[Samba] Fwd: Two DNS issues with samba
Peter Milesson
miles at atmos.eu
Sun Jun 23 07:59:12 UTC 2024
Hi Ronny,
I reported this problem a week ago, and before me Mark Petersen on 17
May. This message pops up on the DC when you use the DNS manager in
Windows administrative tools. Samba does not handle DNSSEC, while the
DNS manager assumes so. The error has got no practical impact.
Best regards,
Peter
On 23.06.2024 9:34, Ronny Preiss via samba wrote:
> Hi,
>
> - I have changed my /etc/resolv.conf for all my three DCs.
>
> ### DC 01-03
> nameserver 10.10.10.11
> nameserver 10.10.10.12
> nameserver 10.10.10.13
> search intern.preiss.network
>
> - In the next step I changed my /etc/hosts for each DC
> ### DC1
> 127.0.0.1 localhost
> 10.10.10.11 01-dc01.intern.preiss.network 01-dc01
>
> ### DC2
> 127.0.0.1 localhost
> 10.10.10.12 01-dc02.intern.preiss.network 01-dc02
>
> ### DC3
> 127.0.0.1 localhost
> 10.10.10.13 01-dc01.intern.preiss.network 01-dc03
>
> As mentioned , I've installed a 3rd DC without any issues from
> http://www.corpit.ru/mjt/packages/samba/.
> Now the 3rd DC has the same Problem as the 2nd one.
> Only the 1st DC has no issues.
>
> /var/log/syslog
> [...]
> Jun 23 06:05:20 01-dc03 samba[87230]: [2024/06/23 06:05:20.132829, 0]
> source4/rpc_server/dnsserver/dcerpc_dnsser
>
> ver.c:1076(dnsserver_query_zone)
> Jun 23 06:05:20 01-dc03 samba[87230]: dnsserver: Invalid zone operation
> IsSigned
> Jun 23 06:05:21 01-dc03 samba[87230]: [2024/06/23 06:05:21.176086, 0]
> source4/rpc_server/dnsserver/dcerpc_dnsser
>
> ver.c:1076(dnsserver_query_zone)
> [...]
>
> I've recreated the dns.keytab file but this did not help.
>
> ### DC 01-03
> samba-tool dbcheck --cross-ncs
> Checking 3927 objects
> Checked 3927 objects (0 errors)
>
> ### DC 01-03
> No issues with samba-tool drs showrepl on all three DCs.
>
>
>
> Am Fr., 14. Juni 2024 um 08:16 Uhr schrieb Rowland Penny via samba <
> samba at lists.samba.org>:
>
>> On Fri, 14 Jun 2024 08:04:57 +0200
>> Ronny Preiss via samba <samba at lists.samba.org> wrote:
>>
>>> Am Mo., 10. Juni 2024 um 10:14 Uhr schrieb Rowland Penny via samba <
>>> samba at lists.samba.org>:
>>>
>>>> On Sun, 9 Jun 2024 13:18:10 +0200
>>>> Ronny Preiss via samba <samba at lists.samba.org> wrote:
>>>>
>>>>>> No need to build Samba yourself, you can find packages here:
>>>>>>
>>>>>> http://www.corpit.ru/mjt/packages/samba/
>>>>> How can I install these files?
>>>> Try reading the 'README' file from the link I posted.
>>>>
>>> Please excuse me, I really managed to overlook the README.
>>>
>>>
>>>>> Here are the requested files from both servers.
>>>>>
>>>>> ## DC01 ##
>>>>>
>>>>> /etc/hostname
>>>>> 01-dc01
>>>>>
>>>>> -----
>>>>> /etc/hosts
>>>>> 127.0.0.1 localhost
>>>>> #127.0.1.1 01-dc01
>>>>>
>>>>> # The following lines are desirable for IPv6 capable hosts
>>>>> ::1 ip6-localhost ip6-loopback
>>>>> fe00::0 ip6-localnet
>>>>> ff00::0 ip6-mcastprefix
>>>>> ff02::1 ip6-allnodes
>>>>> ff02::2 ip6-allrouters
>>>>>
>>>>> 10.10.10.11 01-dc01.intern.preiss.network 01-dc01
>>>>> 10.10.10.12 01-dc02.intern.preiss.network 01-dc02
>>>> You only need the actual DC info in /etc/hosts, all other dns info
>>>> should come from the AD dns server.
>>>>
>>> The DNS Info (ip6 and the other stuff) was generated by the server
>>> install. I only added the last two lines with my DC's.
>> Yes, but you only need to the actual computer data, your dns server
>> should provide everything else.
>>
>>>
>>>>> -----
>>>>> /etc/resolv.conf
>>>>> nameserver 127.0.0.53
>>>>> options edns0 trust-ad
>>>>> search intern.preiss.network
>>>> You need to get NetworkManager to set the correct information in
>>>> /etc/resolv.conf , this is my resolv.conf
>>>>
>>> Can you explain to me why I should change from systemd-resolved to
>>> NetworkManager.
>> I just took it that you were using Network Manger, so I will now
>> re-write that sentence:
>>
>> You need to get systemd-resolved to set the correct information in
>> /etc/resolv.conf
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
More information about the samba
mailing list