[Samba] Samba Internal DNS not forwarding some zones
Rowland Penny
rpenny at samba.org
Wed Dec 13 10:17:13 UTC 2023
On Wed, 13 Dec 2023 10:34:08 +0100
Ralf Spenneberg via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I have a Samba 4.17 running as AD with two DCs. I configured a zone
> in the internal DNS service with a few entries. Later I decided to
> drop the zone in samba again and do the configuration on the
> forwarder DNS.
I take it by 'forwarder DNS', you mean an external (to the AD dns
domain) DNS server, if so, I suggest you stop doing this.
> Unfortunately samba does not forward any request for
> this zone. The zone is deleted.
> samba-tool dns zonelist does not show the zone.
> ldbsearch -H
> /var/lib/samba/private/sam.ldb.d/DC\=DOMAINDNSZONES\,DC\=AD\,DC\=OCHTRUP\,DC\=DE.ldb
> only shows deleted entries
You shouldn't search anything in the 'sam.ldb.d' directory, only
search in '/var/lib/samba/private/sam.ldb'
>
> But still. Anything for xyz.net is forwarded but myzone.net is not
> forwarded to the forwarder. Samba apparently still thinks it is
> responsible for the zone.
It is.
This is not a Samba thing, it is an Active Directory thing, all AD DCs
when running a dns server (and all Samba AD DCs run a dns server) are
authoritative for the AD dns domain.
All your AD clients should look to a DC as their first nameserver,
anything outside the AD dns domain should be forwarded to an external
dns server, the DC should return records for anything inside the AD dns
domain.
>
> Unfortunately I do not get the logging to work.
> I tried
> log level = 0 dns:10
> followed by a
> smbcontrol smbd reload-config
> But no logs show up. Is there any kind of caching involved? What can
> I do to further troubleshoot? Any ideas?
I do not think you need to troubleshoot any further, I would suggest
that you put back the zone you deleted and then set your dns up
correctly.
Rowland
More information about the samba
mailing list