[Samba] Joining a new Samba AD DC

Mark Foley mfoley at novatec-inc.com
Wed Aug 2 14:04:17 UTC 2023 

On Wed Aug  2 04:15:23 2023 Rowland Penny via samba <samba at lists.samba.org> wrote:

> On 01/08/2023 22:40, Mark Foley via samba wrote:
> > Is not being able to run 'host -t A' a show stopper here? The wiki 'host -t CNAME'
> > gave, as expected:
> > 
> > # host -t CNAME 0d2a3ba9-4ade-45de-85c7-321ba69caee0._msdcs.hprs.local.
> > Host 0d2a3ba9-4ade-45de-85c7-321ba69caee0._msdcs.hprs.local. not found: 3(NXDOMAIN)
> > 
> > and when trying to add with 'samba-tool' I got:
> > 
> > # samba-tool dns add MAIL _msdcs.hprs.local 0d2a3ba9-4ade-45de-85c7-321ba69caee0 CNAME DC1.hprs.local -Uadministrator
> > [deleted]
> > Password for [HPRS\administrator]:
[deleted]
> > ERROR(runtime): uncaught exception - (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> >    File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
> >      return self.run(*args, **kwargs)
> >    File "/usr/lib64/python2.7/site-packages/samba/netcmd/dns.py", line 940, in run
> >      raise e
> > 
> > which you seemed to think was a bogus error with WERR_DNS_ERROR_RECORD_ALREADY_EXISTS.
> > Nevertheless the ojectGUID CNAME record was not added.
> > 
> > So, is there another way to add this record? Perhaps ldbedit'ing some .ldb file?
> > 
> > Was your 'host -t A' suggestion intended to be another way to get this done? If
> > so, I can update my BIND package to a newer version which does not have the
> > "prohibited character" issue. I have it on good authority from the "father" of
> > Slackware himself that I should be able to upgrade this package w/o too much
> > difficulty.
> > 
> > --Mark
> > 
>
> If I find the GUID for a DC, then use it in searches, I get results like 
> these:
>
> adminuser at rpidc1:~ $ host -t CNAME fb453823-737c-4a8b-93e1-dc197e236d50
> fb453823-737c-4a8b-93e1-dc197e236d50 has no CNAME record
>
> Doing an 'A' record search using the GUIDs FQDN, gets me this:
>
> adminuser at rpidc1:~ $ host -t A 
> fb453823-737c-4a8b-93e1-dc197e236d50._msdcs.samdom.example.com.
> fb453823-737c-4a8b-93e1-dc197e236d50._msdcs.samdom.example.com is an 
> alias for rpidc1.samdom.example.com.
> rpidc1.samdom.example.com has address 192.168.1.2
>
> Doing a similar search, but for a CNAME gets me this:
>
> adminuser at rpidc1:~ $ host -t CNAME 
> fb453823-737c-4a8b-93e1-dc197e236d50._msdcs.samdom.example.com.
> fb453823-737c-4a8b-93e1-dc197e236d50._msdcs.samdom.example.com is an 
> alias for rpidc1.samdom.example.com.

Yeah, those command on my system simply return the 'help' syntax info for the host command.

> I suggest you start Samba, wait a short while and then try again.
>
> Rowland

Do you mean to start Samba on the new DC (which I haven't done yet) or [re]start
Samba on the current DC?

Thanks --Mark

More information about the samba mailing list