samba - Jul 2015 - Samba4 Join a domain as a DC

But If i want my samba4 to be dns after when i ll decide to stop the 
other dc

can't i keep the to dns

Could you explain a bit



Le 09/07/2015 17:55, Marc Muehlfeld a écrit :
> Hello,
>
> Am 09.07.2015 um 17:04 schrieb zorg:
>> following this
>> https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_joins
>>
>> But i  do
>> samba-tool dns add EPSILUM _msdcs.myos.local
>> d4aBdfb0-8937-465a-af2d-d657fgh145ee CNAME smb4.myos.local
>> If have got
>>   ERROR(runtime): uncaught exception - (9601,
>> 'WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST')
>> ‎ File
"/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
>> 175, in _run
>> ‎ return self.run(*args, **kwargs)
>> ‎ File
"/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
>> 1070, in run
>> ‎0, server, zone, name, add_rec_buf, None)
>
> During the DC join, have you configured that the new DC should not be a
> DNS? E. g. by
> # samba-tool domain join ... --dns-backend=NONE
> or did you choose DNS backend=NONE if you used the interactive way?
>
> In that case run this command on one of your DCs, having a DNS.
>
>
>
> Regards,
> Marc

-- 
probeSys - spécialiste GNU/Linux
site web : http://www.probesys.com

Hello,

Am 09.07.2015 um 18:06 schrieb zorg:
> But If i want my samba4 to be dns after when i ll decide to stop the
> other dc
> 
> can't i keep the to dns
Sorry, I'm not sure, if I understand you. But before talking about
demoting other DCs, etc. we need to complete the domain join of the new DC.

Did you setup the new DC to be a DNS as well during the join (see my
last post)?


Regards,
Marc

On 09/07/15 17:06, zorg wrote:
> But If i want my samba4 to be dns after when i ll decide to stop the 
> other dc
>
> can't i keep the to dns
>
> Could you explain a bit
>
>
>
> Le 09/07/2015 17:55, Marc Muehlfeld a écrit :
>> Hello,
>>
>> Am 09.07.2015 um 17:04 schrieb zorg:
>>> following this
>>>
https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_joins
>>>
>>> But i  do
>>> samba-tool dns add EPSILUM _msdcs.myos.local
>>> d4aBdfb0-8937-465a-af2d-d657fgh145ee CNAME smb4.myos.local
>>> If have got
>>>   ERROR(runtime): uncaught exception - (9601,
>>> 'WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST')
>>> ‎ File
"/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
>>> line
>>> 175, in _run
>>> ‎ return self.run(*args, **kwargs)
>>> ‎ File
"/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
>>> 1070, in run
>>> ‎0, server, zone, name, add_rec_buf, None)
>>
>> During the DC join, have you configured that the new DC should not be a
>> DNS? E. g. by
>> # samba-tool domain join ... --dns-backend=NONE
>> or did you choose DNS backend=NONE if you used the interactive way?
>>
>> In that case run this command on one of your DCs, having a DNS.
>>
>>
>>
>> Regards,
>> Marc
>
>
Hi, Active directory lives on DNS, if no DNS there is no Active Directory.

Best plan would be to run DNS on all DCs, this way if there is a problem 
with one DC, you still have DNS. You should point each DC at another DC, 
then have its own address to fall back on i.e. if the ipaddress of DC1 
is 192.168.0.2 and the ipaddress of DC2 is 192.168.0.3, then the 
/etc/resolv.conf on DC1 would be:

search example.com
nameserver 192.168.0.3
nameserver 192.168.0.2

and on DC2:

  search example.com
nameserver 192.168.0.2
nameserver 192.168.0.3

Rowland

Le 09/07/2015 18:20, Rowland Penny a écrit :
> On 09/07/15 17:06, zorg wrote:
>> But If i want my samba4 to be dns after when i ll decide to stop the 
>> other dc
>>
>> can't i keep the to dns
>>
>> Could you explain a bit
>>
>>
>>
>> Le 09/07/2015 17:55, Marc Muehlfeld a écrit :
>>> Hello,
>>>
>>> Am 09.07.2015 um 17:04 schrieb zorg:
>>>> following this
>>>>
https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_joins
>>>>
>>>> But i  do
>>>> samba-tool dns add EPSILUM _msdcs.myos.local
>>>> d4aBdfb0-8937-465a-af2d-d657fgh145ee CNAME smb4.myos.local
>>>> If have got
>>>>   ERROR(runtime): uncaught exception - (9601,
>>>> 'WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST')
>>>> ‎ File
"/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
>>>> line
>>>> 175, in _run
>>>> ‎ return self.run(*args, **kwargs)
>>>> ‎ File
"/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
>>>> 1070, in run
>>>> ‎0, server, zone, name, add_rec_buf, None)
>>>
>>> During the DC join, have you configured that the new DC should not
be a
>>> DNS? E. g. by
>>> # samba-tool domain join ... --dns-backend=NONE
>>> or did you choose DNS backend=NONE if you used the interactive way?
>>>
>>> In that case run this command on one of your DCs, having a DNS.
>>>
>>>
>>>
>>> Regards,
>>> Marc
>>
>>
>
> Hi, Active directory lives on DNS, if no DNS there is no Active 
> Directory.
>
> Best plan would be to run DNS on all DCs, this way if there is a 
> problem with one DC, you still have DNS. You should point each DC at 
> another DC, then have its own address to fall back on i.e. if the 
> ipaddress of DC1 is 192.168.0.2 and the ipaddress of DC2 is 
> 192.168.0.3, then the /etc/resolv.conf on DC1 would be:
>
> search example.com
> nameserver 192.168.0.3
> nameserver 192.168.0.2
>
> and on DC2:
>
>  search example.com
> nameserver 192.168.0.2
> nameserver 192.168.0.3
>
> Rowland
>
I'll try to be more clear

My first AD is a windows 2008
I want to join my samba4 to the domain as a dc and then stop the windows 
2008. but
when i do


samba-tool dns add EPSILUM _msdcs.myos.local 
d4aBdfb0-8937-465a-af2d-d657fgh145ee CNAME smb4.myos.local
If have got
   ERROR(runtime): uncaught exception - (9601,
'WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST')
‎ File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line
175, in _run
‎ return self.run(*args, **kwargs)
‎ File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
1070, in run
‎0, server, zone, name, add_rec_buf, None)

is this a samba-tool bug or what should i do to add it to my windows 
2008 dns

thanks

-- 
probeSys - spécialiste GNU/Linux
site web : http://www.probesys.com

Hi Roland,
> Hi, Active directory lives on DNS, if no DNS there is no Active Directory.
about this one, while the first part is very true, I'd say that the 
second part is only 99.99% correct :-)

Indeed I once had to migrate a win2k-AD domain to samba4-AD with 30 
workstations where the DC's DNS service was simply disabled, yeah 
_disabled_, and there where no other DC in the domain.

All the workstation found the AD through NetBIOS/WINS and had a external 
bind9 for internet browsing. And actually it was working... perhaps not 
as it was intended to, but it was working. I don't remember if the DC 
was still in mixed mode or not though.

Anyway, I totally agree with you that proper DNS configuration is 
paramout to have a well running AD domain!

Cheers,

Denis
>
> Best plan would be to run DNS on all DCs, this way if there is a problem
> with one DC, you still have DNS. You should point each DC at another DC,
> then have its own address to fall back on i.e. if the ipaddress of DC1
> is 192.168.0.2 and the ipaddress of DC2 is 192.168.0.3, then the
> /etc/resolv.conf on DC1 would be:
>
> search example.com
> nameserver 192.168.0.3
> nameserver 192.168.0.2
>
> and on DC2:
>
>   search example.com
> nameserver 192.168.0.2
> nameserver 192.168.0.3
>
> Rowland
>
-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr