samba - Aug 2013 - DNS issue with second samba DC

I have samba4 installed on two systems: ncssamba1 and ncssamba2. ncssamba1 is
the PDC, ncssamba2 was joined to the domain using the instructions here:
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC

I had to manually add the DNS information as mentioned on that page. I can add a
user and the user is replicated.

However, I have some issues with DNS resolving hostnames. Specifically, on the
PDC,

$ nslookup ncsfs1 
Server: 10.179.2.25 
Address: 10.179.2.25#53 

Name: ncsfs1.ncs.k12.de.us 
Address: 10.179.2.6 

But the same system is not found on the second DC 

$ nslookup ncsfs1 
Server: 10.179.2.24 
Address: 10.179.2.24#53 

Non-authoritative answer: 
*** Can't find ncsfs1: No answer 

resolv.conf is identical between the two systems. /usr/local/samba/etc/smb.conf
is likewise the same (except for netbios name)

[global] 
workgroup = NEWARKCHARTER 
realm = ncs.k12.de.us 
netbios name = NCSSAMBA1 
server role = active directory domain controller 
idmap_ldb:use rfc2307 = yes 
dns forwarder=10.1.1.10 
allow dns updates=nonsecure and secure 

[netlogon] 
path = /usr/local/samba/var/locks/sysvol/ncs.k12.de.us/scripts 
read only = No 

[sysvol] 
path = /usr/local/samba/var/locks/sysvol 
read only = No 

A second DNS issue is that I have other systems that are multihomed (e.g.
10.179.2.13 and 192.168.0.254). Allowing the updates means that the
192.168.0.254 gets added to DNS which I do not want to happen. I want the dns
updates only for the 10.179 addresses. Can this be done?

Finally, I have to relocate the second DC to a new IP address (10.186.2.25/19)
at a remote site. I found instructions here:
https://lists.samba.org/archive/samba-technical/2013-May/092260.html But I
assume I will need to manually create the reverse lookup zone?

Sincerely, 
Dave Hopkins

Quick update: 

If I add 

domain ncs.k12.de.us 

to /etc/resolv.conf on the second DC, names resolve. However, I don't need
this entry on the PDC.

Sincerely, 
Dave Hopkins 

----- Original Message -----
From: dahopkins at comcast.net 
To: "samba" <samba at lists.samba.org> 
Sent: Friday, August 2, 2013 3:57:28 PM 
Subject: [Samba] DNS issue with second samba DC 

I have samba4 installed on two systems: ncssamba1 and ncssamba2. ncssamba1 is
the PDC, ncssamba2 was joined to the domain using the instructions here:
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC

I had to manually add the DNS information as mentioned on that page. I can add a
user and the user is replicated.

However, I have some issues with DNS resolving hostnames. Specifically, on the
PDC,

$ nslookup ncsfs1 
Server: 10.179.2.25 
Address: 10.179.2.25#53 

Name: ncsfs1.ncs.k12.de.us 
Address: 10.179.2.6 

But the same system is not found on the second DC 

$ nslookup ncsfs1 
Server: 10.179.2.24 
Address: 10.179.2.24#53 

Non-authoritative answer: 
*** Can't find ncsfs1: No answer 

resolv.conf is identical between the two systems. /usr/local/samba/etc/smb.conf
is likewise the same (except for netbios name)

[global] 
workgroup = NEWARKCHARTER 
realm = ncs.k12.de.us 
netbios name = NCSSAMBA1 
server role = active directory domain controller 
idmap_ldb:use rfc2307 = yes 
dns forwarder=10.1.1.10 
allow dns updates=nonsecure and secure 

[netlogon] 
path = /usr/local/samba/var/locks/sysvol/ncs.k12.de.us/scripts 
read only = No 

[sysvol] 
path = /usr/local/samba/var/locks/sysvol 
read only = No 

A second DNS issue is that I have other systems that are multihomed (e.g.
10.179.2.13 and 192.168.0.254). Allowing the updates means that the
192.168.0.254 gets added to DNS which I do not want to happen. I want the dns
updates only for the 10.179 addresses. Can this be done?

Finally, I have to relocate the second DC to a new IP address (10.186.2.25/19)
at a remote site. I found instructions here:
https://lists.samba.org/archive/samba-technical/2013-May/092260.html But I
assume I will need to manually create the reverse lookup zone?

Sincerely, 
Dave Hopkins 




-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba