samba - Nov 2016 - DC server own hostname must be part of ad dc domain?

Hi all.

If I have AD domain dc.samges.ru, how to setup a hostname, hosts file 
and resolv.conf file? DNS is samba internal type.

Now I have settigs as here:
(ad41 is dc with fsmo roles, ip 172.16.214.141, ad51 is a second dc, ip 
172.16.214.151)

root at ad51:~# hostname -s
ad51
root at ad51:~# hostname -d
samges.ru
root at ad51:~# hostname -f
ad51.samges.ru

Must I have an $SERV.$ADDOMAIN hostname, like ad51.dc.samges.ru ?
If I change hostname now, what will happen in AD domain ?

And second part of question:

root at ad51:~# cat /etc/hosts

172.16.214.141  daeb1132-e379-4231-b114-5d03cc8925a9._msdcs.dc.samges.ru
127.0.0.1 localhost.localdomain localhost
# Auto-generated hostname. Please do not remove this comment.
172.16.214.151 ad51.samges.ru  ad51 
23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru
::1             localhost ip6-localhost ip6-loopback

Are autogenerated string written bu provision script? Are it needed? 
(provision was 4.1.9 version)
Can I remove records from "hosts" for *_msdcs.dc.samges.ru, if it 
resolvable by samba dns server? (There is a same records on both DCs)

root at ad51:/etc# dig @172.16.214.151 
23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru
;; QUESTION SECTION:
;23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru. IN A
;; ANSWER SECTION:
23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru. 900 IN CNAME 
ad51.dc.samges.ru.
ad51.dc.samges.ru.      900     IN      A       172.16.214.151

(both records resolved and present in servers dns zone)
(created as described here 
https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record)

Are bug 10928 still actual and for which version?

this resolv.conf seems ok?

root at ad51:/etc# cat /etc/resolv.conf
search dc.samges.ru
nameserver 172.16.214.151

-- 
Mike Lykov, system administrator

See inline comments:

On Fri, 18 Nov 2016 14:49:28 +0400
Mike Lykov via samba <samba at lists.samba.org> wrote:
> Hi all.
> 
> If I have AD domain dc.samges.ru, how to setup a hostname, hosts file 
> and resolv.conf file? DNS is samba internal type.
> 
> Now I have settigs as here:
> (ad41 is dc with fsmo roles, ip 172.16.214.141, ad51 is a second dc,
> ip 172.16.214.151)
> 
> root at ad51:~# hostname -s
> ad51
> root at ad51:~# hostname -d
> samges.ru
> root at ad51:~# hostname -f
> ad51.samges.ru
> 
> Must I have an $SERV.$ADDOMAIN hostname, like ad51.dc.samges.ru ?
Yes
> If I change hostname now, what will happen in AD domain ?
Your machine will not be found.
> 
> And second part of question:
> 
> root at ad51:~# cat /etc/hosts
> 
> 172.16.214.141 daeb1132-e379-4231-b114-5d03cc8925a9._msdcs.dc.samges.ru
> 127.0.0.1 localhost.localdomain localhost
> # Auto-generated hostname. Please do not remove this comment.
> 172.16.214.151 ad51.samges.ru  ad51 
> 23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru
> ::1             localhost ip6-localhost ip6-loopback
> 
> Are autogenerated string written bu provision script? Are it needed? 
> (provision was 4.1.9 version)
No, is DHCP putting it there ?? if your machine is using dhcp to get its
ip etc, then you only need this in resolv.conf:

127.0.0.1 localhost.localdomain localhost
::1 localhost ip6-localhost ip6-loopback
> Can I remove records from "hosts" for *_msdcs.dc.samges.ru, if it
> resolvable by samba dns server? (There is a same records on both DCs)
> 
Yes, you can remove them and in fact, you should remove them, they
shouldn't be in in /etc/hosts
> root at ad51:/etc# dig @172.16.214.151 
> 23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru
> ;; QUESTION SECTION:
> ;23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru. IN A
> ;; ANSWER SECTION:
> 23a2a21d-73be-4824-8647-7ef06d463bca._msdcs.dc.samges.ru. 900 IN
> CNAME ad51.dc.samges.ru.
> ad51.dc.samges.ru.      900     IN      A       172.16.214.151
> 
> (both records resolved and present in servers dns zone)
> (created as described here 
> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record)
> 
> Are bug 10928 still actual and for which version?
Yes it is still open and it seems to affect all supported versions of
Samba (This means 4.3.x, 4.4.x and 4.5.x)
> 
> this resolv.conf seems ok?
> 
> root at ad51:/etc# cat /etc/resolv.conf
> search dc.samges.ru
> nameserver 172.16.214.151
> 
Yes, provided '172.16.214.151' is the ipaddress of an AD DC

Rowland

18.11.2016 15:22, Rowland Penny via samba пишет:
>> root at ad51:~# hostname -f
>> ad51.samges.ru
>> Must I have an $SERV.$ADDOMAIN hostname, like ad51.dc.samges.ru ?
> Yes
>
>> If I change hostname now, what will happen in AD domain ?
>
> Your machine will not be found.
But it can be found via DNS, why changing local (for this server) 
hostname affects this?
How to fix it right?
>> Are autogenerated string written bu provision script? Are it needed?
>> (provision was 4.1.9 version)
> No, is DHCP putting it there ?? if your machine is using dhcp to get its
> ip
No, it'a a DC server and it never use a DHCP.
> Yes, you can remove them and in fact, you should remove them, they
> shouldn't be in in /etc/hosts
Ok, I'll try this
But wiki for example 
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory)
suggest to add hostname to /etc/hosts:

"Verify that the host name in /etc/resolv.conf resolves to the network 
IP and not to 127.0.0.1 (localhost)."

It only for precondition before join and may be deleted after?
> Yes, provided '172.16.214.151' is the ipaddress of an AD DC
Thanks

-- 
Mike Lykov, system administrator