On Mon, 25 Sep 2023 15:18:01 +0000 Paul Littlefield via samba <samba at lists.samba.org> wrote:> On 25/09/2023 15:17, Rowland Penny via samba wrote: > > If you haven't joined as a DC, then at that point, there will not be > > such a record for the new DC, it gets created when you first start > > your new DC. > > > OK, I was more concerned about the actual 'network error' as shown in > my original post... > > > "communications error to 130.130.0.219#53: timed out" > > > ... I have tried a few different times and get the same error each > time. This error is NOT shown when I test on the other running DCs. > This is what I worried about and need advice on whether to risk a > join or not?! Could it be to do with the different IP address range?Whilst anything is possible, if you are trying to connect to the internal dns server on a machine that isn't yet a DC, then it will time out, because there isn't a dns server there yet. Of course. I may be misunderstanding things here. Rowland
Paul Littlefield
2023-Sep-26 09:08 UTC
[Samba] new DC preparation, nslookup and dig errors
On 25/09/2023 16:25, Rowland Penny via samba wrote:> Whilst anything is possible, if you are trying to connect to the > internal dns server on a machine that isn't yet a DC, then it will time > out, because there isn't a dns server there yet. > > Of course. I may be misunderstanding things here.Maybe :) I am preparing to join a third Linux DC to an existing domain running two Linux DCs, and am following these instructions ... https://wiki.samba.org/index.php/Linux_and_Unix_DNS_Configuration#Resolving_SRV_Records ... so am concerned that there is a "communications error":- "_ldap._tcp.mydomain.com;; communications error to 130.130.0.219#53: timed out" ... which is DC5 trying to get a DNS record from DC4 and failing. If I run the same 'test' from that wiki page on either of the existing 2 Linux DCs which _are_ dns servers for the whole network, it does not show that error. Do you follow me? In other words, I want to sort that error out first before I go trying to join a new DC (which I am only doing to solve the recent security patch!) I have tried Googling it but come up blank. Regards, -- Paul Littlefield