[Samba] Error when joining new DC

Peter Mittermayer samba.lists at outlook.com
Mon Dec 16 15:35:40 UTC 2024


No, no. All our servers have static IPs. Therefore there is no need for dyndns update.

Therefore I keep the line for the tkey-gssapi-keytab in bind commented, thus disabling all dyndns updates.

However, when joining/demoting a DC to the AD it needs to create/remove the AD specific DNS records. 

br


________________________________________
From: samba <samba-bounces at lists.samba.org> on behalf of Rowland Penny via samba <samba at lists.samba.org>
Sent: Monday, December 16, 2024 5:16 PM
To: samba at lists.samba.org
Cc: Rowland Penny
Subject: Re: [Samba] Error when joining new DC

On Mon, 16 Dec 2024 15:04:13 +0000
Peter Mittermayer via samba <samba at lists.samba.org> wrote:

> Now I just need to find a solution how to allow dyndns updates only
> for the DCs and not the clients.

Shouldn't that be the other way around ?
Your Samba AD DCs should have a fixed ipaddress (either set on the DC
or via dhcp) and the clients can have their ipaddresses set by dhcp,
they just need to update their dns records in AD.

> Reason for this is that all our
> servers have multiple interfaces. Although they are connecting to AD
> mostly via default route we have seen issues where some register with
> wrong interface thus creating incorrect DNS records.All the DNS
> records A & PTR are usually created automatically during server
> provisioning and we don't use dhcp. So there is absolutely no need
> for dyndns except for changes in the AD infrastructure (i.e.
> joining/removing a DC).

There are a couple of parameters for the smb.conf file:

'bind interfaces only' and 'interfaces'

See 'man smb.conf' for the correct syntax.

They basically make the Samba 'server' only use the network interfaces
that you want it to.

Rowland

>
>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba



More information about the samba mailing list