On 2023-04-04 19:36, Gary Dale via samba wrote:> On 2023-04-02 02:49, Rowland Penny via samba wrote:
>>
>>
>> On 02/04/2023 04:54, Gary Dale via samba wrote:
>>
>>> I could, but that seems like overkill. A complete second (virtually
>>> identical) system to administer and update just to hive off the 
>>> authentication task.
>>>
>>
>> To be honest, I would run two DC's just for authentication and
other
>> Samba machines as Unix domain members.
>>
>> However, I cannot force you to do anything, all I can do is advise 
>> you of best practices, neither Samba or Microsoft recommend using a 
>> DC for anything other than authentication.
>>
>> Rowland
>>
> I've set up a Debian/Stable VM with the backports in a minimal 
> install. Then I added an ssh server and connected to it (so I can cut 
> & paste to the Konsole session), and did the Debian 
> distribution-specific installation. I removed the installer's smb.conf 
> and ran the interactive provisioning.? TheLibrarian is already a
>
> I then figured I'd try the Create a reverse zone but that failed:
>
> # samba-tool dns zonecreate? DC1 1.168.192.in-addr.arpa -U Administrator
> Failed to connect host 192.168.1.13 on port 135 - 
> NT_STATUS_CONNECTION_REFUSED
> Failed to connect host 192.168.1.13 (DC1) on port 135 - 
> NT_STATUS_CONNECTION_REFUSED.
> ERROR: Connecting to DNS RPC server DC1 failed with (3221226038, 'The 
> transport-connection attempt was refused by the remote system.')
>
> The message shows that the DC1 name resolved properly. I'm not aware 
> of anything blocking port 135 - this is a clean install to a new VM.? 
> Any ideas on what's going on?
>
Nevermind. I redid the entire process and got it to work this time.