[Samba] Provisioning new AD Domain Controller
Rowland Penny
rpenny at samba.org
Sat Jan 20 21:33:21 UTC 2024
On Sat, 20 Jan 2024 21:27:43 +0000
Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Sat, 20 Jan 2024 15:44:18 -0500
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > After provisioning and testing my new DC offline, I now want to move
> > it into production. This means changing IPs.
> >
> > DC FQDN: mail.hprs.local
> >
> > IPs for setup/testing:
> >
> > DC: 192.168.1.60
> > Gateway: 192.168.1.1 (Netgear router)
> > DNS: 192.168.1.60 (/etc/resolv.conf)
> > /etc/hosts: 192.168.1.60 mail.hprs.local mail
> > smb.conf, dns forwarder: 192.168.1.1
> >
> > Production IPs:
> >
> > DC: 192.168.0.2
> > Gateway: 192.168.0.1 (SonicWall firewall/router)
> > DNS: 192.168.0.2 (/etc/resolv.conf)
> > /etc/hosts: 192.168.0.2 mail.hprs.local mail
> > smb.conf, dns forwarder: 192.168.0.1
> >
> > I've restarted the network and samba to use these new IPs.
> >
> > The A record looks good:
> >
> > # host -t A mail.hprs.local
> > mail.hprs.local has address 192.168.0.2
> >
> > I also created a new reverse dns record:
> >
> > # samba-tool dns zonecreate mail.hprs.local 0.168.192.in-addr.arpa
> >
> > # samba-tool dns zonelist mail
> > pszZoneName : 0.168.192.in-addr.arpa
> > Flags : DNS_RPC_ZONE_DSINTEGRATED
> > DNS_RPC_ZONE_UPDATE_SECURE ZoneType :
> > DNS_ZONE_TYPE_PRIMARY Version : 50
> > dwDpFlags : DNS_DP_AUTOCREATED
> > DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED pszDpFqdn :
> > DomainDnsZones.hprs.local
> >
> > Two problems ...
> >
> > I'm not resolving any public or local hostnames, so it appears that
> > samba is not acting as the dns server. I can access public and local
> > hosts by IP.
>
> Is Samba running ?
> Is /etc/resolv.conf set correctly ?
>
> It should be:
>
> search hprs.local
> nameserver 192.168.0.2
>
> >
> > Why?
> >
> > Second, more minor problem, I cannot figure out how to delete the
> > old reverse dns record 1.168.192.in-addr.arpa.
>
> That could be because you will not have the reverse record
> '1.168.192.in-addr.arpa', or if you do, you have really messed up your
> dns.
>
> > I've tried numerous
> > combinations of the command to do so with no luck including;
> >
> > # samba-tool dns delete mail hprs.local mail PTR
> > 1.168.192.in-addr.arpa Password for [administrator at HPRS.LOCAL]:
> > ERROR(runtime): The record does not exist
> > [WERR_DNS_ERROR_RECORD_DOES_NOT_EXIST] - (9701,
> > 'WERR_DNS_ERROR_RECORD_DOES_NOT_EXIST')
> >
> > What am I doing wrong?
>
> You are not using the correct command, the usage is:
>
> samba-tool dns delete <server> <zone> <name> PTR <data>
>
> Where, in your case, <server> is 'mail', <zone> is
> '0.168.192.in-addr.arpa', <name> is the DCs existing IP '2' and <data>
> is the DCs FQDN 'mail.hprs.local'
>
> OR
>
> samba-tool dns delete mail 0.168.192.in-addr.arpa 2 PTR
> mail.hprs.local
>
> Rowland
>
>
Just a finally thought, you will also need to delete the DCs existing
'A' record and create a new one.
Rowland
More information about the samba
mailing list