[Samba] Dynamic DNS updates from Windows 10 workstations

Peter Milesson miles at atmos.eu
Fri Apr 9 07:17:14 UTC 2021


Hi Louis,

I tested deleting an offending DNS record for one workstation which gets 
its IP address from DHCP, and after reboot an A record with correct 
informaton popped up in DNS almost immediately after completed reboot. 
Another workstation which now has got a fixed IP address was a bit more 
tricky. Previously it got the IP address from DHCP, but was changed to 
fixed IP a couple of months back. It did not register itself 
immediately. I unticked the checkbox "Register this connection's address 
in DNS", rebooted the PC, then ticked the checkbox again and rebooted. 
Now it registered a correct A record.

Thanks everybody for giving advice how to solve this problem.

Best regards,

Peter

On 2021-04-08 12:31, L.P.H. van Belle via samba wrote:
> You dont need to "rejoin", if you know which records are wrong with the rights. You can add the COMPUTERNAME$ to the dns record with full control on the A and PTR record.
>
> The danger of a "re-join" is.. you forget keytab and KVNO is out sink then.
> so, if you are going for a rejoin, few pointers.
>
> - use samba-tool/net  to remove the computer from the domain.
> - use ADUC to verify if its all gone in AD
> - verify if DNS A and PTR is all gone.
> - backup/rename /etc/krb5.keytab, then make sure its gone before you re-join.
> - any SPN/UPN's used, dont forget to re-add these also.
>
> things like that..
>
> Good luck..!
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Peter Milesson
>> via samba
>> Verzonden: donderdag 8 april 2021 11:51
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Dynamic DNS updates from Windows 10 workstations
>>
>>
>>
>> On 2021-04-08 09:34, cn--- via samba wrote:
>>> Am 07.04.21 um 21:34 schrieb Peter Milesson via samba:
>>>> Hi Rowland,
>>>>
>>>> Thanks for your advice. The timestamp is really from 2019 almost
>>>> exactly 2 years old. There are just a few very basic GPOs applied.
>>>> The other workstations use the same GPOs. Some of the workstations
>>>> update the data correctly, and a few not. The dnsmasq DHCP server
>>>> which I use, is not able to handle any DNS updates, so that task is
>>>> up to the Windows workstations.
>>>>
>>>> I will try to unjoin the offending workstations from the domain and
>>>> join them again. If that does not help, I can always try to make
>>>> clean installations of Windows. The offending workstations are mostly
>>>> older (except one), originally upgraded from Windows 7, previously
>>>> used in a Samba NT4 domain. I don't know if it's a long shot, but may
>>>> really be the underlying cause.
>>> If the entries are old I would delete them first. If they where
>>> created before a rejoin of the computer the entries belong to the old
>>> computer account and can not be changed by the newly joined machine.
>>> As you said it is mostly older computers that have that problem this
>>> could be a problem.
>>>
>>> Regards
>>>
>>> Christian
>>>
>> Hi Christian,
>>
>> See my previous answer to Louis. I'm going to delete the manually, if
>> scavenging does not help. Otherwise it will be a rejoin to the domain.
>>
>> Thanks for your input.
>>
>> Best regards,
>>
>> Peter
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>
>




More information about the samba mailing list