[Samba] 2 AD DNS questions

Dale samba at txschroeder.family
Sat Feb 20 17:40:32 UTC 2021 

On 2/20/21 3:15 AM, Rowland penny via samba wrote:
> On 20/02/2021 01:36, Dale via samba wrote:
>>
>> Both show only 1 ns value, that of dc1.  It also looks like the mname 
>> value for dc2 is incorrect (showing dc1 instead of dc2) when compared 
>> to Rowland's dc4.  What is the process to fix these two issues?
>
>
> If you run the ldbsearch command on each DC, you should get exactly 
> the same result, I have stripped mine down to just highlight the 
> relevant records:
>
> dn: 
> DC=@,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_SOA (6)
>         soa: struct dnsp_soa
>             mname                    : dc4.samdom.example.com
>
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_NS (2)
>         ns                       : dc01.samdom.example.com
>
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_NS (2)
>         ns                       : dc4.samdom.example.com
>
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_A (1)
>         ipv4                     : 192.168.0.8
>
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_A (1)
>         ipv4                     : 192.168.0.6
>
> As you can see, the SOA should have NS & A records for each DC, now if 
> you compare yours:
>
> dn:DC=@,DC=0.168.192.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=workgroup,DC=domain,DC=tld 
>
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_SOA (6)
>         soa: struct dnsp_soa
>             mname                    : dc1.workgroup.domain.tld
>
> dnsRecord:     NDR: struct dnsp_DnssrvRpcRecord
>         wType                    : DNS_TYPE_NS (2)
>         ns                       : dc1.workgroup.domain.tld
>
> You need to add to the SOA record with samba-tool:
>
> samba-tool dns add 127.0.0.1 <zone> @ NS <data>
>
> Where <zone> is the dns zone and <data> is the FQDN of the missing DC
>
> And:
>
> samba-tool dns add 127.0.0.1 <zone> @ A <data>
>
> Where <data> in this instance is the IPv4 address of the DC
>
> Rowland

Thank you for the help, Rowland.

After running the commands above, the extra records are now in the 
output of the ldbsearch command; however, I see in the output from dc2 
that the mname value is still dc1, unlike the output from your dc4.  Is 
this critical or does it need to be changed, too?

Thanks again.
Dale

More information about the samba mailing list