On Fri, 05 Apr 2024 08:06:10 +0200 PaLi via samba <samba at lists.samba.org> wrote:> Hello > > I have a strange problem on a brand new installation of samba AD > (samba-4.19.5 on Fedora 39). > > Domain controller is dc01.some.domain.org > Secondary (replicated) controller is dc02.some.domain.org > > After clean installation all basic tests seams to be ok. > > All these command return correct responses: > > smbclient -L localhost -N > smbclient //localhost/netlogon -U Administrator -c 'ls' > > host -t SRV _ldap._tcp.${HOSTNAME#*.}. > host -t SRV _kerberos._udp.${HOSTNAME#*.}. > host -t A ${HOSTNAME}. > > kinit Administrator > klist > > sudo samba-tool drs showrepl > > sudo samba-tool user list --full-dn > sudo samba-tool group list --full-dn > sudo samba-tool computer list --full-dn > > > Problem is on dc01.some.domain.org > this command (and all other variants of "samba-tool dns"): > > sudo samba-tool dns zonelist $(hostname) -U Administrator > > gets stuck and returns nothing when parameter <server> is > $(hostname)or$(hostname --short) > > when I change $(hostname) to localhost or ip address command is > responding correctly. > > > This problem is only on primary controller dc01.What primary controller ? All DCs are equal, it is just some may have FSMO roles, this does not make any a 'primary' . A 'Primary Domain Controller' is something else entirely.> > The same commands works on?dc02.some.domain.org?without problems. > > > Even when I run samba-tool dns on?dc02.some.domain.org?with <server> > dc01 > sudo samba-tool dns zonelist dc01 -U Administrator > > it returns correct results. > > How can I make samba-tool dns on dco1 work? > What this behavior could be? >It sounds like DNS. Can you post the contents of: /etc/resolv.conf /etc/hosts Rowland
pavel.lisy at gmail.com
2024-Apr-05  13:38 UTC
[Samba] Strange problem with samba-tool dns query ...
On Fri, 2024-04-05 at 08:04 +0100, Rowland Penny via samba wrote:> On Fri, 05 Apr 2024 08:06:10 +0200 > PaLi via samba <samba at lists.samba.org> wrote: > > > Hello > > > > I have a strange problem on a brand new installation of samba AD > > (samba-4.19.5 on Fedora 39). > > > > Domain controller is dc01.some.domain.org > > Secondary (replicated) controller is dc02.some.domain.org > > > > After clean installation all basic tests seams to be ok. > > > > All these command return correct responses: > > > > smbclient -L localhost -N > > smbclient //localhost/netlogon -U Administrator -c 'ls' > > > > host -t SRV _ldap._tcp.${HOSTNAME#*.}. > > host -t SRV _kerberos._udp.${HOSTNAME#*.}. > > host -t A ${HOSTNAME}. > > > > kinit Administrator > > klist > > > > sudo samba-tool drs showrepl > > > > sudo samba-tool user list --full-dn > > sudo samba-tool group list --full-dn > > sudo samba-tool computer list --full-dn > > > > > > Problem is on dc01.some.domain.org > > this command (and all other variants of "samba-tool dns"): > > > > sudo samba-tool dns zonelist $(hostname) -U Administrator > > > > gets stuck and returns nothing when parameter <server> is > > $(hostname)or$(hostname --short) > > > > when I change $(hostname) to localhost or ip address command is > > responding correctly. > > > > > > This problem is only on primary controller dc01. > > What primary controller ? > All DCs are equal, it is just some may have FSMO roles, this does not > make any a 'primary' . A 'Primary Domain Controller' is something > else > entirely.I mean DC installed first (dc01) by samba-tool domain provision ... other was joined only (dc02) by samba-tool domain join some.domain.org DC ...> > > > > The same commands works on?dc02.some.domain.org?without problems. > > > > > > Even when I run samba-tool dns on?dc02.some.domain.org?with > > <server> > > dc01 > > sudo samba-tool dns zonelist dc01 -U Administrator > > > > it returns correct results. > > > > How can I make samba-tool dns on dco1 work? > > What this behavior could be? > > > > It sounds like DNS. > Can you post the contents of: > /etc/resolv.confnameserver 192.168.90.21 nameserver 192.168.90.3 nameserver 192.168.90.1 search some.domain.org> /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.90.21 dc01.some.domain.org dc01 dns resolving works without problems: [admin at dc01 ~]$ nslookup dc01 Server: 192.168.90.21 Address: 192.168.90.21#53 Name:dc01.some.domain.org Address: 192.168.90.21 on dc02 is all set similar way and it works On dc01 I've tried add line to /etc/hosts 192.168.90.21 dc05.some.domain.org dc05 and then this command works sudo samba-tool dns zonelist dc05 -U Administrator everything except names with dc01 works correctly. And I don't understand why. Pavel