Hi Team, Samba Version = 4.2 Bind = 9.10 with dlz Not able to to view replication.(samba-tool drs showrepl) [root at dc2]# samba-tool drs showrepl (want to highlight the name which is using to connect) ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to *dc2.ik.lan.mum* failed - drsException: DRS connection to dc2.ik.lan.mum failed: (-1073741772, 'The object name is not found.') File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/drs.py", line 39, in drsuapi_connect (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds) File "/usr/local/samba/lib64/python2.6/site-packages/samba/drs_utils.py", line 54, in drsuapi_connect raise drsException("DRS connection to %s failed: %s" % (server, e)) While provision I used Bind9_FLAT on DC and everything working fine. Created Additional Domain Server and joined but gave error. [root at dc2]# samba-tool domain join ik.lan.mum DC -Uadministrator --realm=ik.lan.mum --dns-backend=*BIND9_FLAT * Usage: samba-tool domain join <dnsdomain> [DC|RODC|MEMBER|SUBDOMAIN] [options] samba-tool domain join: error: option --dns-backend: invalid choice: 'BIND9_FLAT' (choose from 'SAMBA_INTERNAL', 'BIND9_DLZ', 'NONE') [root at dc2]# samba-tool domain join ik.lan.mum DC -Uadministrator --realm=ik.lan.mum --dns-backend=BIND9_DLZ Finding a writeable DC for domain 'ik.lan.mum' Found DC dc1.ik.lan.mum Password for [WORKGROUP\administrator]: NO DNS zone information found in source domain, not replicating DNS workgroup is IK.LAN realm is ik.lan.mum checking sAMAccountName Adding CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum Adding CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum Adding CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum Adding SPNs to CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum Setting account password for DC2$ Enabling account Calling bare provision Looking up IPv4 addresses Looking up IPv6 addresses No IPv6 address will be assigned Setting up share.ldb Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema A Kerberos configuration suitable for Samba 4 has been generated at /usr/local/samba/private/krb5.conf Provision OK for domain DN DC=ik,DC=lan,DC=mum Starting replication Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1550] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1550] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1206/1550] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1550/1550] linked_values[0/0] Analyze and apply schema objects Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1612] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1612] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1206/1612] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1608/1612] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1612/1612] linked_values[20/0] Replicating critical objects from the base DN of the domain Partition[DC=ik,DC=lan,DC=mum] objects[98/98] linked_values[23/0] Partition[DC=ik,DC=lan,DC=mum] objects[376/278] linked_values[23/0] Done with always replicated NC (base, config, schema) Committing SAM database Sending DsReplicaUpdateRefs for all the replicated partitions Setting isSynchronized and dsServiceName Setting up secrets database Joined domain IK.LAN (SID S-1-5-21-3947581883-4033758009-2802199242) as a DC [root at dc2]# echo $? 0 [root at dc1 ~]# samba_upgradedns --dns-backend=BIND9_DLZ -d 2 lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf Reading domain information lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf DNS accounts already exist No zone file /usr/local/samba/private/dns/IK.LAN.MUM.zone DNS records will be automatically created DNS partitions already exist dns-dc1 account already exists See /usr/local/samba/private/named.conf for an example configuration include file for BIND and /usr/local/samba/private/named.txt for further documentation required for secure DNS updates Finished upgrading DNS *After that upgraded the dns on DC1* [root at dc1 ~]# samba_upgradedns --dns-backend=BIND9_DLZ -d 2 lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf Reading domain information lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf DNS accounts already exist No zone file /usr/local/samba/private/dns/IK.LAN.MUM.zone DNS records will be automatically created DNS partitions already exist dns-dc1 account already exists See /usr/local/samba/private/named.conf for an example configuration include file for BIND and /usr/local/samba/private/named.txt for further documentation required for secure DNS updates Finished upgrading DNS *Then I tried to join the domain again using BIND9_DLZ (got success)* [root at dc2]# samba-tool domain join ik.lan.mum DC -Uadministrator --realm=ik.lan.mum --dns-backend=BIND9_DLZ Finding a writeable DC for domain 'ik.lan.mum' Found DC dc1.ik.lan.mum Password for [IK.LAN\administrator]: workgroup is IK.LAN realm is ik.lan.mum checking sAMAccountName Deleted CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum Deleted CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum Deleted CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum Adding CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum Adding CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum Adding CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum Adding SPNs to CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum Setting account password for DC2$ Enabling account Adding DNS account CN=dns-DC2,CN=Users,DC=ik,DC=lan,DC=mum with dns/ SPN Setting account password for dns-DC2 Calling bare provision Looking up IPv4 addresses Looking up IPv6 addresses No IPv6 address will be assigned Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema A Kerberos configuration suitable for Samba 4 has been generated at /usr/local/samba/private/krb5.conf Provision OK for domain DN DC=ik,DC=lan,DC=mum Starting replication Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1550] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1550] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1206/1550] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1550/1550] linked_values[0/0] Analyze and apply schema objects Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1620] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1620] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1206/1620] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1608/1620] linked_values[0/0] Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1620/1620] linked_values[28/0] Replicating critical objects from the base DN of the domain Partition[DC=ik,DC=lan,DC=mum] objects[98/98] linked_values[23/0] Partition[DC=ik,DC=lan,DC=mum] objects[379/281] linked_values[23/0] Done with always replicated NC (base, config, schema) Replicating DC=DomainDnsZones,DC=ik,DC=lan,DC=mum Partition[DC=DomainDnsZones,DC=ik,DC=lan,DC=mum] objects[40/40] linked_values[0/0] Replicating DC=ForestDnsZones,DC=ik,DC=lan,DC=mum Partition[DC=ForestDnsZones,DC=ik,DC=lan,DC=mum] objects[18/18] linked_values[0/0] Committing SAM database Sending DsReplicaUpdateRefs for all the replicated partitions Setting isSynchronized and dsServiceName Setting up secrets database See /usr/local/samba/private/named.conf for an example configuration include file for BIND and /usr/local/samba/private/named.txt for further documentation required for secure DNS updates Joined domain IK.LAN (SID S-1-5-21-3947581883-4033758009-2802199242) as a DC *I have strictly followed Samba wiki for joining additional domain * *Right now everything seems to be working like I can authenticate the user by putting DC down, creating / modifying user is replicated immediately.* Thanks, Vikas
On 25/03/15 16:50, VIKAS wrote:> Hi Team, > > Samba Version = 4.2 > > Bind = 9.10 with dlz > > > Not able to to view replication.(samba-tool drs showrepl) > > > [root at dc2]# samba-tool drs showrepl (want to highlight the name which is > using to connect) > > ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to > *dc2.ik.lan.mum* failed - drsException: DRS connection to dc2.ik.lan.mum > failed: (-1073741772, 'The object name is not found.') > > File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/drs.py", > line 39, in drsuapi_connect > > (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) > drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds) > > File "/usr/local/samba/lib64/python2.6/site-packages/samba/drs_utils.py", > line 54, in drsuapi_connect > > raise drsException("DRS connection to %s failed: %s" % (server, e)) > > > > While provision I used Bind9_FLAT on DC and everything working fine. > > > Created Additional Domain Server and joined but gave error. > > > [root at dc2]# samba-tool domain join ik.lan.mum DC -Uadministrator > --realm=ik.lan.mum --dns-backend=*BIND9_FLAT * > > Usage: samba-tool domain join <dnsdomain> [DC|RODC|MEMBER|SUBDOMAIN] > [options] > > samba-tool domain join: error: option --dns-backend: invalid choice: > 'BIND9_FLAT' (choose from 'SAMBA_INTERNAL', 'BIND9_DLZ', 'NONE') > > [root at dc2]# samba-tool domain join ik.lan.mum DC -Uadministrator > --realm=ik.lan.mum --dns-backend=BIND9_DLZ > > Finding a writeable DC for domain 'ik.lan.mum' > > Found DC dc1.ik.lan.mum > > Password for [WORKGROUP\administrator]: > > NO DNS zone information found in source domain, not replicating DNS > > workgroup is IK.LAN > > realm is ik.lan.mum > > checking sAMAccountName > > Adding CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum > > Adding > CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum > > > Adding CN=NTDS > Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum > > > Adding SPNs to CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum > > Setting account password for DC2$ > > Enabling account > > Calling bare provision > > Looking up IPv4 addresses > > Looking up IPv6 addresses > > No IPv6 address will be assigned > > Setting up share.ldb > > Setting up secrets.ldb > > Setting up the registry > > Setting up the privileges database > > Setting up idmap db > > Setting up SAM db > > Setting up sam.ldb partitions and settings > > Setting up sam.ldb rootDSE > > Pre-loading the Samba 4 and AD schema > > A Kerberos configuration suitable for Samba 4 has been generated at > /usr/local/samba/private/krb5.conf > > Provision OK for domain DN DC=ik,DC=lan,DC=mum > > Starting replication > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1550] > linked_values[0/0] > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1550] > linked_values[0/0] > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] > objects[1206/1550] linked_values[0/0] > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] > objects[1550/1550] linked_values[0/0] > > Analyze and apply schema objects > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1612] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1612] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1206/1612] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1608/1612] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1612/1612] > linked_values[20/0] > > Replicating critical objects from the base DN of the domain > > Partition[DC=ik,DC=lan,DC=mum] objects[98/98] linked_values[23/0] > > Partition[DC=ik,DC=lan,DC=mum] objects[376/278] linked_values[23/0] > > Done with always replicated NC (base, config, schema) > > Committing SAM database > > Sending DsReplicaUpdateRefs for all the replicated partitions > > Setting isSynchronized and dsServiceName > > Setting up secrets database > > Joined domain IK.LAN (SID S-1-5-21-3947581883-4033758009-2802199242) as a > DC > > [root at dc2]# echo $? > > 0 > > > [root at dc1 ~]# samba_upgradedns --dns-backend=BIND9_DLZ -d 2 > > lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf > > lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf > > Reading domain information > > lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf > > DNS accounts already exist > > No zone file /usr/local/samba/private/dns/IK.LAN.MUM.zone > > DNS records will be automatically created > > DNS partitions already exist > > dns-dc1 account already exists > > See /usr/local/samba/private/named.conf for an example configuration > include file for BIND > > and /usr/local/samba/private/named.txt for further documentation required > for secure DNS updates > > Finished upgrading DNS > > > *After that upgraded the dns on DC1* > > > [root at dc1 ~]# samba_upgradedns --dns-backend=BIND9_DLZ -d 2 > > lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf > > lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf > > Reading domain information > > lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf > > DNS accounts already exist > > No zone file /usr/local/samba/private/dns/IK.LAN.MUM.zone > > DNS records will be automatically created > > DNS partitions already exist > > dns-dc1 account already exists > > See /usr/local/samba/private/named.conf for an example configuration > include file for BIND > > and /usr/local/samba/private/named.txt for further documentation required > for secure DNS updates > > Finished upgrading DNS > > > *Then I tried to join the domain again using BIND9_DLZ (got success)* > > > [root at dc2]# samba-tool domain join ik.lan.mum DC -Uadministrator > --realm=ik.lan.mum --dns-backend=BIND9_DLZ > > Finding a writeable DC for domain 'ik.lan.mum' > > Found DC dc1.ik.lan.mum > > Password for [IK.LAN\administrator]: > > workgroup is IK.LAN > > realm is ik.lan.mum > > checking sAMAccountName > > Deleted CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum > > Deleted CN=NTDS > Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum > > > Deleted > CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum > > > Adding CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum > > Adding > CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum > > > Adding CN=NTDS > Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ik,DC=lan,DC=mum > > > Adding SPNs to CN=DC2,OU=Domain Controllers,DC=ik,DC=lan,DC=mum > > Setting account password for DC2$ > > Enabling account > > Adding DNS account CN=dns-DC2,CN=Users,DC=ik,DC=lan,DC=mum with dns/ SPN > > Setting account password for dns-DC2 > > Calling bare provision > > Looking up IPv4 addresses > > Looking up IPv6 addresses > > No IPv6 address will be assigned > > Setting up secrets.ldb > > Setting up the registry > > Setting up the privileges database > > Setting up idmap db > > Setting up SAM db > > Setting up sam.ldb partitions and settings > > Setting up sam.ldb rootDSE > > Pre-loading the Samba 4 and AD schema > > A Kerberos configuration suitable for Samba 4 has been generated at > /usr/local/samba/private/krb5.conf > > Provision OK for domain DN DC=ik,DC=lan,DC=mum > > Starting replication > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1550] > linked_values[0/0] > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1550] > linked_values[0/0] > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] > objects[1206/1550] linked_values[0/0] > > Schema-DN[CN=Schema,CN=Configuration,DC=ik,DC=lan,DC=mum] > objects[1550/1550] linked_values[0/0] > > Analyze and apply schema objects > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[402/1620] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[804/1620] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1206/1620] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1608/1620] > linked_values[0/0] > > Partition[CN=Configuration,DC=ik,DC=lan,DC=mum] objects[1620/1620] > linked_values[28/0] > > Replicating critical objects from the base DN of the domain > > Partition[DC=ik,DC=lan,DC=mum] objects[98/98] linked_values[23/0] > > Partition[DC=ik,DC=lan,DC=mum] objects[379/281] linked_values[23/0] > > Done with always replicated NC (base, config, schema) > > Replicating DC=DomainDnsZones,DC=ik,DC=lan,DC=mum > > Partition[DC=DomainDnsZones,DC=ik,DC=lan,DC=mum] objects[40/40] > linked_values[0/0] > > Replicating DC=ForestDnsZones,DC=ik,DC=lan,DC=mum > > Partition[DC=ForestDnsZones,DC=ik,DC=lan,DC=mum] objects[18/18] > linked_values[0/0] > > Committing SAM database > > Sending DsReplicaUpdateRefs for all the replicated partitions > > Setting isSynchronized and dsServiceName > > Setting up secrets database > > See /usr/local/samba/private/named.conf for an example configuration > include file for BIND > > and /usr/local/samba/private/named.txt for further documentation required > for secure DNS updates > > Joined domain IK.LAN (SID S-1-5-21-3947581883-4033758009-2802199242) as a > DC > > *I have strictly followed Samba wiki for joining additional domain * > > *Right now everything seems to be working like I can authenticate the user > by putting DC down, creating / modifying user is replicated immediately.* > > > Thanks, > > VikasWelcome to the 'I have found a bug' club :-) Firstly though, it is 'BIND9_FLATFILE' not 'BIND9_FLAT' , not that this would have helped. If you run 'samba-tool domain provision --help' , amongst the output is this: --dns-backend=NAMESERVER-BACKEND The DNS server backend. SAMBA_INTERNAL is the builtin name server (default), BIND9_FLATFILE uses bind9 text database to store zone information, BIND9_DLZ uses samba4 AD to store zone information, NONE skips the DNS setup entirely (not recommended) OK, this shows 'BIND9_FLATFILE', but if you run 'samba-tool domain join --help' , you will find this: --dns-backend=NAMESERVER-BACKEND The DNS server backend. SAMBA_INTERNAL is the builtin name server (default), BIND9_DLZ uses samba4 AD to store zone information, NONE skips the DNS setup entirely (this DC will not be a DNS server) Whoops, 'BIND9_FLATFILE' has disappeared. I wouldn't think that using 'BIND9_FLATFILE' is a good idea, using this will store the dns info outside AD and what isn't in AD cannot be replicated. I actually think the bug is that 'samba-tool domain provision' will accept 'BIND9_FLATFILE'. Rowland
yes i realized that there is something wrong with BIND9_FLATFILE while encountering with samba_upgradedns -h which doesn't show BIND9_FLATFILE Any help on*drs repl* not working i think it is pointing to wrong FQDN how do i correct that ?> >/ Not able to to view replication.(samba-tool drs showrepl) > />/ > />/ > />/ [root at dc2 <https://lists.samba.org/mailman/listinfo/samba>]# samba-tool drs showrepl (want to highlight the name which is > />/ using to connect) > />/ > />/ ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to > />/ *dc2.ik.lan.mum* failed - drsException: DRS connection to dc2.ik.lan.mum > />/ failed: (-1073741772, 'The object name is not found.') > />/ > />/ File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/drs.py", > />/ line 39, in drsuapi_connect > />/ > />/ (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) > />/ drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds) > />/ > />/ File "/usr/local/samba/lib64/python2.6/site-packages/samba/drs_utils.py", > />/ line 54, in drsuapi_connect > />/ > />/ raise drsException("DRS connection to %s failed: %s" % (server, e)) > />> Welcome to the 'I have found a bug' club :-) > > Firstly though, it is 'BIND9_FLATFILE' not 'BIND9_FLAT' , not that this > would have helped. > > If you run 'samba-tool domain provision --help' , amongst the output is > this: > > --dns-backend=NAMESERVER-BACKEND > The DNS server backend. SAMBA_INTERNAL is the > builtin > name server (default), BIND9_FLATFILE uses > bind9 text > database to store zone information, BIND9_DLZ uses > samba4 AD to store zone information, NONE skips the > DNS setup entirely (not recommended) > > OK, this shows 'BIND9_FLATFILE', but if you run 'samba-tool domain join > --help' , you will find this: > > --dns-backend=NAMESERVER-BACKEND > The DNS server backend. SAMBA_INTERNAL is the > builtin > name server (default), BIND9_DLZ uses samba4 AD to > store zone information, NONE skips the DNS setup > entirely (this DC will not be a DNS server) > > Whoops, 'BIND9_FLATFILE' has disappeared. > > I wouldn't think that using 'BIND9_FLATFILE' is a good idea, using this > will store the dns info outside AD and what isn't in AD cannot be > replicated. > > I actually think the bug is that 'samba-tool domain provision' will > accept 'BIND9_FLATFILE'. > > Rowland