-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello everyone, I know that many people know not to use .local, but in the last weeks we had several People having problems using .local. So to all peopel starting implementing Samba 4 AD, read this: http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ So stop using .local as TLD. Maybe there should be a BIIIIIG not inside the wiki? Stefan -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J =e33p -----END PGP SIGNATURE-----
On 04/01/15 12:16, Stefan Kania wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello everyone, > > I know that many people know not to use .local, but in the last weeks > we had several People having problems using .local. > So to all peopel starting implementing Samba 4 AD, read this: > http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ > > So stop using .local as TLD. Maybe there should be a BIIIIIG not > inside the wiki?I updated the wiki yesterday in three places saying not to use .local, I believe that Marc has also updated the DNS page as well. Problem is, most people seem to ignore the wiki. Rowland> Stefan > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.16 (Darwin) > > iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw > hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J > =e33p > -----END PGP SIGNATURE-----
During the Christmas holiday I created a AD DC & a MEMBER server (both on Debian 7.7.0) with these scripts (https://secure.bazuin.nl/scripts/) and thank you, L.P.H. van Belle. However, I have created them with a *.local TLD (that now I need to change.) I will need to adjust my hostname files, need to re-configure the kerberos install and of course Bind9. The hostname files I know how to change. No problem there. The kerberos install, I think can be re-configured with 'dpkg-reconfigure'. As I have no experience (until now) with Bind9, this is my biggest concern! What do I change? What other needed changes have I overlooked? OR Do I (build (re-build) two servers) all over again? At this point, I am at the planning "what needs to be done" stage. Any suggestions would be greatly appreciated. --- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [2] "Everyone deserves an award!!" On 2015-01-04 07:07, Rowland Penny wrote:> On 04/01/15 12:16, Stefan Kania wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello everyone, I know that many people know not to use .local, but in the last weeks we had several People having problems using .local. So to all peopel starting implementing Samba 4 AD, read this: http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ [1] So stop using .local as TLD. Maybe there should be a BIIIIIG not inside the wiki? > > I updated the wiki yesterday in three places saying not to use .local, I believe that Marc has also updated the DNS page as well. > > Problem is, most people seem to ignore the wiki. > > Rowland > >> Stefan -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J =e33p -----END PGP SIGNATURE-----Links: ------ [1] http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ [2] http://www.donelsontrophy.com
Hello, I deployed an Samba 4 AD back in 2013 with .local, not knowing it can cause troubles with mDns. On my linux server i did not install avahi and i do not have mDns in my nsswitch.conf hosts entry. On windows machines i usually deinstall bonjour whenever it shows up and i do not install it when installing itunes. Till now i have not had any dns resolve issues, still i'd like to change it to .loc or similar without having to reprovision ad. Is this possible? Thanks in advance, Achim Am 04.01.2015 um 13:16 schrieb Stefan Kania:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello everyone, > > I know that many people know not to use .local, but in the last weeks > we had several People having problems using .local. > So to all peopel starting implementing Samba 4 AD, read this: > http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ > > So stop using .local as TLD. Maybe there should be a BIIIIIG not > inside the wiki? > > Stefan > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.16 (Darwin) > > iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw > hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J > =e33p > -----END PGP SIGNATURE-----
Hi, 2015-01-05 8:00 GMT+01:00 Achim Gottinger <achim at ag-web.biz>:> Hello, > > I deployed an Samba 4 AD back in 2013 with .local, not knowing it can cause > troubles with mDns.not even mDNS, try register a certification this with domain verification. Greetings, Bj?rn
On 05/01/15 07:00, Achim Gottinger wrote:> Hello, > > I deployed an Samba 4 AD back in 2013 with .local, not knowing it can > cause troubles with mDns. > On my linux server i did not install avahi and i do not have mDns in > my nsswitch.conf hosts entry. > On windows machines i usually deinstall bonjour whenever it shows up > and i do not install it when installing itunes. > Till now i have not had any dns resolve issues, still i'd like to > change it to .loc or similar without having to reprovision ad. > Is this possible? > > Thanks in advance, > Achim > > > Am 04.01.2015 um 13:16 schrieb Stefan Kania: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hello everyone, >> >> I know that many people know not to use .local, but in the last weeks >> we had several People having problems using .local. >> So to all peopel starting implementing Samba 4 AD, read this: >> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ >> >> >> So stop using .local as TLD. Maybe there should be a BIIIIIG not >> inside the wiki? >> >> Stefan >> >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >> >> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >> =e33p >> -----END PGP SIGNATURE----- >It would seem that it is possible, see: http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx Only problem, I do not know of any Unix tool to do it and do not know if rendom.exe will work with a samba4 AD DC. Rowland
On 15-01-04 04:16 AM, Stefan Kania wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello everyone, > > I know that many people know not to use .local, but in the last weeks > we had several People having problems using .local. > So to all peopel starting implementing Samba 4 AD, read this: > http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ > > So stop using .local as TLD. Maybe there should be a BIIIIIG not > inside the wiki? > > Stefan > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.16 (Darwin) > > iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw > hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J > =e33p > -----END PGP SIGNATURE----- >What about joining a member server to an windows AD domain that was set up as whatever.local years ago? Stock microsoft setup in the day, the ADC does everything, including DNS. Does the name resolution issue cause problems for my new member server?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 07.01.2015 um 19:37 schrieb BISI:> On 15-01-04 04:16 AM, Stefan Kania wrote: Hello everyone, > > I know that many people know not to use .local, but in the last > weeks we had several People having problems using .local. So to all > peopel starting implementing Samba 4 AD, read this: > http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ > > > > So stop using .local as TLD. Maybe there should be a BIIIIIG not > inside the wiki? > > Stefan > > > >> > What about joining a member server to an windows AD domain that > was set up as whatever.local years ago? Stock microsoft setup in > the day, the ADC does everything, including DNS. > > Does the name resolution issue cause problems for my new member > server? > >No you can stay with .local BUT if you use SLES (I don't know if it the same with other distributions) you should edit /etc/host.conf ands add a line "mdns off". - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlSuXOYACgkQ2JOGcNAHDTbTzwCgtmoMq4ZprnlUe+sCQvrSeidX DIoAoJDRofYzOegE9caGqUOZveeMvqvZ =wJzb -----END PGP SIGNATURE-----
If everything works ok now, best is not to change it. changing a domainname on an prodution environment is a hell. Just wait for any migration moment. Louis>-----Oorspronkelijk bericht----- >Van: derek at bisi.ca [mailto:samba-bounces at lists.samba.org] Namens BISI >Verzonden: woensdag 7 januari 2015 19:37 >Aan: Stefan Kania >CC: samba at lists.samba.org >Onderwerp: Re: [Samba] Don't use .local > >On 15-01-04 04:16 AM, Stefan Kania wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hello everyone, >> >> I know that many people know not to use .local, but in the last weeks >> we had several People having problems using .local. >> So to all peopel starting implementing Samba 4 AD, read this: >> >http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >-the-top-level-domain-for-your-lan/ >> >> So stop using .local as TLD. Maybe there should be a BIIIIIG not >> inside the wiki? >> >> Stefan >> >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >> >> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >> =e33p >> -----END PGP SIGNATURE----- >> >What about joining a member server to an windows AD domain >that was set >up as whatever.local years ago? Stock microsoft setup in the day, the >ADC does everything, including DNS. > >Does the name resolution issue cause problems for my new member server? > > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >