries for MIT Kerberos
> ii libkrb5support0:amd64 1.17-3
> amd64 MIT Kerberos runtime libraries - Support library
> ii libsmbclient:amd64 2:4.9.5+dfsg-5+deb10u1
> amd64 shared library for communication with SMB/CIFS servers
> ii libwbclient0:amd64 2:4.9.5+dfsg-5+deb10u1
> amd64 Samba winbind client library
> ii python-attr 18.2.0-1
> all Attributes without boilerplate (Python 2)
> ii python3-pyxattr 0.6.1-1
> amd64 module for manipulating filesystem extended attributes
> (Python3)
> ii samba-libs:amd64 2:4.9.5+dfsg-5+deb10u1
> amd64 Samba core libraries
> -----------
So, you have a self compiled samba, you did install or, did not remove some older parts.
Like : libwbclient0:amd64 2:4.9.5+dfsg-5+deb10u1
So a choice to make,
- Remove good and only use selfcompiled samba.
Or
- Install debian's Samba 4.9.5
- Or instal samba from my repo then install 4.12.6
Greetz,
Louis
More information about the samba
mailing list