samba-tool domain join example.ru DC --server=srv-dc01.example.ru -- username=vas.lah --password=password --realm=EXAMPLE.RU --site=SITE2 srv-dc01.example.ru - windows server 2008 netdom query fsmo Schema owner srv-dc01.example.ru Domain role owner srv-dc01.example.ru PDC role srv-dc02.example.ru RID pool manager srv-dc01.example.ru Infrastructure owner srv-dc01.example.ru Setting update DNS in srv-dc01.example.ru: Security only В Пн, 19/02/2018 в 10:02 +0000, Rowland Penny via samba пишет:> On Mon, 19 Feb 2018 14:30:45 +0500 > "denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote: > > > but I do not need a domain member ((( > > and another controller DC > > I never said you did ;-) > > The usage for 'samba-tool domain join is: > > samba-tool domain join <dnsdomain> [DC|RODC|MEMBER|SUBDOMAIN] > [options] > > You are missing this ---------------^^ > > If you do not specify the role to join as, you will get a 'MEMBER' > > You also haven't said if the original DC 'srv-dc01.example.ru' is > running a DNS server, it might also help if you tell us what windows > version is running on the original DC > > Rowland >
On Mon, 19 Feb 2018 15:32:42 +0500 "denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote:> > samba-tool domain join example.ru DC --server=srv-dc01.example.ru -- > username=vas.lah --password=password --realm=EXAMPLE.RU --site=SITE2That's better ;-)> > > srv-dc01.example.ru - windows server 2008Should work.> > netdom query fsmoOnly problem with that command is, it doesn't show the dns FSMO roles, even if they are there. Simple question: Is a dns server running on the windows server 2008 ? If it is, have you checked if the dns zones exist in AD ? If they do, try pre-creating the new DC in AD. Rowland
Yes, DNS runnig on Windows Server 2008R2(srv-dc01.example.ru)
DNS integrated to AD
in the domain management snap-in is created RODC,
is it possible to translate it into a normal DC?
What are the zones to check, example.ru?
dig example.ru
; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> example.ru
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42712
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 63, AUTHORITY: 0, ADDITIONAL:
1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;example.ru. IN A
;; ANSWER SECTION:
example.ru. 600 IN A 10.2.1.4
example.ru. 600 IN A 10.2.1.5
example.ru. 600 IN A 10.3.1.4
.......
;; Query time: 3 msec
;; SERVER: 192.168.55.1#53(192.168.55.1)
;; WHEN: Пн фев 19 16:07:15 +05 2018
;; MSG SIZE rcvd: 1048
[root at srv-site2-dc1 x86_64]# nslookup srv-dc01
Server: 192.168.55.1
Address: 192.168.55.1#53
Name: srv-dc01.example.ru
Address: 192.168.55.2
[root at srv-site2-dc1 x86_64]# nslookup srv-dc01.example.ru
Server: 192.168.55.1
Address: 192.168.55.1#53
Name: srv-dc01.example.ru
Address: 192.168.55.2
[root at srv-site2-dc1 x86_64]# nslookup srv-
dc02.example.ru
Server: 192.168.55.1
Address: 192.168.55.1#53
Name: srv-dc02.example.ru
Address: 192.168.55.1
[root at srv-site2-dc1 x86_64]# nslookup srv-dc02
Server: 192.168.55.1
Address: 192.168.55.1#53
Name: srv-dc02.example.ru
Address: 192.168.55.1
В Пн, 19/02/2018 в 10:47 +0000, Rowland Penny via samba
пишет:> > username=vas.lah --password=password --realm=EXAMPLE.RU --
> > site=SITE2
>
> That's better ;-)
>
> >
> >
> > srv-dc01.example.ru - windows server 2008
>
> Should work.
>
> >
> > netdom query fsmo
>
> Only problem with that command is, it doesn't show the dns FSMO
> roles,
> even if they are there.
>
> Simple question: Is a dns server running on the windows server 2008 ?
>
> If it is, have you checked if the dns zones exist in AD ?
>
> If they do, try pre-creating the new DC in AD.