Micrososft changed this statement a several of times. The only reason they did is because people using Apple are complaining some services are not working "well" on their OSX and it's a pain to change the DNS name of your Business Server on Windows Server As said before, running on .alocal for Avahi works perfectly and mDNS is only for small networks, and setting up some proper DNS is no problem at all. To be honest, most sysadmins don't know much about DNS or how it works, that's a fact where Microsoft has to deal with every day. Not using .local is actually a workaround and no solution for an admin which doesn't know what he is doing. 2015-01-05 12:27 GMT+01:00 Rowland Penny <rowlandpenny at googlemail.com>:> On 05/01/15 11:18, Matt . wrote: >> >> I'm not sure if I would not advise to use .local, sometimes it seems >> to be needed to make a proper location for a running domain where even >> .cityname cannot accomplish what you need. > > > Hi, even microsoft don't recommend using .local, see > http://technet.microsoft.com/en-us/library/cc726016%28v=ws.10%29.aspx/ > > For the vast majority of people, using .local can and will cause problems, > so please, don't use it. > > Rowland > > >> >> To be honest I don't run Avahi and will not either. Avahi and mdns are >> actually only designed because of of bad DNS management by system >> administrators and have (Apple) users use all their features, the same >> for TV's and so on. >> >> If you really need Avahi or so run it on .alocal, etc. Avahi and mDNS >> are just there because most networks are bad in DNS design by the >> admin and users will complain because of it. >> >> 2015-01-05 11:14 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>: >>> >>> Hai Achim, >>> >>> If everything is working correct, wel dont change the domainname then. >>> if resolving is setup correct you should not notice the problems. >>> even with apple devices, and looks like you did that already and correct. >>> >>> Its never adviced to change the domainname of a domain, and if you do, >>> make sure you know what to change. >>> - DNS ( any dns/db tools, can be done with the windows tools. ( start >>> here. ) >>> - samba DB ( ldbedit ) >>> - host files >>> - any other router/device with the old domainname. >>> - client pc's, remove the from the domain first and add them after again. >>> - you need to test applications, that are incompatible with the domain >>> rename, and if needed te be reinstalled. >>> - reset all your acl's. >>> etc.. >>> >>> so imo, dont do it... i dont know how big you network is, but i've dont >>> it 2 times ( just windows servers ) >>> and it was hell.. ( ok was a few years ago, but still... ) >>> >>> Im here in de middle of something same, and im completly rebuilding my >>> old network in a new network. >>> >>> and... >>> >>> happy new year to everybody, may to world get some peace, and let we all >>> keep a good healt. >>> >>> >>> Louis >>> >>> >>> >>> >>> >>>> -----Oorspronkelijk bericht----- >>>> Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >>>> Namens Achim Gottinger >>>> Verzonden: maandag 5 januari 2015 10:55 >>>> Aan: Rowland Penny; samba at lists.samba.org >>>> Onderwerp: Re: [Samba] Don't use .local >>>> >>>> >>>> Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>>>> >>>>> On 05/01/15 07:00, Achim Gottinger wrote: >>>>>> >>>>>> Hello, >>>>>> >>>>>> I deployed an Samba 4 AD back in 2013 with .local, not >>>> >>>> knowing it can >>>>>> >>>>>> cause troubles with mDns. >>>>>> On my linux server i did not install avahi and i do not >>>> >>>> have mDns in >>>>>> >>>>>> my nsswitch.conf hosts entry. >>>>>> On windows machines i usually deinstall bonjour whenever it >>>> >>>> shows up >>>>>> >>>>>> and i do not install it when installing itunes. >>>>>> Till now i have not had any dns resolve issues, still i'd like to >>>>>> change it to .loc or similar without having to reprovision ad. >>>>>> Is this possible? >>>>>> >>>>>> Thanks in advance, >>>>>> Achim >>>>>> >>>>>> >>>>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>>>> >>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>> Hash: SHA1 >>>>>>> >>>>>>> Hello everyone, >>>>>>> >>>>>>> I know that many people know not to use .local, but in the >>>> >>>> last weeks >>>>>>> >>>>>>> we had several People