[Samba] Fwd: Two DNS issues with samba

Mon Jun 10 08:13:31 UTC 2024

On Sun, 9 Jun 2024 13:18:10 +0200
Ronny Preiss via samba <samba at lists.samba.org> wrote:

> > No need to build Samba yourself, you can find packages here:
> >
> > http://www.corpit.ru/mjt/packages/samba/
> How can I install these files?

Try reading the 'README' file from the link I posted.

> 
> Here are the requested files from both servers.
> 
> ## DC01 ##
> 
> /etc/hostname
> 01-dc01
> 
> -----
> /etc/hosts
> 127.0.0.1 localhost
> #127.0.1.1 01-dc01
> 
> # The following lines are desirable for IPv6 capable hosts
> ::1     ip6-localhost ip6-loopback
> fe00::0 ip6-localnet
> ff00::0 ip6-mcastprefix
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
> 
> 10.10.10.11     01-dc01.intern.preiss.network 01-dc01
> 10.10.10.12     01-dc02.intern.preiss.network 01-dc02

You only need the actual DC info in /etc/hosts, all other dns info
should come from the AD dns server.

> 
> -----
> /etc/resolv.conf
> nameserver 127.0.0.53
> options edns0 trust-ad
> search intern.preiss.network

You need to get NetworkManager to set the correct information in
/etc/resolv.conf , this is my resolv.conf

# Generated by NetworkManager
search samdom.example.com
nameserver 192.168.1.2
nameserver 192.168.1.3

The two nameservers are my DCs

> 
> -----
> /etc/bind/named.conf
> include "/etc/bind/named.conf.options";
> include "/etc/bind/named.conf.local";
> include "/etc/bind/named.conf.default-zones";
> include "/usr/local/samba/bind-dns/named.conf";
> 
> -----
> /etc/bind/named.conf.options
>         // Managing acls
>         acl internals { 127.0.0.0/8; 10.0.0.0/8; };
> 
> options {
>         directory "/var/cache/bind";
>         version "Go Away 0.0.7";
>         notify no;
>         empty-zones-enable no;
>         auth-nxdomain yes;
>         forwarders { 10.10.10.15; 10.10.10.16; };
>         allow-transfer { none; };
> 
>         dnssec-validation no;
> 
>         // Add any subnets or hosts you want to allow to use this DNS
> server allow-query { "internals";  };
>         allow-query-cache { "internals"; };
> 
>         // Add any subnets or hosts you want to allow to use recursive
> queries
>         recursion yes;
>         allow-recursion {  "internals"; };
> 
>         tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab";
>         minimal-responses yes;
> 
>         listen-on-v6 { any; };
> };
> 
> -----
> /etc/bind/named.conf.local
> it's empty

Mine isn't, it contains a line you have in named.conf, so no problem.

> 
> -----
> /etc/bind/named.conf.default-zones
> // prime the server with knowledge of the root servers
> zone "." {
>         type hint;
>         file "/usr/share/dns/root.hints";
> };
> 
> // be authoritative for the localhost forward and reverse zones, and
> for // broadcast zones as per RFC 1912
> 
> zone "localhost" {
>         type master;
>         file "/etc/bind/db.local";
> };
> 
> zone "127.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.127";
> };
> 
> zone "0.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.0";
> };
> 
> zone "255.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.255";
> };
> 
> ## DC02 ##

See above

I feel your problems are being caused by your resolv.conf files.

Rowland