[Samba] accidentally upgraded DC to 4.17.3 ... didn't work
rpenny at samba.org
Thu Dec 1 14:12:50 UTC 2022
On 01/12/2022 14:01, Michael Tokarev via samba wrote:
> I think this is a bit wrong view, and it *is* a way for a disaster you
> in your other email.
No it isn't, I have been doing this for years on Samba AD DC's.
> When you keep systemd-resolved running, when *some* parts of the system
> ones who uses its own resolver lib talking directly to systemd-resolver)
> will ask it for the DNS resolution, and the other parts will ask whateve
> resolver is configured in /etc/resolv.conf. *This* is a way to disaster,
> to debugging which names resolve to which addresses in which services.
Nothing should be asking systemd-resolved for anything, its only job
(just like resolvconf) should be to update /etc/resolv.conf, everything
else should check /etc/resolv.conf for what nameserver to use.
> When you turn systemd-resolved off, stuff will query nameservers from
> /etc/resolv.conf only, and things will be at least consistent within the
> same host.
Exactly, as it should be on a Samba AD DC.
> Whenever samba resolver or DNS should be used at all is another question,
> and here, it looks like we have entirely different opinions wiht Rowland.
> Samba resolvers have many limitations which don't exist in systemd-resolved
> (eg, for stuff like dynamic addresses on a laptop, different networks etc).
If you run a Samba AD DC on a laptop, or move it around, then you are
asking for trouble. I was talking about something that will not move.
> But this is a different topic. The main thing I wanted to point out is
> consistency (or lack thereof) when using multiple services, exactly like
> you already noticed with the logging and systemd-resolved. So far,
> systemd-resolved is not mandatory and /etc/resolv.conf works still.
This is Linux and very little should be mandatory, if you want
mandatory, go and run Windows.
More information about the samba