[Samba] Provisioning new AD Domain Controller
Mark Foley
mfoley at novatec-inc.com
Fri Dec 1 19:45:09 UTC 2023
On Fri Dec 1 03:14:31 2023 Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> On Fri, 01 Dec 2023 01:38:55 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > Should I delete this zone and recreate with "0.168.192.in-addr.arpa"?
>
> Yes, your reversezone at present has space for only one client.
>
> Rowland
OK, that is done! I did:
samba-tool dns zonedelete dc1 2.0.168.192.in-addr.arpa
samba-tool dns zonecreate dc1.hprs.locl 0.168.192.in-addr.arpa
Moving on with the tests. Most are working, but a couple of the tests for
Verifying DNS, https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Verifying_DNS_(Optional)
have issues. This one gives me a bit different output:
# host -t A dc1.hprs.locl.
dc1.hprs.locl has address 192.168.0.2
dc1.hprs.locl has address 24.142.169.13
The 192.68.0.2 was expected from the wiki example, but what about the
24.142.169.13? That is the public IP for this server. I presume that's OK?
The next test fails:
# host -t PTR 192.168.0.2
Host 2.0.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
The zonecreate was successful, so why the failure? Leaving of the .2 also fails:
# host -t PTR 192.168.0
192.168.0 has no PTR record
What did I do wrong?
Finally, not a question/error yet, but in smb.conf [GLOBAL] I have:
dns forwarder = 209.18.47.61
That was stuck in there by the provision operation. This is an IP for my ISP's
name server. I kept the ISP's nameservers in /etc/resolv.conf because with just
the wiki suggested entries:
search hprs.locl
nameserver 192.168.0.2
I could not resolve public domain names.
Again, did I mess something up?
--Mark
More information about the samba
mailing list