Hello all, we recently did an classic upgrade of our NT-style domain with LDAP backend to AD (Version 4.4.9-SerNet on CENTOS 7). We had some small issues but all in all it worked pretty good. Now we are in production with 3 DC and have some questions/observations: -- We used to have a WINS server in our old domain and we kept this running without change. Is it possible to migrate this to the DCs? and would it be possible that they all would be WINS servers? If so how? (just wins support = yes?) -- We are running dhcpd on two of the DCs with failover configuration and dynDNS updates via (https://wiki.samba.org/index.php/Configure_DHCP _to_update_DNS_records_with_BIND9). This works quite well. However, since both dhcp servers want to update the DNS entry locally we sometime get conflict entries (CNF:xxxxx). Has anybody found a workaround for this? Regards Christian
On Mon, 13 Feb 2017 13:39:12 +0100 Christian Naumer via samba <samba at lists.samba.org> wrote:> -- We used to have a WINS server in our old domain and we kept this > running without change. Is it possible to migrate this to the DCs? and > would it be possible that they all would be WINS servers? If so how? > (just wins support = yes?)You could just turn it into a Unix domain member, but you do not need a wins server in AD, AD uses DNS instead.> > -- We are running dhcpd on two of the DCs with failover configuration > and dynDNS updates via > (https://wiki.samba.org/index.php/Configure_DHCP > _to_update_DNS_records_with_BIND9). This works quite well. However, > since both dhcp servers want to update the DNS entry locally we > sometime get conflict entries (CNF:xxxxx). Has anybody found a > workaround for this? >How are you running the failover ? Rowland
Am Montag, den 13.02.2017, 13:09 +0000 schrieb Rowland Penny via samba:> > > You could just turn it into a Unix domain member, but you do not need > a > wins server in AD, AD uses DNS instead.In the "old" domain we had severe issues if WINS was not enabled. And as we have a "grown" environment with NT, XP, Mac, Win7 and Win2003/8 we did not risk it to switch the old WINS server off. So what you are saying is "wins support = yes" only works on domain members correct? That is the way it is running now. I just thought to use the DCs to have some kind of failover.> > > > -- We are running dhcpd on two of the DCs with failover > > configuration > > and dynDNS updates via > > (https://wiki.samba.org/index.php/Configure_DHCP > > _to_update_DNS_records_with_BIND9). This works quite well. However, > > since both dhcp servers want to update the DNS entry locally we > > sometime get conflict entries (CNF:xxxxx). Has anybody found a > > workaround for this? > > > > How are you running the failover ? >Here the relevant part from the conf. failover peer "dhcp-failover" { primary; # declare this to be the primary server address 192.168.0.90; port 647; peer address 192.168.0.91; peer port 647; max-response- delay 30; max-unacked-updates 10; load balance max seconds 3; mclt 1800; split 255; } as you can see only one server is actively handing out IPs but both try to update the DNS entries. The dynDNS was done as per the WIKI instructions. Regards> Rowland > > >