> > Does nobody read the Samba wiki ??? >What??? Samba has a wiki ??? *Bazinga *:D As far as I am aware, AD subdomains do not work correctly with Samba AD.> > What you have done with the new DC, is what you should have done in the > > first place, created a subdomain of your main dns domain and used this > > for the AD dns domain and realm. > >I started in this job now and it was already set up in this way. :( I think you have two options here and I don't think you are going to like either ;-)> Shut down your main DNS server and then use the Samba dns servers foreverything in the domain, or I think this option is not viable!!! start again with your new DC and DNS subdomain. DNS subdomain? Why? On Tue, Nov 14, 2017 at 5:11 PM, Rowland Penny <rpenny at samba.org> wrote:> On Tue, 14 Nov 2017 16:05:52 -0200 > Elias Pereira via samba <samba at lists.samba.org> wrote: > > > Hello guys, > > > > I work at an institution where the domain is institute.edu.br. We > > have a main dns that answers for the internal and external services > > that we have. > > > > Firstly the staff here configured samba as domain institute.edu.br, > > but this way it is conflicting in the resolution of internal and > > external service names, since samba wants to respond for all requests > > and, even inserting a forward zone, does not it works. > > > > I configured a new DC as a subdomain, because in this way samba only > > responds to your requests and forward all the rest to the main dns. It > > became addc.institute.edu.br > > > > My question is whether there is any impediment in joining the > > domindom to the domain, transferring the fsmo roles and then demote > > the old one? > > > > Does nobody read the Samba wiki ??? > > As far as I am aware, AD subdomains do not work correctly with Samba AD. > What you have done with the new DC, is what you should have done in the > first place, created a subdomain of your main dns domain and used this > for the AD dns domain and realm. > > I think you have two options here and I don't think you are going to > like either ;-) > > Shut down your main DNS server and then use the Samba dns servers for > everything in the domain, or start again with your new DC and DNS > subdomain. > > Rowland > >-- Elias Pereira
On Tue, 14 Nov 2017 20:07:38 -0200 Elias Pereira via samba <samba at lists.samba.org> wrote:> > > > Does nobody read the Samba wiki ??? > > > > What??? Samba has a wiki ??? *Bazinga *:DYes, you will find it here: https://wiki.samba.org/index.php/Main_Page> > As far as I am aware, AD subdomains do not work correctly with Samba > AD. > > > > What you have done with the new DC, is what you should have done in > > the > > > > first place, created a subdomain of your main dns domain and used > > this > > > > for the AD dns domain and realm. > > > > > I started in this job now and it was already set up in this way. :(And you are left to pick up the pieces ;-)> > > > I think you have two options here and I don't think you are going to > > like either ;-) > > > > Shut down your main DNS server and then use the Samba dns servers > > for > > everything in the domain, or > > > I think this option is not viable!!!Didn't think it was> > start again with your new DC and DNS > > subdomain. > > > DNS subdomain? Why?If your main domain is 'example.com' and you use 'ad.example.com' as a dns subdomain of 'example.com', the Samba DC would be authoritative for 'ad.example.com', the AD clients would use the DC as their nameserver for the domain and anything unknown by the DC (google for instance, or anything in the 'example.com' domain) would be forwarded to the 'example.com' DNS server. Rowland
> > If your main domain is 'example.com' and you use 'ad.example.com' as a > > dns subdomain of 'example.com', the Samba DC would be authoritative > > for 'ad.example.com', the AD clients would use the DC as their > > nameserver for the domain and anything unknown by the DC (google for > > instance, or anything in the 'example.com' domain) would be forwarded > > to the 'example.com' DNS server. > >Ok. I get it now. That's exactly what I want to do. :D I thought I could join this new DC with the old one, transfer the fsmo roles and demote, but now you said that this is not viable. :( The big problem is that we already have users in this DC and in addition this DC is a fileserver too. Now it got worse, isn't it Rowland? :( On Tue, Nov 14, 2017 at 8:25 PM, Rowland Penny via samba < samba at lists.samba.org> wrote:> On Tue, 14 Nov 2017 20:07:38 -0200 > Elias Pereira via samba <samba at lists.samba.org> wrote: > > > > > > > Does nobody read the Samba wiki ??? > > > > > > > What??? Samba has a wiki ??? *Bazinga *:D > > Yes, you will find it here: > > https://wiki.samba.org/index.php/Main_Page > > > > > As far as I am aware, AD subdomains do not work correctly with Samba > > AD. > > > > > > What you have done with the new DC, is what you should have done in > > > the > > > > > > first place, created a subdomain of your main dns domain and used > > > this > > > > > > for the AD dns domain and realm. > > > > > > > > I started in this job now and it was already set up in this way. :( > > And you are left to pick up the pieces ;-) > > > > > > > > > I think you have two options here and I don't think you are going to > > > > like either ;-) > > > > > > > Shut down your main DNS server and then use the Samba dns servers > > > for > > > > everything in the domain, or > > > > > > I think this option is not viable!!! > > Didn't think it was > > > > > start again with your new DC and DNS > > > > subdomain. > > > > > > DNS subdomain? Why? > > If your main domain is 'example.com' and you use 'ad.example.com' as a > dns subdomain of 'example.com', the Samba DC would be authoritative > for 'ad.example.com', the AD clients would use the DC as their > nameserver for the domain and anything unknown by the DC (google for > instance, or anything in the 'example.com' domain) would be forwarded > to the 'example.com' DNS server. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Elias Pereira