[Samba] Crash on "samba-tool domain level raise --domain-level=2016 --forest-level=2016"
Rowland Penny
rpenny at samba.org
Mon Aug 28 12:35:11 UTC 2023
On Mon, 28 Aug 2023 14:23:39 +0200
Fabio Fantoni <fabio.fantoni at m2r.biz> wrote:
> Il 28/08/2023 12:57, Rowland Penny via samba ha scritto:
> > On Mon, 28 Aug 2023 12:43:24 +0200
> > Fabio Fantoni <fabio.fantoni at m2r.biz> wrote:
> >
> >
> >> here some conf files if needed:
> >>> less /etc/resolv.conf
> >>> domain M2R.LOCAL
> >>> search M2R.LOCAL
> >>> nameserver 127.0.0.1
> >>> nameserver 8.8.8.8
> > Just some comments on your resolv.conf:
> >
> > domain and search are mutually exclusive, last one wins, you only
> > need 'search'
> > you should use the DCs ipaddress, not 127.0.0.1 , so the correct
> > first nameserver line should be:
> >
> > nameserver 192.168.1.202
>
> thanks for the informations, I never had issue with localhost for
> what I remember, anyway I changed it
>
> I also retried the domain raise command but nothing changed
I didn't think it would help, but better to get things right.
>
> >
> > I hope that '.local' is just sanitisation for the correct TLD, if it
> > really is '.local', then I suggest you turn off Bonjour and Avahi
> > everywhere on your network, '.local' is reserved for mdns.
> >
> > Rowland
> >
> if I remember good many years ago microsoft advised to use ".local"
> for domains without an "real webdomain" assigned (for use on LAN),
> only years later i saw that microsoft changed idea and instead said
> the opposite, anyway ".local" was still used and also recommended by
> someone in some cases. so I hadn't given it weight, now instead I did
> a search after your email I see that in fact many say that ".local"
> should not be used and it is absurd that someone still recommends it.
>
> changing existing domains I think is problematic, or I'm wrong?
> ".local" I also saw it still seems to be used even in recent
> domains :(
>
> is there any problem having it relating to domain functions itself?
Not with AD, but as '.local' is reserved for mdns, it is probably
better to not use Bonjour or Avahi in the AD dns domain.
>
> for new domains what should be done when there isn't "webdomain"
> (registered domain) assigned?
There is '.home.arpa', see here:
https://datatracker.ietf.org/doc/html/rfc8375
Rowland
More information about the samba
mailing list