[Samba] 2 AD DNS questions
Dale
samba at txschroeder.family
Sat Feb 20 19:10:04 UTC 2021
On 2/20/21 12:30 PM, Rowland penny via samba wrote:
> On 20/02/2021 17:40, Dale via samba wrote:
>>
>> After running the commands above, the extra records are now in the
>> output of the ldbsearch command; however, I see in the output from
>> dc2 that the mname value is still dc1, unlike the output from your
>> dc4. Is this critical or does it need to be changed, too?
>>
>
> That will probably be the DC that was provisioned. If I run an
> ldbsearch on each DC, I get the same output on each (snipped for
> brevity):
>
> dc4:
>
> dn:
> DC=@,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
> dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
> wType : DNS_TYPE_SOA (6)
> soa: struct dnsp_soa
> mname : dc4.samdom.example.com
>
> dc01:
>
> dn:
> DC=@,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
> dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
> wType : DNS_TYPE_SOA (6)
> soa: struct dnsp_soa
> mname : dc4.samdom.example.com
>
> As you can see, the 'mname' is the same, which isn't surprising, as
> the output comes from AD.
>
> What matters is, if you run 'host -t soa <dns.domain.tld>' on each DC,
> is that DC's FQDN amongst the output.
>
> Rowland
Yes, dc1 was the provisioned system. I can't be certain as to why its
hostname was entered into the SOA mname record of dc2 nor why dc2 was
not added as an NS record. All values were created by the automated
processes of joining dc2 as a DC.
While waiting on your reply, I poked around in RSAT again, and, unlike
adding the NS record, I found where I was able to change the mname value
for dc2. Once changed, the ldbsearch command fully provided output like
yours and contained the correct dc in the mname.
So, while I have yet to ascertain if DC failover finally works, it does
appear that the SOA records of dc2 are now correct.
Thank you for the excellent support, Rowland.
Dale
More information about the samba
mailing list