samba - Jul 2020 - DNS issues on both DC's

I am having dns issues on both DC's.

root at dc1:~# ./samba-setup-checkup.sh
Check hostnames : Ok
./samba-setup-checkup.sh: line 91: [: too many arguments
Checking detected host ipnumbers from resolv.conf and default gateway
Ping gateway ip : 192.168.0.106 : Ok
Warning, no ping to gateway, this might be firewalled.
check you internet connection, subdom DNS might need it.
ping nameserver1: 192.168.0.42 : Ok
ping nameserver2: 192.168.0.41 : Ok
Check ping google dns : 8.8.8.8 : Ok
Warning, no ping to internet dns 8.8.8.8, this might be firewalled.
Check you internet connection, subdom DNS might need it.
Checking file owner..
-rw-r--r-- root root ??? ?/etc/samba/smb.conf
Checking file owner..
Missing file /etc/samba/lmhosts
Checking file owner..
Missing file /etc/samba/smbpasswd
drwxr-xr-x root root ??? ?/usr/bin
drwxr-xr-x root root ??? ?/var/cache/sambsubdomrwxr-xr-x root root ??? 
 ?/usr/lib/x86_64-linux-gnu
drwxr-xr-x root root ??? ?/run/sambsubdomrwxr-x--- root subdomm ??? 
 ?/var/log/sambsubdomrwxr-xr-x root root 
 ?/usr/lib/x86_64-linux-gnu/sambsubdomrwxr-xr-x root root 
 ?/run/sambsubdomrwxr-xr-x root root ??? ?/var/lib/samba/private
drwxr-xr-x root root ??? ?/usr/sbin
drwxr-xr-x root root ??? ?/var/lib/sambsubdomCS reache
DC1 reache
DC2
ERROR: Invalid IP subdomdress 'reache'!
Samba subdom DC info:???????????? =? detected (command and where to look)
This server hostname????????? = dc1 (hostname -s and /etc/hosts and DNS 
server)
This server FQDN (hostname)?? = dc1.subdom.example.com (hostname -f and 
/etc/hosts and DNS server)
This server primary dnsdomain = subdom.example.com (hostname -d and 
/etc/resolv.conf and DNS server)
This server IP subdomdress(ses)?? = 192.168.0.41? Only one interface 
detected (hostname -i (-I) and /etc/netcoming/interfaces and DNS server
The DC with FSMO roles??????? = dc1 (samba-tool fsmo show)
The DC (with FSMO) Site name? = Default-First-Site-Name (samba-tool fsmo 
show)
The Default Naming Context??? = DC=subdom,DC=example,DC=com (samba-tool 
fsmo show)
The Kerberos REALM name used? = subdom.example.com ?? (kinit and 
/etc/krb5.conf and resolving)
The Ipsubdomres of DC reache??????? = reached
SAMBA_SERVER_ROLE: active directory domain controller
SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbindd, ntp_signd, kcc, dnsupdate
SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr, 
netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, 
backupkey, dnsserver

DC2

root at dc2:~# ./samba-setup-checkup.sh
Check hostnames : Ok
./samba-setup-checkup.sh: line 91: [: too many arguments
Checking detected host ipnumbers from resolv.conf and default gateway
Ping gateway ip : 192.168.0.106 : Ok
Warning, no ping to gateway, this might be firewalled.
check you internet connection, subdom DNS might need it.
ping nameserver1: 192.168.0.41 : Ok
ping nameserver2: 192.168.0.42 : Ok
Check ping google dns : 8.8.8.8 : Ok
Warning, no ping to internet dns 8.8.8.8, this might be firewalled.
Check you internet connection, subdom DNS might need it.
Checking file owner..
-rw-r--r-- root root ??? ?/etc/samba/smb.conf
Checking file owner..
Missing file /etc/samba/lmhosts
Checking file owner..
Missing file /etc/samba/smbpasswd
drwxr-xr-x root root ??? ?/usr/bin
drwxr-xr-x root root ??? ?/var/cache/sambsubdomrwxr-xr-x root root ??? 
 ?/usr/lib/x86_64-linux-gnu
drwxr-xr-x root root ??? ?/run/sambsubdomrwxr-x--- root subdomm ??? 
 ?/var/log/sambsubdomrwxr-xr-x root root 
 ?/usr/lib/x86_64-linux-gnu/sambsubdomrwxr-xr-x root root 
 ?/run/sambsubdomrwxr-xr-x root root ??? ?/var/lib/samba/private
drwxr-xr-x root root ??? ?/usr/sbin
drwxr-xr-x root root ??? ?/var/lib/sambsubdomCS reache
DC1 reache
DC2
ERROR: Invalid IP subdomdress 'reache'!
Samba subdom DC info:???????????? =? detected (command and where to look)
This server hostname????????? = dc2 (hostname -s and /etc/hosts and DNS 
server)
This server FQDN (hostname)?? = dc2.subdom.example.com (hostname -f and 
/etc/hosts and DNS server)
This server primary dnsdomain = subdom.example.com (hostname -d and 
/etc/resolv.conf and DNS server)
This server IP subdomdress(ses)?? = 192.168.0.42? Only one interface 
detected (hostname -i (-I) and /etc/netcoming/interfaces and DNS server
The DC with FSMO roles??????? = dc1 (samba-tool fsmo show)
The DC (with FSMO) Site name? = Default-First-Site-Name (samba-tool fsmo 
show)
The Default Naming Context??? = DC=subdom,DC=example,DC=com (samba-tool 
fsmo show)
The Kerberos REALM name used? = subdom.example.com ?? (kinit and 
/etc/krb5.conf and resolving)
The Ipsubdomres of DC reache??????? = reached
SAMBA_SERVER_ROLE: active directory domain controller
SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbindd, ntp_signd, kcc, dnsupdate
SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr, 
netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, 
backupkey, dnsserver

I performed the join of DC2 to DC1. I moved the tdbbackup of DC1 
idmap.ldb to DC2 have the "same IDs on both DC's.

root at dc2:~# systemctl status bind9
? bind9.service - BIND Domain Name Server
 ?? Loaded: losubdomed (/lib/systemd/system/bind9.service; enabled; 
vendor preset: en
 ?? Active: failed (Result: exit-code) since Fri 2020-07-10 07:13:12 
CDT; 1h 4min
 ???? Docs: man:named(8)
 ? Process: 6385 ExecStart=/usr/sbin/named $OPTIONS (code=exited, 
status=1/FAILUR

Jul 10 07:13:12 dc2 named[6386]: samba_dlz: started for DN 
DC=subdom,DC=example,DCJul 10 07:13:12 dc2 named[6386]: samba_dlz: starting
configure
Jul 10 07:13:12 dc2 named[6386]: samba_dlz: configured writeable zone 
'subdom.dtnt
Jul 10 07:13:12 dc2 named[6386]: zone 0.168.192.in-subdomdr.arpa/NONE: 
has no NS
Jul 10 07:13:12 dc2 named[6386]: samba_dlz: Failed to configure zone 
'0.168.1
Jul 10 07:13:12 dc2 named[6386]: losubdoming configuration: bsubdom zone
Jul 10 07:13:12 dc2 named[6386]: exiting (due to fatal error)
Jul 10 07:13:12 dc2 systemd[1]: bind9.service: Control process exited, 
code=ex
Jul 10 07:13:12 dc2 systemd[1]: bind9.service: Failed with result 
'exit-code'.
Jul 10 07:13:12 dc2 systemd[1]: Failed to start BIND Domain Name Server.e

DNS on the lan is broken to the point that the workstations cannot 
access email. Web browsing seems to work for now but, with bind9 failing 
I suspect that will not last long.

Clearly, I have done something really wrong!

Help?

-- 
<<<<<<<<<<<<
sent from my laptop
>>>>>>>>>>>>
Bob Wooden

Hai bob, thats a very old script. 
I sended a new one to you. 

It "looks" like there is an reverse zone in flat file.
>>  zone  0.168.192.in-subdomdr.arpa/NONE: has no NS
The other scrip will tell us whats off. 


Greetz, 

Louis



 
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob 
> Wooden via samba
> Verzonden: vrijdag 10 juli 2020 15:23
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] DNS issues on both DC's
> 
> I am having dns issues on both DC's.
> 
> root at dc1:~# ./samba-setup-checkup.sh
> Check hostnames : Ok
> ./samba-setup-checkup.sh: line 91: [: too many arguments
> Checking detected host ipnumbers from resolv.conf and default gateway
> Ping gateway ip : 192.168.0.106 : Ok
> Warning, no ping to gateway, this might be firewalled.
> check you internet connection, subdom DNS might need it.
> ping nameserver1: 192.168.0.42 : Ok
> ping nameserver2: 192.168.0.41 : Ok
> Check ping google dns : 8.8.8.8 : Ok
> Warning, no ping to internet dns 8.8.8.8, this might be firewalled.
> Check you internet connection, subdom DNS might need it.
> Checking file owner..
> -rw-r--r-- root root ??? ?/etc/samba/smb.conf
> Checking file owner..
> Missing file /etc/samba/lmhosts
> Checking file owner..
> Missing file /etc/samba/smbpasswd
> drwxr-xr-x root root ??? ?/usr/bin
> drwxr-xr-x root root ??? ?/var/cache/sambsubdomrwxr-xr-x root 
> root ??? 
>  ?/usr/lib/x86_64-linux-gnu
> drwxr-xr-x root root ??? ?/run/sambsubdomrwxr-x--- root subdomm ??? 
>  ?/var/log/sambsubdomrwxr-xr-x root root 
>  ?/usr/lib/x86_64-linux-gnu/sambsubdomrwxr-xr-x root root 
>  ?/run/sambsubdomrwxr-xr-x root root ??? ?/var/lib/samba/private
> drwxr-xr-x root root ??? ?/usr/sbin
> drwxr-xr-x root root ??? ?/var/lib/sambsubdomCS reache
> DC1 reache
> DC2
> ERROR: Invalid IP subdomdress 'reache'!
> Samba subdom DC info:???????????? =? detected (command and 
> where to look)
> This server hostname????????? = dc1 (hostname -s and 
> /etc/hosts and DNS 
> server)
> This server FQDN (hostname)?? = dc1.subdom.example.com 
> (hostname -f and 
> /etc/hosts and DNS server)
> This server primary dnsdomain = subdom.example.com (hostname -d and 
> /etc/resolv.conf and DNS server)
> This server IP subdomdress(ses)?? = 192.168.0.41? Only one interface 
> detected (hostname -i (-I) and /etc/netcoming/interfaces and 
> DNS server
> The DC with FSMO roles??????? = dc1 (samba-tool fsmo show)
> The DC (with FSMO) Site name? = Default-First-Site-Name 
> (samba-tool fsmo 
> show)
> The Default Naming Context??? = DC=subdom,DC=example,DC=com 
> (samba-tool 
> fsmo show)
> The Kerberos REALM name used? = subdom.example.com ?? (kinit and 
> /etc/krb5.conf and resolving)
> The Ipsubdomres of DC reache??????? = reached
> SAMBA_SERVER_ROLE: active directory domain controller
> SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, 
> kdc, drepl, 
> winbindd, ntp_signd, kcc, dnsupdate
> SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr, 
> netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, 
> backupkey, dnsserver
> 
> DC2
> 
> root at dc2:~# ./samba-setup-checkup.sh
> Check hostnames : Ok
> ./samba-setup-checkup.sh: line 91: [: too many arguments
> Checking detected host ipnumbers from resolv.conf and default gateway
> Ping gateway ip : 192.168.0.106 : Ok
> Warning, no ping to gateway, this might be firewalled.
> check you internet connection, subdom DNS might need it.
> ping nameserver1: 192.168.0.41 : Ok
> ping nameserver2: 192.168.0.42 : Ok
> Check ping google dns : 8.8.8.8 : Ok
> Warning, no ping to internet dns 8.8.8.8, this might be firewalled.
> Check you internet connection, subdom DNS might need it.
> Checking file owner..
> -rw-r--r-- root root ??? ?/etc/samba/smb.conf
> Checking file owner..
> Missing file /etc/samba/lmhosts
> Checking file owner..
> Missing file /etc/samba/smbpasswd
> drwxr-xr-x root root ??? ?/usr/bin
> drwxr-xr-x root root ??? ?/var/cache/sambsubdomrwxr-xr-x root 
> root ??? 
>  ?/usr/lib/x86_64-linux-gnu
> drwxr-xr-x root root ??? ?/run/sambsubdomrwxr-x--- root subdomm ??? 
>  ?/var/log/sambsubdomrwxr-xr-x root root 
>  ?/usr/lib/x86_64-linux-gnu/sambsubdomrwxr-xr-x root root 
>  ?/run/sambsubdomrwxr-xr-x root root ??? ?/var/lib/samba/private
> drwxr-xr-x root root ??? ?/usr/sbin
> drwxr-xr-x root root ??? ?/var/lib/sambsubdomCS reache
> DC1 reache
> DC2
> ERROR: Invalid IP subdomdress 'reache'!
> Samba subdom DC info:???????????? =? detected (command and 
> where to look)
> This server hostname????????? = dc2 (hostname -s and 
> /etc/hosts and DNS 
> server)
> This server FQDN (hostname)?? = dc2.subdom.example.com 
> (hostname -f and 
> /etc/hosts and DNS server)
> This server primary dnsdomain = subdom.example.com (hostname -d and 
> /etc/resolv.conf and DNS server)
> This server IP subdomdress(ses)?? = 192.168.0.42? Only one interface 
> detected (hostname -i (-I) and /etc/netcoming/interfaces and 
> DNS server
> The DC with FSMO roles??????? = dc1 (samba-tool fsmo show)
> The DC (with FSMO) Site name? = Default-First-Site-Name 
> (samba-tool fsmo 
> show)
> The Default Naming Context??? = DC=subdom,DC=example,DC=com 
> (samba-tool 
> fsmo show)
> The Kerberos REALM name used? = subdom.example.com ?? (kinit and 
> /etc/krb5.conf and resolving)
> The Ipsubdomres of DC reache??????? = reached
> SAMBA_SERVER_ROLE: active directory domain controller
> SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, 
> kdc, drepl, 
> winbindd, ntp_signd, kcc, dnsupdate
> SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr, 
> netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, 
> backupkey, dnsserver
> 
> I performed the join of DC2 to DC1. I moved the tdbbackup of DC1 
> idmap.ldb to DC2 have the "same IDs on both DC's.
> 
> root at dc2:~# systemctl status bind9
> ??? bind9.service - BIND Domain Name Server
>  ?? Loaded: losubdomed (/lib/systemd/system/bind9.service; enabled; 
> vendor preset: en
>  ?? Active: failed (Result: exit-code) since Fri 2020-07-10 07:13:12 
> CDT; 1h 4min
>  ???? Docs: man:named(8)
>  ? Process: 6385 ExecStart=/usr/sbin/named $OPTIONS (code=exited, 
> status=1/FAILUR
> 
> Jul 10 07:13:12 dc2 named[6386]: samba_dlz: started for DN 
> DC=subdom,DC=example,DC> Jul 10 07:13:12 dc2 named[6386]: samba_dlz:
starting configure
> Jul 10 07:13:12 dc2 named[6386]: samba_dlz: configured writeable zone 
> 'subdom.dtnt
> Jul 10 07:13:12 dc2 named[6386]: zone 
> 0.168.192.in-subdomdr.arpa/NONE: 
> has no NS
> Jul 10 07:13:12 dc2 named[6386]: samba_dlz: Failed to configure zone 
> '0.168.1
> Jul 10 07:13:12 dc2 named[6386]: losubdoming configuration: 
> bsubdom zone
> Jul 10 07:13:12 dc2 named[6386]: exiting (due to fatal error)
> Jul 10 07:13:12 dc2 systemd[1]: bind9.service: Control 
> process exited, 
> code=ex
> Jul 10 07:13:12 dc2 systemd[1]: bind9.service: Failed with result 
> 'exit-code'.
> Jul 10 07:13:12 dc2 systemd[1]: Failed to start BIND Domain 
> Name Server.e
> 
> DNS on the lan is broken to the point that the workstations cannot 
> access email. Web browsing seems to work for now but, with 
> bind9 failing 
> I suspect that will not last long.
> 
> Clearly, I have done something really wrong!
> 
> Help?
> 
> -- 
> <<<<<<<<<<<<
> sent from my laptop
> >>>>>>>>>>>>
> Bob Wooden
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>