Hi, I've spent the last days building the Samba4 RC1 and trying to move a DC from 2003 to Samba4. I've followed the HowTo's, first to build Samba4, and then to add a domain as a backup domain controller on the Wiki. Everything seems to be working fine. My backup domain controller gets all the information from the PDC, this is LDAP, Kerberos and DNS. As suggested by a message on this list, I moved the fsmo roles to the samba4 server. All OK. Checking for errors and stuff I found that there was no A DNS record for the backup DC on the backup DC. This means that if the /etc/resolv.conf only has an entry like: nameserver IP_OF_THE_BDC then everything else fails. 'dig @BDC_IP samba4.domain.lan' returns en empty result. Trying to replicate DNS information from the PDC always seems to end up ok but the A record is never found on the BDC. Also, trying to demote the PDC, I get a message that that server has the 'last replicated copy' of the DNS Zones on AD, hence it seems something is not correctly moved between DC's. Then, has anyone been able to find how to solve this? My smb.conf has not been modified by me at all. Thanks, Aleix.
Hi again, let me update my previous e-mail with new things I've found. There's a setting on the Windows DNS application that lets you choose how a zone will be replicated (on the first tab). The 'default' setting is 'Replicate to all dc's in active directory'. If you choose any other setting (replicate to all dc in forest or to all DNS servers) and do the whole process of joining the samba4 as a BDC then all the DNS entries ARE replicated BUT then the samba-tool dns query's start to fail with terrible python messages. I really don't know if this setting has anything to do with anything but maybe it'll help diagnose the problem. Aleix.
Do you still have DNS servers on Windows servers? It could be your prior settings are blocking changes as they think they are unauthorized DNS updates. I think it is referred to as authoritative updates.. On Sep 25, 2012 5:59 AM, "Aleix Dorca Josa" <adorca at uda.ad> wrote:> Hi, > > I've spent the last days building the Samba4 RC1 and trying to move a DC > from 2003 to Samba4. > > I've followed the HowTo's, first to build Samba4, and then to add a domain > as a backup domain controller on the Wiki. Everything seems to be working > fine. My backup domain controller gets all the information from the PDC, > this is LDAP, Kerberos and DNS. As suggested by a message on this list, I > moved the fsmo roles to the samba4 server. All OK. > > Checking for errors and stuff I found that there was no A DNS record for > the backup DC on the backup DC. This means that if the /etc/resolv.conf > only has an entry like: > > nameserver IP_OF_THE_BDC > > then everything else fails. > > 'dig @BDC_IP samba4.domain.lan' returns en empty result. > > Trying to replicate DNS information from the PDC always seems to end up ok > but the A record is never found on the BDC. > > Also, trying to demote the PDC, I get a message that that server has the > 'last replicated copy' of the DNS Zones on AD, hence it seems something is > not correctly moved between DC's. > > Then, has anyone been able to find how to solve this? > > My smb.conf has not been modified by me at all. > > Thanks, > > Aleix. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >