[Samba] Dynamic DNS updates from Windows 10 workstations
Allen Chen
achen at harbourfrontcentre.com
Thu Apr 8 20:13:31 UTC 2021
Hi there,
I do have a similar question on how windows clients update the A record
in samba 4 AD DC,
or how samba AD set A record in its internal DNS server for windows client.
My configuration is(no other issues so far):
a) 3 Samba 4.8.12 AD DC, works perfect together(using internal DNS), has
its own domain name, let's say DOMAIN1.ANY(not a public domain name)
b) 1 Centos 6.8 DHCP server(comes with the OS), gives windows clients
dynamic IP and company DNS server info(DNS IP),
and sends dynamic IP updates to company DNS server, using another
internal domain name(DOMAIN2.ANY) to manage the pc name and its dynamic ip
c) 2 Centos 6.8 company DNS server(bind comes with the OS), forwarding
AD query to AD server)
d) 150 windows clients with DNS points to company DNS servers.
The problem is when I move a client machine to another subnet(IP
changed), samba4 AD DC doen't reset the ip in its internal DNS server.
But I do see the ip or some ips get changed late, when? and how?
sometimes not changed? I don't know.
My question is how samba 4 AD set the A record in its internal DNS
server for windows client?
Thanks,
Allen
On 4/8/2021 6:31 AM, L.P.H. van Belle via samba wrote:
> You dont need to "rejoin", if you know which records are wrong with the rights. You can add the COMPUTERNAME$ to the dns record with full control on the A and PTR record.
>
> The danger of a "re-join" is.. you forget keytab and KVNO is out sink then.
> so, if you are going for a rejoin, few pointers.
>
> - use samba-tool/net to remove the computer from the domain.
> - use ADUC to verify if its all gone in AD
> - verify if DNS A and PTR is all gone.
> - backup/rename /etc/krb5.keytab, then make sure its gone before you re-join.
> - any SPN/UPN's used, dont forget to re-add these also.
>
> things like that..
>
> Good luck..!
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Peter Milesson
>> via samba
>> Verzonden: donderdag 8 april 2021 11:51
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Dynamic DNS updates from Windows 10 workstations
>>
>>
>>
>> On 2021-04-08 09:34, cn--- via samba wrote:
>>> Am 07.04.21 um 21:34 schrieb Peter Milesson via samba:
>>>> Hi Rowland,
>>>>
>>>> Thanks for your advice. The timestamp is really from 2019 almost
>>>> exactly 2 years old. There are just a few very basic GPOs applied.
>>>> The other workstations use the same GPOs. Some of the workstations
>>>> update the data correctly, and a few not. The dnsmasq DHCP server
>>>> which I use, is not able to handle any DNS updates, so that task is
>>>> up to the Windows workstations.
>>>>
>>>> I will try to unjoin the offending workstations from the domain and
>>>> join them again. If that does not help, I can always try to make
>>>> clean installations of Windows. The offending workstations are mostly
>>>> older (except one), originally upgraded from Windows 7, previously
>>>> used in a Samba NT4 domain. I don't know if it's a long shot, but may
>>>> really be the underlying cause.
>>> If the entries are old I would delete them first. If they where
>>> created before a rejoin of the computer the entries belong to the old
>>> computer account and can not be changed by the newly joined machine.
>>> As you said it is mostly older computers that have that problem this
>>> could be a problem.
>>>
>>> Regards
>>>
>>> Christian
>>>
>> Hi Christian,
>>
>> See my previous answer to Louis. I'm going to delete the manually, if
>> scavenging does not help. Otherwise it will be a rejoin to the domain.
>>
>> Thanks for your input.
>>
>> Best regards,
>>
>> Peter
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list