L.P.H. van Belle
2014-Sep-29 13:55 UTC
[Samba] debian wheezy with backports samba domain join FAIL ( BUG! )
Hai, ? After some testing i can confirm there is a bug in the debian?backports samba. ( 4.1.11 the latest in backports ) ? The first server setups up ok without any problem. When you want to join the second server, it says its al succesfull but dont be fooled... its not! ? non of the needed dns entries are created.? ( samba-tool drs showrepl ) gives WERR_BADFILE No hostname, aka : ?no alias in _msdcs.internal.domain.tld no SRV records and no CNAME records, is found in the first AD server (bind9 dns was used) ? I?redid my steps with a sernet-samba installation?and then everything is created as it should. ? You have been warned! ? Greetz, ? Louis ?
Rowland Penny
2014-Sep-29 14:17 UTC
[Samba] debian wheezy with backports samba domain join FAIL ( BUG! )
On 29/09/14 14:55, L.P.H. van Belle wrote:> Hai, > > After some testing i can confirm there is a bug in the debian backports samba. ( 4.1.11 the latest in backports ) > > The first server setups up ok without any problem. > When you want to join the second server, it says its al succesfull but dont be fooled... its not! > > non of the needed dns entries are created. ( samba-tool drs showrepl ) gives WERR_BADFILE > No hostname, aka : no alias in _msdcs.internal.domain.tld no SRV records and no CNAME records, > is found in the first AD server (bind9 dns was used) > > I redid my steps with a sernet-samba installation and then everything is created as it should. > > You have been warned! > > Greetz, > > Louis >Hi Louis, if you are sure the problem exists and it wasn't just a one-off problem, then it should be easy to track down. I created a new domain with wheezy & samba from backports, but the samba version at that time was 4.1.9 and I have since upgraded to 4.1.11. I joined a second DC when I created the domain and everything worked ok then and is still working ok now. Rowland
L.P.H. van Belle
2014-Sep-29 14:38 UTC
[Samba] debian wheezy with backports samba domain join FAIL ( BUG! )
Hai Rowland,
This was a new domain setup, so it can be possible that an old domain works ok.
I even did a manual install and i tested my scripts and same result, totaly 4
installs all failed.
Then 1 install with the sernet script, all ok in one time.
try it with a new domain and the 4.1.11 samba backports.
If you manage to get the second server joined without a problem then im eating
my shoes..
My setup was like the sernet scripts setup.
I just changed the packages to the debian backports packages.
I installed the backports with : apt-get install -t wheezy-backports samba
samba-vfs-modules attr acl -y
resolv.conf settings
search internal.domain.tld
nameserver ip_of_first_dc
and a correct hosts.
kerberos all checked ok for the firest server.
kerberos checked ok for the second server but this part :
echo "Testing : dns entries"
if [ -z "`host -t SRV _ldap._tcp.internal.domain.tld. | grep 'not
found'`" ]; then
echo "testing of : host -t SRV _ldap._tcp.internal.domain.tld. :
ok"
TEST1=0
else
echo "testing of : host -t SRV _ldap._tcp.internal.domain.tld. :
FAILED"
TEST1=1
fi
if [ -z "`host -t SRV _kerberos._udp.internal.domain.tld. | grep "not
found" `" ]; then
echo "testing of : host -t SRV _kerberos._udp.internal.domain.tld. :
ok"
TEST2=0
else
echo "testing of : host -t SRV _kerberos._udp.internal.domain.tld. :
FAILED"
TEST2=1
fi
if [ -z "`host -t A ${SETHOSTNAME}.internal.domain.tld. | grep "not
found" `" ]; then
echo "testing of : host -t A ${SETHOSTNAME}.internal.domain.tld. :
ok"
TEST3=0
else
echo "testing of : host -t A ${SETHOSTNAME}.internal.domain.tld. :
FAILED"
echo "trying to fix it now: "
samba-tool dns add ${SETHOSTNAME}.${SETDNSDOMAIN} internal.domain.tld
HOSTNAME A ${IPDC2}
fi
all errors.
the last line : samba-tool dns add ${SETHOSTNAME}.${SETDNSDOMAIN}
${SETDNSDOMAIN} ${SETHOSTNAME} A ${SETIPDC2}
did say i added the dns record, but it wasnt added.
i rechecked all dns entries and there was missing a lot.
But dont put to much time in it. i'll hope this is fixed in 4.1.12, but it
isnt yet in backports.
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: rowlandpenny at googlemail.com
>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: maandag 29 september 2014 16:17
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] debian wheezy with backports samba
>domain join FAIL ( BUG! )
>
>On 29/09/14 14:55, L.P.H. van Belle wrote:
>> Hai,
>>
>> After some testing i can confirm there is a bug in the
>debian backports samba. ( 4.1.11 the latest in backports )
>>
>> The first server setups up ok without any problem.
>> When you want to join the second server, it says its al
>succesfull but dont be fooled... its not!
>>
>> non of the needed dns entries are created. ( samba-tool drs
>showrepl ) gives WERR_BADFILE
>> No hostname, aka : no alias in _msdcs.internal.domain.tld
>no SRV records and no CNAME records,
>> is found in the first AD server (bind9 dns was used)
>>
>> I redid my steps with a sernet-samba installation and then
>everything is created as it should.
>>
>> You have been warned!
>>
>> Greetz,
>>
>> Louis
>>
>Hi Louis, if you are sure the problem exists and it wasn't just a
>one-off problem, then it should be easy to track down. I created a new
>domain with wheezy & samba from backports, but the samba
>version at that
>time was 4.1.9 and I have since upgraded to 4.1.11. I joined a
>second DC
>when I created the domain and everything worked ok then and is still
>working ok now.
>
>Rowland
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
Maybe Matching Threads
- migrate from win2012srv to samba 4.1.17-Sernet-Debian-9.wheezy
- Cannot join Ubuntu12.04 Samba 4.1.17 to domain
- Cannot join Ubuntu12.04 Samba 4.1.17 to domain
- joining second DC to domain and non creation of DC DNS records
- samba-check-db-script python failure