samba - Feb 2021 - samba-tool join error : NO DNS zone information found in source domain, not replicating DNS

Hi

we have a samba4 AD-DC running 4.10, which replaced a Win2008 DYC many 
years ago.
During this migration? (2008-DC->samba4-dc) sometings seems to went wrong.
The new DC only misses the a seperate _msdcs.XXX.lan zone, like other 
samba4 dc show

samba-tool dns zonelist server01 -U Administrator


 ? pszZoneName???????????????? : XXX.lan
 ? Flags?????????????????????? : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
 ? ZoneType??????????????????? : DNS_ZONE_TYPE_PRIMARY
 ? Version???????????????????? : 50
 ? dwDpFlags?????????????????? : DNS_DP_AUTOCREATED 
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
 ? pszDpFqdn?????????????????? : ForestDnsZones.XXX.lan

the zone _ msdcs is located as subzone under XXX.lan

Now I am trying to join a second dc, the join finishes, but shows

"NO DNS zone information found in source domain, not replicating DNS"

therefore no DNS partions are created on the new server either.

Is there a way to fix it?
e.g. by reapplying? /usr/share/samba/setup/provision_dnszones*.ldif ?
or running somthing like 
/usr/lib64/python3.6/site-packages/samba/provision/sambadns.py

The zone XXX.lan itself contains only the default values for 
servicerecords etc and could be replaced

Regards

Hansj?rg









----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie
moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie
einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an
hansjoerg.maurer at itsd.de.

Our system is equipped with an email encryption gateway. If you want email sent
to you to be encrypted please send a S/MIME signed email or your PGP public key
to hansjoerg.maurer at itsd.de.

.lan 

i suggest you read these. 
https://tools.ietf.org/html/rfc6762 Appendix G.  Private DNS Namespaces
https://en.wikipedia.org/wiki/.local#cite_note-6 

https://tools.ietf.org/html/rfc2606 
https://tools.ietf.org/html/rfc6761 

my advice, change it when you can. 

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Dr. Hansj?rg
> Maurer via samba
> Verzonden: woensdag 17 februari 2021 15:32
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] samba-tool join error : NO DNS zone information found
> in source domain, not replicating DNS
> 
> Hi
> 
> we have a samba4 AD-DC running 4.10, which replaced a Win2008 DYC many
> years ago.
> During this migration? (2008-DC->samba4-dc) sometings seems to went
wrong.
> The new DC only misses the a seperate _msdcs.XXX.lan zone, like other
> samba4 dc show
> 
> samba-tool dns zonelist server01 -U Administrator
> 
> 
>  ? pszZoneName???????????????? : XXX.lan
>  ? Flags?????????????????????? : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
>  ? ZoneType??????????????????? : DNS_ZONE_TYPE_PRIMARY
>  ? Version???????????????????? : 50
>  ? dwDpFlags?????????????????? : DNS_DP_AUTOCREATED
> DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>  ? pszDpFqdn?????????????????? : ForestDnsZones.XXX.lan
> 
> the zone _ msdcs is located as subzone under XXX.lan
> 
> Now I am trying to join a second dc, the join finishes, but shows
> 
> "NO DNS zone information found in source domain, not replicating
DNS"
> 
> therefore no DNS partions are created on the new server either.
> 
> Is there a way to fix it?
> e.g. by reapplying? /usr/share/samba/setup/provision_dnszones*.ldif ?
> or running somthing like
> /usr/lib64/python3.6/site-packages/samba/provision/sambadns.py
> 
> The zone XXX.lan itself contains only the default values for
> servicerecords etc and could be replaced
> 
> Regards
> 
> Hansj?rg
> 
> 
> 
> 
> 
> 
> 
> 
> 
> ----------------------------
> Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet.
> Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden,
> senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key
> an hansjoerg.maurer at itsd.de.
> 
> Our system is equipped with an email encryption gateway. If you want email
> sent to you to be encrypted please send a S/MIME signed email or your PGP
> public key to hansjoerg.maurer at itsd.de.
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

On 17/02/2021 14:31, Dr. Hansj?rg Maurer via samba
wrote:
> Hi
>
> we have a samba4 AD-DC running 4.10, which replaced a Win2008 DYC many 
> years ago.
> During this migration? (2008-DC->samba4-dc) sometings seems to went 
> wrong.
> The new DC only misses the a seperate _msdcs.XXX.lan zone, like other 
> samba4 dc show
>
> samba-tool dns zonelist server01 -U Administrator
>
>
> ? pszZoneName???????????????? : XXX.lan
> ? Flags?????????????????????? : DNS_RPC_ZONE_DSINTEGRATED 
> DNS_RPC_ZONE_UPDATE_SECURE
> ? ZoneType??????????????????? : DNS_ZONE_TYPE_PRIMARY
> ? Version???????????????????? : 50
> ? dwDpFlags?????????????????? : DNS_DP_AUTOCREATED 
> DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
> ? pszDpFqdn?????????????????? : ForestDnsZones.XXX.lan
>
> the zone _ msdcs is located as subzone under XXX.lan
>
> Now I am trying to join a second dc, the join finishes, but shows
>
> "NO DNS zone information found in source domain, not replicating
DNS"
>
> therefore no DNS partions are created on the new server either.
>
> Is there a way to fix it?
> e.g. by reapplying /usr/share/samba/setup/provision_dnszones*.ldif ?
> or running somthing like 
> /usr/lib64/python3.6/site-packages/samba/provision/sambadns.py
>
> The zone XXX.lan itself contains only the default values for 
> servicerecords etc and could be replaced
>
Are you sure your domain didn't start off with an earlier Windows 
version, such as 2K or 2003K ?

I ask this because you seem to have the earlier dns records.

Rowland