Hi, we have successfully installed our samba4 AD domain with AD DC, smb file server and Windows/Linux clients in the same subnet. Now we try to add a couple of Windows PCs to the domain that are located in a different subnet. As soon as the AD DC is added as the DNS server on the Windows clients it is no longer possible to resolve ip addresses. In other words, for those PCs DNS is not working. We added - the new clients to our DNS using samba-tool dns add - a new reverse lookup zone for the new subnet and filled it using samba-tool dns add - a new subnet in RSAT Active Directory Sites and Services Routing seems to be OK - we can run telnet <IP of AD DC> 53 from one of the "new" Windows clients and a connection will be established. However, analyses from wireshark/tshark show that on DNS requests there is never an answer from our AD DC. It seems that we are missing something here - any help would be appreciated. Andreas -- Andreas Habel Petroleum engineering lab Geosciences | Unix network Faculty of Science and Technology University of Stavanger Norway Phone: +47-51 83 22 93
On 29/08/2019 13:50, Andreas Habel via samba wrote:> Hi, > > we have successfully installed our samba4 AD domain with AD DC,smb > file server and Windows/Linux clients in the same subnet. > > Now we try to add a couple of Windows PCs to the domain that are > located in a different subnet. As soon as the AD DC is added as the > DNS server on the Windows clients it is no longer possible to resolve > ip addresses. In other words, for those PCs DNS is not working. > > We added - the new clients to our DNS using samba-tool dns add > - a new reverse lookup zone for the new subnet and filled it > using samba-tool dns add - a new subnet in RSAT Active > Directory Sites and Services > > Routing seems to be OK - we can run telnet <IP of AD DC> 53 from one > of the "new" Windows clients and a connection will be established. > However, analyses from wireshark/tshark show that on DNS requests > there is never an answer from our AD DC. > > It seems that we are missing something here - any help would be > appreciated. > > Andreas Does 'telnet <DC short hostname> 53' work ? Rowland
-----Original Message----- From: samba <samba-bounces at lists.samba.org> On Behalf Of Rowland penny via samba Sent: torsdag 29. august 2019 16:33 To: samba at lists.samba.org Subject: Re: [Samba] no DNS functionality on second subnet On 29/08/2019 13:50, Andreas Habel via samba wrote:> Hi, > > we have successfully installed our samba4 AD domain with AD > DC,smb > file server and Windows/Linux clients in the same subnet. > > Now we try to add a couple of Windows PCs to the domain that are > located in a different subnet. As soon as the AD DC is added as the > DNS server on the Windows clients it is no longer possible to resolve > ip addresses. In other words, for those PCs DNS is not working. > > We added - the new clients to our DNS using samba-tool dns add > - a new reverse lookup zone for the new subnet and filled it > using samba-tool dns add - a new subnet in RSAT Active > Directory Sites and Services > > Routing seems to be OK - we can run telnet <IP of AD DC> 53 from one > of the "new" Windows clients and a connection will be established. > However, analyses from wireshark/tshark show that on DNS requests > there is never an answer from our AD DC. > > It seems that we are missing something here - any help would be > appreciated. > > Andreas [[AH:]] Does 'telnet <DC short hostname> 53' work ? Rowland No, neither short name or FQDN work: C:\Users\Administrator>telnet smbdc 53 Connecting To smbdc...Could not open connection to the host, on port 53: Connect failed C:\Users\Administrator>telnet smbdc.ier.ux.uis.no 53 Connecting To smbdc.ier.ux.uis.no...Could not open connection to the host, on port 53: Connect failed Andreas -- Andreas Habel Petroleum engineering lab Geosciences | Unix network Faculty of Science and Technology University of Stavanger Norway Phone: +47-51 83 22 93