fsdc02: /etc/hosts: 127.0.0.1 localhost ::1 localhost 10.0.0.10 fsdc02.dc01.test-server.lan fsdc02 DC02 # systemctl start smbd nmbd winbind Failed to start smbd.service: Unit smbd.service is masked. Failed to start nmbd.service: Unit nmbd.service is masked. Failed to start winbind.service: Unit winbind.service is masked. # net ads join -U administrator Enter administrator's password: Using short domain name -- DC01 Joined 'FSDC02' to dns domain 'dc01.test-server.lan' DNS Update for fsdc02.dc01.test-server.lan failed: ERROR_DNS_UPDATE_FAILED DNS update failed: NT_STATUS_UNSUCCESSFUL [Mon Oct 11 12:51:56] [root at fsdc02~$] netstat -tulpn | egrep 'samba|smb|nmb|winbind' [Mon Oct 11 12:51:58] [root at fsdc02~$] [Mon Oct 11 12:51:58] [root at fsdc02~$] host dc01.test-server.lan dc01.test-server.lan has address 10.0.0.13 [Mon Oct 11 12:56:02] [root at fsdc02~$] host 10.0.0.13 13.0.0.10.in-addr.arpa domain name pointer dc01.test-server.lan. /etc/resolv.conf nameserver 10.0.0.13 search dc01.test-server.lan On the first dc I used internal samba for DNS. On the second dc, I pointed to the first for DNS. Do I need to run an additional DNS server? I'm able to resolve internal and external hosts. I tried to mimic the wiki so SAMDOM = DC01 & DC1 = DC1 & EXAMPLE.COM TEST-SERVER.LAN just so I can keep everything in order because I was getting confused with all my other attempts. I want my domain just to be test-server.lan and then DC01 would be the first and FSDC02 would be the second but just to get this working so that I understood, I tried to mimic the wiki. I wanted DC01 to be test-server.lan so host test-server.lan and host dc01.test-server.lan would resolve the same and fsdc02 would resolve to fsdc02.test-server.lan and dc02.test-server.lan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In all things, Be Intentional. On Mon, Oct 11, 2021 at 11:44 AM Patrick Goetz via samba < samba at lists.samba.org> wrote:> > > On 10/11/21 10:08, Rowland Penny via samba wrote: > > On Mon, 2021-10-11 at 09:54 -0500, Patrick Goetz via samba wrote: > >> Maybe another thing to work on for the next release? <:) > >> > >> Or is there a technical reason why this isn't possible? > > > > It is because only ntp or chrony know anything about 'mssntp' and > > 'ntp_signd' > > > >> I've long ago > >> stopped installing ntp on anything under normal conditions, since > >> systemd-timedated just works. > > > > 'systemd-timedated' only knows 'sntp' so you cannot use it with AD. It > > isn't Samba that needs updating to use systemd-timedated, it is > > systemd-timedated that needs updating to work with Samba AD. > > > > Got it, thank you. Then I'd rather they keep systemd as simple as > possible and I'll just install ntp when necessary. > > > > > Rowland > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On Mon, 2021-10-11 at 13:52 -0400, Rob Campbell via samba wrote:> fsdc02: > /etc/hosts: > 127.0.0.1 localhost > ::1 localhost > 10.0.0.10 fsdc02.dc01.test-server.lan fsdc02 DC02Why is there 'DC02' at the end ? you should remove it.> > # systemctl start smbd nmbd winbind > Failed to start smbd.service: Unit smbd.service is masked. > Failed to start nmbd.service: Unit nmbd.service is masked. > Failed to start winbind.service: Unit winbind.service is masked.Unmask 'winbind', but you shouldn't start Samba until you have joined the domain.> > # net ads join -U administrator > Enter administrator's password: > Using short domain name -- DC01Is 'DC01' your netbios domain name (aka workgroup) ?> Joined 'FSDC02' to dns domain 'dc01.test-server.lan'It has joined the domain.> DNS Update for fsdc02.dc01.test-server.lan failed: > ERROR_DNS_UPDATE_FAILED > DNS update failed: NT_STATUS_UNSUCCESSFULYou have dns problems, fix /etc/hosts, check that /etc/hostname only contains 'fsdc02'> > [Mon Oct 11 12:51:56] [root at fsdc02~$] netstat -tulpn | egrep > 'samba|smb|nmb|winbind' > [Mon Oct 11 12:51:58] [root at fsdc02~$] > > [Mon Oct 11 12:51:58] [root at fsdc02~$] host dc01.test-server.lan > dc01.test-server.lan has address 10.0.0.13 > [Mon Oct 11 12:56:02] [root at fsdc02~$] host 10.0.0.13 > 13.0.0.10.in-addr.arpa domain name pointer dc01.test-server.lan. > > /etc/resolv.conf > nameserver 10.0.0.13 > search dc01.test-server.lan > > On the first dc I used internal samba for DNS.Properly set up, this would be okay.> On the second dc, I pointed > to the first for DNS. Do I need to run an additional DNS server?If you are running a second DC, you are running an additional dns server, every Samba DC runs the internal dns server. Also every Samba DC should use its own ipaddress for its nameserver.> I'm able > to resolve internal and external hosts. > > I tried to mimic the wiki so SAMDOM = DC01 & DC1 = DC1 & EXAMPLE.COM > > TEST-SERVER.LAN just so I can keep everything in order because I was > getting confused with all my other attempts. I want my domain just > to be > test-server.lan and then DC01 would be the first and FSDC02 would be > the > second but just to get this working so that I understood, I tried to > mimic > the wiki.That is NEVER going to work, every DC and domain member in the domain must use the same dns domain name, in your case, this seems to be 'test-server.lan'. The realm would then be the dns domain in uppercase 'TEST-SERVER.LAN'.> > I wanted DC01 to be test-server.lan so host test-server.lan and host > dc01.test-server.lan would resolve the same and fsdc02 would resolve > to > fsdc02.test-server.lan and dc02.test-server.lan.I would get the domain working correctly before adding CNAME records (which is what you seem to want to do), though there is little reason to do this. Rowland