On 05/01/15 07:00, Achim Gottinger wrote:> Hello, > > I deployed an Samba 4 AD back in 2013 with .local, not knowing it can > cause troubles with mDns. > On my linux server i did not install avahi and i do not have mDns in > my nsswitch.conf hosts entry. > On windows machines i usually deinstall bonjour whenever it shows up > and i do not install it when installing itunes. > Till now i have not had any dns resolve issues, still i'd like to > change it to .loc or similar without having to reprovision ad. > Is this possible? > > Thanks in advance, > Achim > > > Am 04.01.2015 um 13:16 schrieb Stefan Kania: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hello everyone, >> >> I know that many people know not to use .local, but in the last weeks >> we had several People having problems using .local. >> So to all peopel starting implementing Samba 4 AD, read this: >> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ >> >> >> So stop using .local as TLD. Maybe there should be a BIIIIIG not >> inside the wiki? >> >> Stefan >> >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >> >> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >> =e33p >> -----END PGP SIGNATURE----- >It would seem that it is possible, see: http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx Only problem, I do not know of any Unix tool to do it and do not know if rendom.exe will work with a samba4 AD DC. Rowland
Am 05.01.2015 um 10:28 schrieb Rowland Penny:> On 05/01/15 07:00, Achim Gottinger wrote: >> Hello, >> >> I deployed an Samba 4 AD back in 2013 with .local, not knowing it can >> cause troubles with mDns. >> On my linux server i did not install avahi and i do not have mDns in >> my nsswitch.conf hosts entry. >> On windows machines i usually deinstall bonjour whenever it shows up >> and i do not install it when installing itunes. >> Till now i have not had any dns resolve issues, still i'd like to >> change it to .loc or similar without having to reprovision ad. >> Is this possible? >> >> Thanks in advance, >> Achim >> >> >> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Hello everyone, >>> >>> I know that many people know not to use .local, but in the last weeks >>> we had several People having problems using .local. >>> So to all peopel starting implementing Samba 4 AD, read this: >>> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as-the-top-level-domain-for-your-lan/ >>> >>> >>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>> inside the wiki? >>> >>> Stefan >>> >>> >>> >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>> >>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>> =e33p >>> -----END PGP SIGNATURE----- >> > > It would seem that it is possible, see: > http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx > Only problem, I do not know of any Unix tool to do it and do not know > if rendom.exe will work with a samba4 AD DC. > > Rowland >Thank you for the link Rowland, gotta give it an try in an test environment. But i guess i wait for version 4.2 before i start testing.
Hai Achim, If everything is working correct, wel dont change the domainname then. if resolving is setup correct you should not notice the problems. even with apple devices, and looks like you did that already and correct. Its never adviced to change the domainname of a domain, and if you do, make sure you know what to change. - DNS ( any dns/db tools, can be done with the windows tools. ( start here. ) - samba DB ( ldbedit ) - host files - any other router/device with the old domainname. - client pc's, remove the from the domain first and add them after again. - you need to test applications, that are incompatible with the domain rename, and if needed te be reinstalled. - reset all your acl's. etc.. so imo, dont do it... i dont know how big you network is, but i've dont it 2 times ( just windows servers ) and it was hell.. ( ok was a few years ago, but still... ) Im here in de middle of something same, and im completly rebuilding my old network in a new network. and... happy new year to everybody, may to world get some peace, and let we all keep a good healt. Louis>-----Oorspronkelijk bericht----- >Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >Namens Achim Gottinger >Verzonden: maandag 5 januari 2015 10:55 >Aan: Rowland Penny; samba at lists.samba.org >Onderwerp: Re: [Samba] Don't use .local > > >Am 05.01.2015 um 10:28 schrieb Rowland Penny: >> On 05/01/15 07:00, Achim Gottinger wrote: >>> Hello, >>> >>> I deployed an Samba 4 AD back in 2013 with .local, not >knowing it can >>> cause troubles with mDns. >>> On my linux server i did not install avahi and i do not >have mDns in >>> my nsswitch.conf hosts entry. >>> On windows machines i usually deinstall bonjour whenever it >shows up >>> and i do not install it when installing itunes. >>> Till now i have not had any dns resolve issues, still i'd like to >>> change it to .loc or similar without having to reprovision ad. >>> Is this possible? >>> >>> Thanks in advance, >>> Achim >>> >>> >>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Hello everyone, >>>> >>>> I know that many people know not to use .local, but in the >last weeks >>>> we had several People having problems using .local. >>>> So to all peopel starting implementing Samba 4 AD, read this: >>>> >http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >-the-top-level-domain-for-your-lan/ >>>> >>>> >>>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>>> inside the wiki? >>>> >>>> Stefan >>>> >>>> >>>> >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>> >>>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>> =e33p >>>> -----END PGP SIGNATURE----- >>> >> >> It would seem that it is possible, see: >> http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >> Only problem, I do not know of any Unix tool to do it and do >not know >> if rendom.exe will work with a samba4 AD DC. >> >> Rowland >> >Thank you for the link Rowland, gotta give it an try in an test >environment. But i guess i wait for version 4.2 before i start testing. > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >
I'm not sure if I would not advise to use .local, sometimes it seems to be needed to make a proper location for a running domain where even .cityname cannot accomplish what you need. To be honest I don't run Avahi and will not either. Avahi and mdns are actually only designed because of of bad DNS management by system administrators and have (Apple) users use all their features, the same for TV's and so on. If you really need Avahi or so run it on .alocal, etc. Avahi and mDNS are just there because most networks are bad in DNS design by the admin and users will complain because of it. 2015-01-05 11:14 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>:> Hai Achim, > > If everything is working correct, wel dont change the domainname then. > if resolving is setup correct you should not notice the problems. > even with apple devices, and looks like you did that already and correct. > > Its never adviced to change the domainname of a domain, and if you do, > make sure you know what to change. > - DNS ( any dns/db tools, can be done with the windows tools. ( start here. ) > - samba DB ( ldbedit ) > - host files > - any other router/device with the old domainname. > - client pc's, remove the from the domain first and add them after again. > - you need to test applications, that are incompatible with the domain rename, and if needed te be reinstalled. > - reset all your acl's. > etc.. > > so imo, dont do it... i dont know how big you network is, but i've dont it 2 times ( just windows servers ) > and it was hell.. ( ok was a few years ago, but still... ) > > Im here in de middle of something same, and im completly rebuilding my old network in a new network. > > and... > > happy new year to everybody, may to world get some peace, and let we all keep a good healt. > > > Louis > > > > > >>-----Oorspronkelijk bericht----- >>Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >>Namens Achim Gottinger >>Verzonden: maandag 5 januari 2015 10:55 >>Aan: Rowland Penny; samba at lists.samba.org >>Onderwerp: Re: [Samba] Don't use .local >> >> >>Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>> On 05/01/15 07:00, Achim Gottinger wrote: >>>> Hello, >>>> >>>> I deployed an Samba 4 AD back in 2013 with .local, not >>knowing it can >>>> cause troubles with mDns. >>>> On my linux server i did not install avahi and i do not >>have mDns in >>>> my nsswitch.conf hosts entry. >>>> On windows machines i usually deinstall bonjour whenever it >>shows up >>>> and i do not install it when installing itunes. >>>> Till now i have not had any dns resolve issues, still i'd like to >>>> change it to .loc or similar without having to reprovision ad. >>>> Is this possible? >>>> >>>> Thanks in advance, >>>> Achim >>>> >>>> >>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>> Hash: SHA1 >>>>> >>>>> Hello everyone, >>>>> >>>>> I know that many people know not to use .local, but in the >>last weeks >>>>> we had several People having problems using .local. >>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>> >>http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >>-the-top-level-domain-for-your-lan/ >>>>> >>>>> >>>>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>>>> inside the wiki? >>>>> >>>>> Stefan >>>>> >>>>> >>>>> >>>>> -----BEGIN PGP SIGNATURE----- >>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>> >>>>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>> =e33p >>>>> -----END PGP SIGNATURE----- >>>> >>> >>> It would seem that it is possible, see: >>> http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>> Only problem, I do not know of any Unix tool to do it and do >>not know >>> if rendom.exe will work with a samba4 AD DC. >>> >>> Rowland >>> >>Thank you for the link Rowland, gotta give it an try in an test >>environment. But i guess i wait for version 4.2 before i start testing. >> >>-- >>To unsubscribe from this list go to the following URL and read the >>instructions: https://lists.samba.org/mailman/options/samba >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Am 05.01.2015 um 11:14 schrieb L.P.H. van Belle:> Hai Achim, > > If everything is working correct, wel dont change the domainname then. > if resolving is setup correct you should not notice the problems. > even with apple devices, and looks like you did that already and correct. > > Its never adviced to change the domainname of a domain, and if you do, > make sure you know what to change. > - DNS ( any dns/db tools, can be done with the windows tools. ( start here. ) > - samba DB ( ldbedit ) > - host files > - any other router/device with the old domainname. > - client pc's, remove the from the domain first and add them after again. > - you need to test applications, that are incompatible with the domain rename, and if needed te be reinstalled. > - reset all your acl's. > etc.. > > so imo, dont do it... i dont know how big you network is, but i've dont it 2 times ( just windows servers ) > and it was hell.. ( ok was a few years ago, but still... ) > > Im here in de middle of something same, and im completly rebuilding my old network in a new network. > > and... > > happy new year to everybody, may to world get some peace, and let we all keep a good healt. > > > LouisThis sounds abit like the switch from samba3 to samba4 ad back then. :-) I guess chances are good the domain name is hidden in some binary blobs inside the ldap tree. So using ldbedit would be difficult and not just somethng like an slapcat and sed thing. I'm curious if that method from rowlands link works with samba, so if i find some spare time i'll give it an try. Meanwhile i'll leave things at .local after reading all the remarks and recommendations here. Might be helpfull to others if some of the advices about avahi and nsswitch.conf find there way into the wiki, for people like me already using .local and considering an migration. achim~> > > > > >> -----Oorspronkelijk bericht----- >> Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >> Namens Achim Gottinger >> Verzonden: maandag 5 januari 2015 10:55 >> Aan: Rowland Penny; samba at lists.samba.org >> Onderwerp: Re: [Samba] Don't use .local >> >> >> Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>> On 05/01/15 07:00, Achim Gottinger wrote: >>>> Hello, >>>> >>>> I deployed an Samba 4 AD back in 2013 with .local, not >> knowing it can >>>> cause troubles with mDns. >>>> On my linux server i did not install avahi and i do not >> have mDns in >>>> my nsswitch.conf hosts entry. >>>> On windows machines i usually deinstall bonjour whenever it >> shows up >>>> and i do not install it when installing itunes. >>>> Till now i have not had any dns resolve issues, still i'd like to >>>> change it to .loc or similar without having to reprovision ad. >>>> Is this possible? >>>> >>>> Thanks in advance, >>>> Achim >>>> >>>> >>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>> Hash: SHA1 >>>>> >>>>> Hello everyone, >>>>> >>>>> I know that many people know not to use .local, but in the >> last weeks >>>>> we had several People having problems using .local. >>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>> >> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >> -the-top-level-domain-for-your-lan/ >>>>> >>>>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>>>> inside the wiki? >>>>> >>>>> Stefan >>>>> >>>>> >>>>> >>>>> -----BEGIN PGP SIGNATURE----- >>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>> >>>>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>> =e33p >>>>> -----END PGP SIGNATURE----- >>> It would seem that it is possible, see: >>> http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>> Only problem, I do not know of any Unix tool to do it and do >> not know >>> if rendom.exe will work with a samba4 AD DC. >>> >>> Rowland >>> >> Thank you for the link Rowland, gotta give it an try in an test >> environment. But i guess i wait for version 4.2 before i start testing. >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >>