Hi Rowland, I'm here at the Microsoft plugfest trying to help a vendor join a Samba AD-DC (I just did a standard local provision on my laptop using the internal DNS server). They fail due to looking for a DNS name of: _ldap._tcp.dc._msdcs.sambadom.example.com (I provisioned with the standard realm name of sambadom.example.com). Should we be creating this record on provision ? It seems that a Windows AD-DC responds to this so I'm guessing yes. Sorry for being so clueless but I'm a bit out of my depth when outside of fileserver-world :-). Jeremy.
On Wed, 20 Jun 2018 12:24:36 -0700 Jeremy Allison <jra at samba.org> wrote:> Hi Rowland, > > I'm here at the Microsoft plugfest trying to help > a vendor join a Samba AD-DC (I just did a standard > local provision on my laptop using the internal DNS > server). > > They fail due to looking for a DNS name of: > > _ldap._tcp.dc._msdcs.sambadom.example.com > > (I provisioned with the standard realm name > of sambadom.example.com). > > Should we be creating this record on provision ?On provision, yes, on a join, no, these records are added at first run by samba_dnsupdate using 'dns_update_list'. If you look at this file, you will find at line 16: ${IF_RWDC}SRV _ldap._tcp.${DNSDOMAIN} ${HOSTNAME} 389 ${IF_RWDC}SRV _ldap._tcp.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 ${IF_RWDC}SRV _ldap._tcp.${DOMAINGUID}.domains._msdcs.${DNSFOREST} ${HOSTNAME} 389> It seems that a Windows AD-DC responds to this > so I'm guessing yes. > > Sorry for being so clueless but I'm a bit out > of my depth when outside of fileserver-world :-). > > Jeremy.No worries and just to say thanks for the famous T-shirt, it has arrived and I can now pretend to be superman LOL. Rowland
On Wed, Jun 20, 2018 at 08:43:02PM +0100, Rowland Penny wrote:> On Wed, 20 Jun 2018 12:24:36 -0700 > Jeremy Allison <jra at samba.org> wrote: > > > Hi Rowland, > > > > I'm here at the Microsoft plugfest trying to help > > a vendor join a Samba AD-DC (I just did a standard > > local provision on my laptop using the internal DNS > > server). > > > > They fail due to looking for a DNS name of: > > > > _ldap._tcp.dc._msdcs.sambadom.example.com > > > > (I provisioned with the standard realm name > > of sambadom.example.com). > > > > Should we be creating this record on provision ? > > On provision, yes, on a join, no, these records are added at first run > by samba_dnsupdate using 'dns_update_list'. If you look at this file, > you will find at line 16: > > ${IF_RWDC}SRV _ldap._tcp.${DNSDOMAIN} ${HOSTNAME} 389 > ${IF_RWDC}SRV _ldap._tcp.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 > ${IF_RWDC}SRV _ldap._tcp.${DOMAINGUID}.domains._msdcs.${DNSFOREST} ${HOSTNAME} 389No worries - thanks for the help ! Turns out the record was there, they were typing the wrong realm name on join :-). Samba AD-AD supports another file serving vendor ! (Non Samba based :-).> No worries and just to say thanks for the famous T-shirt, it has > arrived and I can now pretend to be superman LOL.Thank SerNet ! They made the t-shirts and posted them to you, I just asked :-) :-). Cheers, Jeremy.