having problems using .local. >>>>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>>>> >>>> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >>>> -the-top-level-domain-for-your-lan/ >>>>>>> >>>>>>> >>>>>>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>>>>>> inside the wiki? >>>>>>> >>>>>>> Stefan >>>>>>> >>>>>>> >>>>>>> >>>>>>> -----BEGIN PGP SIGNATURE----- >>>>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>>>> >>>>>>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>>>> =e33p >>>>>>> -----END PGP SIGNATURE----- >>>>> >>>>> It would seem that it is possible, see: >>>>> http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>>>> Only problem, I do not know of any Unix tool to do it and do >>>> >>>> not know >>>>> >>>>> if rendom.exe will work with a samba4 AD DC. >>>>> >>>>> Rowland >>>>> >>>> Thank you for the link Rowland, gotta give it an try in an test >>>> environment. But i guess i wait for version 4.2 before i start testing. >>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >>>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
On 05/01/15 11:34, Matt . wrote:> Micrososft changed this statement a several of times. > > The only reason they did is because people using Apple are complaining > some services are not working "well" on their OSX and it's a pain to > change the DNS name of your Business Server on Windows Server > > As said before, running on .alocal for Avahi works perfectly and mDNS > is only for small networks, and setting up some proper DNS is no > problem at all. > > To be honest, most sysadmins don't know much about DNS or how it > works, that's a fact where Microsoft has to deal with every day. > > Not using .local is actually a workaround and no solution for an admin > which doesn't know what he is doing. > > 2015-01-05 12:27 GMT+01:00 Rowland Penny <rowlandpenny at googlemail.com>: >> On 05/01/15 11:18, Matt . wrote: >>> I'm not sure if I would not advise to use .local, sometimes it seems >>> to be needed to make a proper location for a running domain where even >>> .cityname cannot accomplish what you need. >> >> Hi, even microsoft don't recommend using .local, see >> http://technet.microsoft.com/en-us/library/cc726016%28v=ws.10%29.aspx/ >> >> For the vast majority of people, using .local can and will cause problems, >> so please, don't use it. >> >> Rowland >> >> >>> To be honest I don't run Avahi and will not either. Avahi and mdns are >>> actually only designed because of of bad DNS management by system >>> administrators and have (Apple) users use all their features, the same >>> for TV's and so on. >>> >>> If you really need Avahi or so run it on .alocal, etc. Avahi and mDNS >>> are just there because most networks are bad in DNS design by the >>> admin and users will complain because of it. >>> >>> 2015-01-05 11:14 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>: >>>> Hai Achim, >>>> >>>> If everything is working correct, wel dont change the domainname then. >>>> if resolving is setup correct you should not notice the problems. >>>> even with apple devices, and looks like you did that already and correct. >>>> >>>> Its never adviced to change the domainname of a domain, and if you do, >>>> make sure you know what to change. >>>> - DNS ( any dns/db tools, can be done with the windows tools. ( start >>>> here. ) >>>> - samba DB ( ldbedit ) >>>> - host files >>>> - any other router/device with the old domainname. >>>> - client pc's, remove the from the domain first and add them after again. >>>> - you need to test applications, that are incompatible with the domain >>>> rename, and if needed te be reinstalled. >>>> - reset all your acl's. >>>> etc.. >>>> >>>> so imo, dont do it... i dont know how big you network is, but i've dont >>>> it 2 times ( just windows servers ) >>>> and it was hell.. ( ok was a few years ago, but still... ) >>>> >>>> Im here in de middle of something same, and im completly rebuilding my >>>> old network in a new network. >>>> >>>> and... >>>> >>>> happy new year to everybody, may to world get some peace, and let we all >>>> keep a good healt. >>>> >>>> >>>> Louis >>>> >>>> >>>> >>>> >>>> >>>>> -----Oorspronkelijk bericht----- >>>>> Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >>>>> Namens Achim Gottinger >>>>> Verzonden: maandag 5 januari 2015 10:55 >>>>> Aan: Rowland Penny; samba at lists.samba.org >>>>> Onderwerp: Re: [Samba] Don't use .local >>>>> >>>>> >>>>> Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>>>>> On 05/01/15 07:00, Achim Gottinger wrote: >>>>>>> Hello, >>>>>>> >>>>>>> I deployed an Samba 4 AD back in 2013 with .local, not >>>>> knowing it can >>>>>>> cause troubles with mDns. >>>>>>> On my linux server i did not install avahi and i do not >>>>> have mDns in >>>>>>> my nsswitch.conf hosts entry. >>>>>>> On windows machines i usually deinstall bonjour whenever it >>>>> shows up >>>>>>> and i do not install it when installing itunes. >>>>>>> Till now i have not had any dns resolve issues, still i'd like to >>>>>>> change it to .loc or similar without having to reprovision ad. >>>>>>> Is this possible? >>>>>>> >>>>>>> Thanks in advance, >>>>>>> Achim >>>>>>> >>>>>>> >>>>>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>>> Hash: SHA1 >>>>>>>> >>>>>>>> Hello everyone, >>>>>>>> >>>>>>>> I know that many people know not to use .local, but in the >>>>> last weeks >>>>>>>> we had several People having problems using .local. >>>>>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>>>>> >>>>> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >>>>> -the-top-level-domain-for-your-lan/ >>>>>>>> >>>>>>>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>>>>>>> inside the wiki? >>>>>>>> >>>>>>>> Stefan >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -----BEGIN PGP SIGNATURE----- >>>>>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>>>>> >>>>>>>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>>>>> =e33p >>>>>>>> -----END PGP SIGNATURE----- >>>>>> It would seem that it is possible, see: >>>>>> http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>>>>> Only problem, I do not know of any Unix tool to do it and do >>>>> not know >>>>>> if rendom.exe will work with a samba4 AD DC. >>>>>> >>>>>> Rowland >>>>>> >>>>> Thank you for the link Rowland, gotta give it an try in an test >>>>> environment. But i guess i wait for version 4.2 before i start testing. >>>>> >>>>> -- >>>>> To unsubscribe from this list go to the following URL and read the >>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>> >>>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/sambaAh, you just proved that people don't know what they are doing, by sending the same email twice, once just to me and once again to the list and me. I understand what you are trying to say, but it totally misses the point. using .local can and will interfere with avahi *unless* you turn avahi off. Only problem with this, by turning off avahi, you may break something else. So the best option is to *not* use .local. Rowland
Sending to you without the mailinglist is on the same level as proper administration of a network ? This is new to me and I'm sure to others too. What might be new to you is that Avahi runs on the domain it finds and not what it expects. That is how the protocol works, it searches, sees the domain of the protocol and goes on. So all Avahi users in a network will run on .alocal is you set the Avahi-server to it. The reason to use .local is to make sure traffic you never want go outside stays local, and that's not guaranteed with any other domainname as you can register what you want @ ICANN these days. 2015-01-05 12:43 GMT+01:00 Rowland Penny <rowlandpenny at googlemail.com>:> On 05/01/15 11:34, Matt . wrote: >> >> Micrososft changed this statement a several of times. >> >> The only reason they did is because people using Apple are complaining >> some services are not working "well" on their OSX and it's a pain to >> change the DNS name of your Business Server on Windows Server >> >> As said before, running on .alocal for Avahi works perfectly and mDNS >> is only for small networks, and setting up some proper DNS is no >> problem at all. >> >> To be honest, most sysadmins don't know much about DNS or how it >> works, that's a fact where Microsoft has to deal with every day. >> >> Not using .local is actually a workaround and no solution for an admin >> which doesn't know what he is doing. >> >> 2015-01-05 12:27 GMT+01:00 Rowland Penny <rowlandpenny at googlemail.com>: >>> >>> On 05/01/15 11:18, Matt . wrote: >>>> >>>> I'm not sure if I would not advise to use .local, sometimes it seems >>>> to be needed to make a proper location for a running domain where even >>>> .cityname cannot accomplish what you need. >>> >>> >>> Hi, even microsoft don't recommend using .local, see >>> http://technet.microsoft.com/en-us/library/cc726016%28v=ws.10%29.aspx/ >>> >>> For the vast majority of people, using .local can and will cause >>> problems, >>> so please, don't use it. >>> >>> Rowland >>> >>> >>>> To be honest I don't run Avahi and will not either. Avahi and mdns are >>>> actually only designed because of of bad DNS management by system >>>> administrators and have (Apple) users use all their features, the same >>>> for TV's and so on. >>>> >>>> If you really need Avahi or so run it on .alocal, etc. Avahi and mDNS >>>> are just there because most networks are bad in DNS design by the >>>> admin and users will complain because of it. >>>> >>>> 2015-01-05 11:14 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>: >>>>> >>>>> Hai Achim, >>>>> >>>>> If everything is working correct, wel dont change the domainname then. >>>>> if resolving is setup correct you should not notice the problems. >>>>> even with apple devices, and looks like you did that already and >>>>> correct. >>>>> >>>>> Its never adviced to change the domainname of a domain, and if you do, >>>>> make sure you know what to change. >>>>> - DNS ( any dns/db tools, can be done with the windows tools. ( start >>>>> here. ) >>>>> - samba DB ( ldbedit ) >>>>> - host files >>>>> - any other router/device with the old domainname. >>>>> - client pc's, remove the from the domain first and add them after >>>>> again. >>>>> - you need to test applications, that are incompatible with the domain >>>>> rename, and if needed te be reinstalled. >>>>> - reset all your acl's. >>>>> etc.. >>>>> >>>>> so imo, dont do it... i dont know how big you network is, but i've dont >>>>> it 2 times ( just windows servers ) >>>>> and it was hell.. ( ok was a few years ago, but still... ) >>>>> >>>>> Im here in de middle of something same, and im completly rebuilding my >>>>> old network in a new network. >>>>> >>>>> and... >>>>> >>>>> happy new year to everybody, may to world get some peace, and let we >>>>> all >>>>> keep a good healt. >>>>> >>>>> >>>>> Louis >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>> -----Oorspronkelijk bericht----- >>>>>> Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >>>>>> Namens Achim Gottinger >>>>>> Verzonden: maandag 5 januari 2015 10:55 >>>>>> Aan: Rowland Penny; samba at lists.samba.org >>>>>> Onderwerp: Re: [Samba] Don't use .local >>>>>> >>>>>> >>>>>> Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>>>>>> >>>>>>> On 05/01/15 07:00, Achim Gottinger wrote: >>>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> I deployed an Samba 4 AD back in 2013 with .local, not >>>>>> >>>>>> knowing it can >>>>>>>> >>>>>>>> cause troubles with mDns. >>>>>>>> On my linux server i did not install avahi and i do not >>>>>> >>>>>> have mDns in >>>>>>>> >>>>>>>> my nsswitch.conf hosts entry. >>>>>>>> On windows machines i usually deinstall bonjour whenever it >>>>>> >>>>>> shows up >>>>>>>> >>>>>>>> and i do not install it when installing itunes. >>>>>>>> Till now i have not had any dns resolve issues, still i'd like to >>>>>>>> change it to .loc or similar without having to reprovision ad. >>>>>>>> Is this possible? >>>>>>>> >>>>>>>> Thanks in advance, >>>>>>>> Achim >>>>>>>> >>>>>>>> >>>>>>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>>>>>> >>>>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>>>> Hash: SHA1 >>>>>>>>> >>>>>>>>> Hello everyone, >>>>>>>>> >>>>>>>>> I know that many people know not to use .local, but in the >>>>>> >>>>>> last weeks >>>>>>>>> >>>>>>>>> we had several People having problems using .local. >>>>>>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>>>>>> >>>>>> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >>>>>> -the-top-level-domain-for-your-lan/ >>>>>>>>> >>>>>>>>> >>>>>>>>> So stop using .local as TLD. Maybe there should be a BIIIIIG not >>>>>>>>> inside the wiki? >>>>>>>>> >>>>>>>>> Stefan >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -----BEGIN PGP SIGNATURE----- >>>>>>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>>>>>> >>>>>>>>> iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>>>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>>>>>> =e33p >>>>>>>>> -----END PGP SIGNATURE----- >>>>>>> >>>>>>> It would seem that it is possible, see: >>>>>>> http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>>>>>> Only problem, I do not know of any Unix tool to do it and do >>>>>> >>>>>> not know >>>>>>> >>>>>>> if rendom.exe will work with a samba4 AD DC. >>>>>>> >>>>>>> Rowland >>>>>>> >>>>>> Thank you for the link Rowland, gotta give it an try in an test >>>>>> environment. But i guess i wait for version 4.2 before i start >>>>>> testing. >>>>>> >>>>>> -- >>>>>> To unsubscribe from this list go to the following URL and read the >>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>> >>>>>> >>>>> -- >>>>> To unsubscribe from this list go to the following URL and read the >>>>> instructions: https://lists.samba.org/mailman/options/samba >>> >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > > > Ah, you just proved that people don't know what they are doing, by sending > the same email twice, once just to me and once again to the list and me. > > I understand what you are trying to say, but it totally misses the point. > using .local can and will interfere with avahi *unless* you turn avahi off. > Only problem with this, by turning off avahi, you may break something else. > So the best option is to *not* use .local. > > Rowland
this is not just a MS change.. more info see : http://en.wikipedia.org/wiki/.local Louis>-----Oorspronkelijk bericht----- >Van: rowlandpenny at googlemail.com >[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny >Verzonden: maandag 5 januari 2015 12:43 >Aan: Matt . >CC: samba at lists.samba.org >Onderwerp: Re: [Samba] Don't use .local > >On 05/01/15 11:34, Matt . wrote: >> Micrososft changed this statement a several of times. >> >> The only reason they did is because people using Apple are >complaining >> some services are not working "well" on their OSX and it's a pain to >> change the DNS name of your Business Server on Windows Server >> >> As said before, running on .alocal for Avahi works perfectly and mDNS >> is only for small networks, and setting up some proper DNS is no >> problem at all. >> >> To be honest, most sysadmins don't know much about DNS or how it >> works, that's a fact where Microsoft has to deal with every day. >> >> Not using .local is actually a workaround and no solution >for an admin >> which doesn't know what he is doing. >> >> 2015-01-05 12:27 GMT+01:00 Rowland Penny ><rowlandpenny at googlemail.com>: >>> On 05/01/15 11:18, Matt . wrote: >>>> I'm not sure if I would not advise to use .local, >sometimes it seems >>>> to be needed to make a proper location for a running >domain where even >>>> .cityname cannot accomplish what you need. >>> >>> Hi, even microsoft don't recommend using .local, see >>> >http://technet.microsoft.com/en-us/library/cc726016%28v=ws.10%29.aspx/ >>> >>> For the vast majority of people, using .local can and will >cause problems, >>> so please, don't use it. >>> >>> Rowland >>> >>> >>>> To be honest I don't run Avahi and will not either. Avahi >and mdns are >>>> actually only designed because of of bad DNS management by system >>>> administrators and have (Apple) users use all their >features, the same >>>> for TV's and so on. >>>> >>>> If you really need Avahi or so run it on .alocal, etc. >Avahi and mDNS >>>> are just there because most networks are bad in DNS design by the >>>> admin and users will complain because of it. >>>> >>>> 2015-01-05 11:14 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>: >>>>> Hai Achim, >>>>> >>>>> If everything is working correct, wel dont change the >domainname then. >>>>> if resolving is setup correct you should not notice the problems. >>>>> even with apple devices, and looks like you did that >already and correct. >>>>> >>>>> Its never adviced to change the domainname of a domain, >and if you do, >>>>> make sure you know what to change. >>>>> - DNS ( any dns/db tools, can be done with the windows >tools. ( start >>>>> here. ) >>>>> - samba DB ( ldbedit ) >>>>> - host files >>>>> - any other router/device with the old domainname. >>>>> - client pc's, remove the from the domain first and add >them after again. >>>>> - you need to test applications, that are incompatible >with the domain >>>>> rename, and if needed te be reinstalled. >>>>> - reset all your acl's. >>>>> etc.. >>>>> >>>>> so imo, dont do it... i dont know how big you network is, >but i've dont >>>>> it 2 times ( just windows servers ) >>>>> and it was hell.. ( ok was a few years ago, but still... ) >>>>> >>>>> Im here in de middle of something same, and im completly >rebuilding my >>>>> old network in a new network. >>>>> >>>>> and... >>>>> >>>>> happy new year to everybody, may to world get some peace, >and let we all >>>>> keep a good healt. >>>>> >>>>> >>>>> Louis >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>> -----Oorspronkelijk bericht----- >>>>>> Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >>>>>> Namens Achim Gottinger >>>>>> Verzonden: maandag 5 januari 2015 10:55 >>>>>> Aan: Rowland Penny; samba at lists.samba.org >>>>>> Onderwerp: Re: [Samba] Don't use .local >>>>>> >>>>>> >>>>>> Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>>>>>> On 05/01/15 07:00, Achim Gottinger wrote: >>>>>>>> Hello, >>>>>>>> >>>>>>>> I deployed an Samba 4 AD back in 2013 with .local, not >>>>>> knowing it can >>>>>>>> cause troubles with mDns. >>>>>>>> On my linux server i did not install avahi and i do not >>>>>> have mDns in >>>>>>>> my nsswitch.conf hosts entry. >>>>>>>> On windows machines i usually deinstall bonjour whenever it >>>>>> shows up >>>>>>>> and i do not install it when installing itunes. >>>>>>>> Till now i have not had any dns resolve issues, still >i'd like to >>>>>>>> change it to .loc or similar without having to reprovision ad. >>>>>>>> Is this possible? >>>>>>>> >>>>>>>> Thanks in advance, >>>>>>>> Achim >>>>>>>> >>>>>>>> >>>>>>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>>>> Hash: SHA1 >>>>>>>>> >>>>>>>>> Hello everyone, >>>>>>>>> >>>>>>>>> I know that many people know not to use .local, but in the >>>>>> last weeks >>>>>>>>> we had several People having problems using .local. >>>>>>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>>>>>> >>>>>> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >>>>>> -the-top-level-domain-for-your-lan/ >>>>>>>>> >>>>>>>>> So stop using .local as TLD. Maybe there should be a >BIIIIIG not >>>>>>>>> inside the wiki? >>>>>>>>> >>>>>>>>> Stefan >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -----BEGIN PGP SIGNATURE----- >>>>>>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>>>>>> >>>>>>>>> >iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>>>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>>>>>> =e33p >>>>>>>>> -----END PGP SIGNATURE----- >>>>>>> It would seem that it is possible, see: >>>>>>> >http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>>>>>> Only problem, I do not know of any Unix tool to do it and do >>>>>> not know >>>>>>> if rendom.exe will work with a samba4 AD DC. >>>>>>> >>>>>>> Rowland >>>>>>> >>>>>> Thank you for the link Rowland, gotta give it an try in an test >>>>>> environment. But i guess i wait for version 4.2 before i >start testing. >>>>>> >>>>>> -- >>>>>> To unsubscribe from this list go to the following URL >and read the >>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>> >>>>>> >>>>> -- >>>>> To unsubscribe from this list go to the following URL and read the >>>>> instructions: https://lists.samba.org/mailman/options/samba >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > >Ah, you just proved that people don't know what they are doing, by >sending the same email twice, once just to me and once again >to the list >and me. > >I understand what you are trying to say, but it totally misses the >point. using .local can and will interfere with avahi *unless* >you turn >avahi off. Only problem with this, by turning off avahi, you may break >something else. So the best option is to *not* use .local. > >Rowland >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >
Am 05.01.2015 um 12:43 schrieb Rowland Penny:> On 05/01/15 11:34, Matt . wrote: >>>>>> -- >>>>>> To unsubscribe from this list go to the following URL and read the >>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>> >>>>>> >>>>> -- >>>>> To unsubscribe from this list go to the following URL and read the >>>>> instructions: https://lists.samba.org/mailman/options/samba >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > > Ah, you just proved that people don't know what they are doing, by > sending the same email twice, once just to me and once again to the list > and me.well, doing exactly the same (reply all) and quote two times the footer... :-)> I understand what you are trying to say, but it totally misses the > point. using .local can and will interfere with avahi *unless* you turn > avahi off. Only problem with this, by turning off avahi, you may break > something else. So the best option is to *not* use .localoutside a Apple network avahi don't have much use and using ".local" would not break AVAHI at all nor the other side if Linux distributions would stop ship a broken "nsswitch.conf", with the fixed below *both* is working just fine (vmware.local as DNS zone as well as Avahi) hosts: files dns mdns4_minimal myhostname -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20150105/99d2d418/attachment.pgp>
It's an advise, it's nowhere a change which everyone should follow. As stated before, the protocols that "need" it are there only to make Administrators their life easier or actually to create a bad POS for creating simple networks. The problem it creates is that Administrators don't know their network design anymore as it "just works". 2015-01-05 12:52 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>:> this is not just a MS change.. > > more info see : > http://en.wikipedia.org/wiki/.local > > > Louis > >>-----Oorspronkelijk bericht----- >>Van: rowlandpenny at googlemail.com >>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny >>Verzonden: maandag 5 januari 2015 12:43 >>Aan: Matt . >>CC: samba at lists.samba.org >>Onderwerp: Re: [Samba] Don't use .local >> >>On 05/01/15 11:34, Matt . wrote: >>> Micrososft changed this statement a several of times. >>> >>> The only reason they did is because people using Apple are >>complaining >>> some services are not working "well" on their OSX and it's a pain to >>> change the DNS name of your Business Server on Windows Server >>> >>> As said before, running on .alocal for Avahi works perfectly and mDNS >>> is only for small networks, and setting up some proper DNS is no >>> problem at all. >>> >>> To be honest, most sysadmins don't know much about DNS or how it >>> works, that's a fact where Microsoft has to deal with every day. >>> >>> Not using .local is actually a workaround and no solution >>for an admin >>> which doesn't know what he is doing. >>> >>> 2015-01-05 12:27 GMT+01:00 Rowland Penny >><rowlandpenny at googlemail.com>: >>>> On 05/01/15 11:18, Matt . wrote: >>>>> I'm not sure if I would not advise to use .local, >>sometimes it seems >>>>> to be needed to make a proper location for a running >>domain where even >>>>> .cityname cannot accomplish what you need. >>>> >>>> Hi, even microsoft don't recommend using .local, see >>>> >>http://technet.microsoft.com/en-us/library/cc726016%28v=ws.10%29.aspx/ >>>> >>>> For the vast majority of people, using .local can and will >>cause problems, >>>> so please, don't use it. >>>> >>>> Rowland >>>> >>>> >>>>> To be honest I don't run Avahi and will not either. Avahi >>and mdns are >>>>> actually only designed because of of bad DNS management by system >>>>> administrators and have (Apple) users use all their >>features, the same >>>>> for TV's and so on. >>>>> >>>>> If you really need Avahi or so run it on .alocal, etc. >>Avahi and mDNS >>>>> are just there because most networks are bad in DNS design by the >>>>> admin and users will complain because of it. >>>>> >>>>> 2015-01-05 11:14 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>: >>>>>> Hai Achim, >>>>>> >>>>>> If everything is working correct, wel dont change the >>domainname then. >>>>>> if resolving is setup correct you should not notice the problems. >>>>>> even with apple devices, and looks like you did that >>already and correct. >>>>>> >>>>>> Its never adviced to change the domainname of a domain, >>and if you do, >>>>>> make sure you know what to change. >>>>>> - DNS ( any dns/db tools, can be done with the windows >>tools. ( start >>>>>> here. ) >>>>>> - samba DB ( ldbedit ) >>>>>> - host files >>>>>> - any other router/device with the old domainname. >>>>>> - client pc's, remove the from the domain first and add >>them after again. >>>>>> - you need to test applications, that are incompatible >>with the domain >>>>>> rename, and if needed te be reinstalled. >>>>>> - reset all your acl's. >>>>>> etc.. >>>>>> >>>>>> so imo, dont do it... i dont know how big you network is, >>but i've dont >>>>>> it 2 times ( just windows servers ) >>>>>> and it was hell.. ( ok was a few years ago, but still... ) >>>>>> >>>>>> Im here in de middle of something same, and im completly >>rebuilding my >>>>>> old network in a new network. >>>>>> >>>>>> and... >>>>>> >>>>>> happy new year to everybody, may to world get some peace, >>and let we all >>>>>> keep a good healt. >>>>>> >>>>>> >>>>>> Louis >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> -----Oorspronkelijk bericht----- >>>>>>> Van: achim at ag-web.biz [mailto:samba-bounces at lists.samba.org] >>>>>>> Namens Achim Gottinger >>>>>>> Verzonden: maandag 5 januari 2015 10:55 >>>>>>> Aan: Rowland Penny; samba at lists.samba.org >>>>>>> Onderwerp: Re: [Samba] Don't use .local >>>>>>> >>>>>>> >>>>>>> Am 05.01.2015 um 10:28 schrieb Rowland Penny: >>>>>>>> On 05/01/15 07:00, Achim Gottinger wrote: >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> I deployed an Samba 4 AD back in 2013 with .local, not >>>>>>> knowing it can >>>>>>>>> cause troubles with mDns. >>>>>>>>> On my linux server i did not install avahi and i do not >>>>>>> have mDns in >>>>>>>>> my nsswitch.conf hosts entry. >>>>>>>>> On windows machines i usually deinstall bonjour whenever it >>>>>>> shows up >>>>>>>>> and i do not install it when installing itunes. >>>>>>>>> Till now i have not had any dns resolve issues, still >>i'd like to >>>>>>>>> change it to .loc or similar without having to reprovision ad. >>>>>>>>> Is this possible? >>>>>>>>> >>>>>>>>> Thanks in advance, >>>>>>>>> Achim >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 04.01.2015 um 13:16 schrieb Stefan Kania: >>>>>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>>>>> Hash: SHA1 >>>>>>>>>> >>>>>>>>>> Hello everyone, >>>>>>>>>> >>>>>>>>>> I know that many people know not to use .local, but in the >>>>>>> last weeks >>>>>>>>>> we had several People having problems using .local. >>>>>>>>>> So to all peopel starting implementing Samba 4 AD, read this: >>>>>>>>>> >>>>>>> http://miketelahun.wordpress.com/2012/09/16/stop-using-local-as >>>>>>> -the-top-level-domain-for-your-lan/ >>>>>>>>>> >>>>>>>>>> So stop using .local as TLD. Maybe there should be a >>BIIIIIG not >>>>>>>>>> inside the wiki? >>>>>>>>>> >>>>>>>>>> Stefan >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -----BEGIN PGP SIGNATURE----- >>>>>>>>>> Version: GnuPG/MacGPG2 v2.0.16 (Darwin) >>>>>>>>>> >>>>>>>>>> >>iEYEARECAAYFAlSpLycACgkQ2JOGcNAHDTb0jACfX4Y2zDQuSfevMUvkgWRYcpdw >>>>>>>>>> hY8AoLxNJzOUPa0E3+BEo/zwJ88xk27J >>>>>>>>>> =e33p >>>>>>>>>> -----END PGP SIGNATURE----- >>>>>>>> It would seem that it is possible, see: >>>>>>>> >>http://technet.microsoft.com/en-us/library/cc738208%28v=ws.10%29.aspx >>>>>>>> Only problem, I do not know of any Unix tool to do it and do >>>>>>> not know >>>>>>>> if rendom.exe will work with a samba4 AD DC. >>>>>>>> >>>>>>>> Rowland >>>>>>>> >>>>>>> Thank you for the link Rowland, gotta give it an try in an test >>>>>>> environment. But i guess i wait for version 4.2 before i >>start testing. >>>>>>> >>>>>>> -- >>>>>>> To unsubscribe from this list go to the following URL >>and read the >>>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>>> >>>>>>> >>>>>> -- >>>>>> To unsubscribe from this list go to the following URL and read the >>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >> >>Ah, you just proved that people don't know what they are doing, by >>sending the same email twice, once just to me and once again >>to the list >>and me. >> >>I understand what you are trying to say, but it totally misses the >>point. using .local can and will interfere with avahi *unless* >>you turn >>avahi off. Only problem with this, by turning off avahi, you may break >>something else. So the best option is to *not* use .local. >> >>Rowland >>-- >>To unsubscribe from this list go to the following URL and read the >>instructions: https://lists.samba.org/mailman/options/samba >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba