Hi, I have a domain composed by 3 linux samba 4 AD servers. I wanted to add a windows based domain controller on it and followed the documentation on the samba wiki. Everything works fine except the DNS: - when I try do add a dns record on the windows 2008r2 server, I got an error popup with "Refused" - in the DNS service logs at startup I got an error 4014: "The DNS server was unable to initialize Active Directory security interfaces. Check that the Active Directory is functioning properly and restart the DNS server. The event data contains the error." Any idea about this problem? Thanks -- *Olivier Weinstoerffer* Chief technical Architect *Sword Performance Solutions* M +41 79 390 42 00 T +41 61 723 01 88 E olivier.weinstoerffer at sword-performance.com Schützengraben 7 4051 Basel, Switzerland www.sword-performance.com Sword Performance Solutions AG, a company registered in Switzerland with registered number CHE-109.703.611 and whose registered office is in Basel, Switzerland is part of the Sword Group. This email (and any attachments) is intended for the named recipient(s) and is private and confidential. If it is not for you, please inform us and then delete it. If you are not the intended recipient(s), the use, disclosure, copying or distribution of any information contained within this email is prohibited. Messages to and from us may be monitored. If the content is not about the business of the Sword Group then the message is neither from nor sanctioned by us. Internet communications are not secure. You should scan this message and any attachments for viruses. Under no circumstances do we accept liability for any loss or damage which may result from your receipt of this email or any attachment.
Hello Olivier, Am 08.01.2016 um 12:02 schrieb Olivier Weinstoerffer:> I have a domain composed by 3 linux samba 4 AD servers.- Which version of Samba on the DCs? - Which DNS backend do each use? - Did you let the dcpromo choose one of the DCs as source or did you choose a specific one? - On the WinDC: DNS and GC = yes?> I wanted to add a windows based domain controller on it > and followed the documentation on the > samba wiki. Everything works fine except the DNS: > - when I try do add a dns record on the windows 2008r2 server, I got an > error popup with "Refused"On which step exactly do you receive the error? Then I can try to reproduce it here. Regards, Marc
Hello Marc, samba is 4.1.22. I let the dcpromote choose the DC. DNS is internal Yes the windows DC has also global catalog Regards Olivier On Fri, Jan 8, 2016 at 4:38 PM, Marc Muehlfeld <mmuehlfeld at samba.org> wrote:> Hello Olivier, > > Am 08.01.2016 um 12:02 schrieb Olivier Weinstoerffer: > > I have a domain composed by 3 linux samba 4 AD servers. > > - Which version of Samba on the DCs? > - Which DNS backend do each use? > - Did you let the dcpromo choose one of the DCs as source or did you > choose a specific one? > - On the WinDC: DNS and GC = yes? > > > > > I wanted to add a windows based domain controller on it > > and followed the documentation on the > > samba wiki. Everything works fine except the DNS: > > - when I try do add a dns record on the windows 2008r2 server, I got an > > error popup with "Refused" > > On which step exactly do you receive the error? Then I can try to > reproduce it here. > > > > Regards, > Marc >-- *Olivier Weinstoerffer* Chief technical Architect *Sword Performance Solutions* M +41 79 390 42 00 T +41 61 723 01 88 E olivier.weinstoerffer at sword-performance.com Schützengraben 7 4051 Basel, Switzerland www.sword-performance.com Sword Performance Solutions AG, a company registered in Switzerland with registered number CHE-109.703.611 and whose registered office is in Basel, Switzerland is part of the Sword Group. This email (and any attachments) is intended for the named recipient(s) and is private and confidential. If it is not for you, please inform us and then delete it. If you are not the intended recipient(s), the use, disclosure, copying or distribution of any information contained within this email is prohibited. Messages to and from us may be monitored. If the content is not about the business of the Sword Group then the message is neither from nor sanctioned by us. Internet communications are not secure. You should scan this message and any attachments for viruses. Under no circumstances do we accept liability for any loss or damage which may result from your receipt of this email or any attachment.