[Samba] Using samba-tool to join a linux file server to the domain doesn't appear to work

spindles seven spindles7 at gmail.com
Thu Nov 4 22:08:11 UTC 2021 

On 04 November 2021 16:55 Patrick Goetz wrote:
> On 11/4/21 11:09, Rowland Penny via samba wrote:
> > He has probably inherited a domain that has a GPO set to do this (or
> > something similar), Windows does not, out of the box, create reverse
> > records.

That's my experience too, but the GPO help text (see below) seems to contradict this.

> 
> Several people have mentioned that this can be done via GPO, but I can't
> fathom what kind of GPO this be.  Where would it be applied? Is there a
> special GPO template for things like this?

This is possible in:
	 Computer Configuration > Policies > Administrative Templates > Network > DNS Client > Register PTR Records

Interestingly the default Windows behaviour as the help text for this policy says:
"By default, DNS clients configured to perform dynamic DNS registration will attempt to register PTR resource record only if they successfully registered the corresponding A resource record."

Setting this policy allow the PTR record to be created even if the A resource record is not created.  But as it says there's no need to set this policy as the PTR record will be created automatically if the corresponding A resource record registration succeeds.

This policy:
	Computer Configuration > Policies > Administrative Templates > Network > DNS Client > Dynamic Update

can enforce dynamic update but its help text says:
" If you enable this policy setting, or you do not configure this policy setting, computers will attempt to use dynamic DNS registration on all network connections that have connection-specific dynamic DNS registration enabled."

And this policy:
	Computer Configuration > Policies > Administrative Templates > Network > DNS Client > Register DNS records with connection-specific DNS suffix
its help text says:
" By default, a DNS client performing dynamic DNS registration registers A and PTR resource records with a concatenation of its computer name and the primary DNS suffix."

So this doesn't need to be enabled either for Windows clients to automatically register their A and PTR records (according to the help text).

Can anyone else shed more light on this issue?

Roy

More information about the samba mailing list