Thank all those who have responded, mainly to Rowland and tell them that I just managed to mount a samba server 4.7.3 with Debian 9 implementing the option of NONE when choosing the DNS server, the steps that followed were as follows 1- Download samba 4.7.3 2- ./configure.develpment & make & make install 3- apt-get install debian9 4- Follow the steps of the how to of the samba website 5- When in the previous step I asked what type of DNS to use, I put NONE 6- Then restart and manually configure the following files - /etc/bind/named.conf.local - /etc/bind/named.conf.option - / var / cache / bind / direct_zone - / var / cache / bind / zone_inverza It is good to clarify that these files were manually configured then restart and all the tests recommended by the site are perfect. Looking for DNS entry A ccmg7.eccmg.cupet.cu 172.18.68.7 as ccmg7.eccmg.cupet.cu. Looking for DNS entry A eccmg.cupet.cu 172.18.68.7 as eccmg.cupet.cu. Looking for DNS entry SRV _ldap._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as _ldap._tcp.eccmg.cupet.cu. Checking 0 100 389 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as _ldap._tcp.dc._msdcs.eccmg.cupet.cu. Checking 0 100 389 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS entry SRV _ldap._tcp.4f2a2c15-b049-4139-8ba7-a827147dfd14.domains._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as _ldap._tcp.4f2a2c15-b049-4139-8ba7-a827147dfd14.domains._msdcs.eccmg.cupet.cu. Checking 0 100 389 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.4f2a2c15-b049-4139-8ba7-a827147dfd14.domains._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS entry SRV _kerberos._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 as _kerberos._tcp.eccmg.cupet.cu. Checking 0 100 88 ccmg7.eccmg.cupet.cu. against SRV _kerberos._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 Looking for DNS entry SRV _kerberos._udp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 as _kerberos._udp.eccmg.cupet.cu. Checking 0 100 88 ccmg7.eccmg.cupet.cu. against SRV _kerberos._udp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 as _kerberos._tcp.dc._msdcs.eccmg.cupet.cu. Checking 0 100 88 ccmg7.eccmg.cupet.cu. against SRV _kerberos._tcp.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 Looking for DNS entry SRV _kpasswd._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 464 as _kpasswd._tcp.eccmg.cupet.cu. Checking 0 100 464 ccmg7.eccmg.cupet.cu. against SRV _kpasswd._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 464 Looking for DNS entry SRV _kpasswd._udp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 464 as _kpasswd._udp.eccmg.cupet.cu. Checking 0 100 464 ccmg7.eccmg.cupet.cu. against SRV _kpasswd._udp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 464 Looking for DNS entry CNAME 1a5d998f-5610-4c4e-adef-d634c42b6f3a._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu as 1a5d998f-5610-4c4e-adef-d634c42b6f3a._msdcs.eccmg.cupet.cu. Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as _ldap._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu. Checking 0 100 389 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.eccmg.cupet.cu. Checking 0 100 389 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 as _kerberos._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu. Checking 0 100 88 ccmg7.eccmg.cupet.cu. against SRV _kerberos._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 as _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.eccmg.cupet.cu. Checking 0 100 88 ccmg7.eccmg.cupet.cu. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 88 Looking for DNS entry SRV _ldap._tcp.pdc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as _ldap._tcp.pdc._msdcs.eccmg.cupet.cu. Checking 0 100 389 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.pdc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS entry A gc._msdcs.eccmg.cupet.cu 172.18.68.7 as gc._msdcs.eccmg.cupet.cu. Looking for DNS entry SRV _gc._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 as _gc._tcp.eccmg.cupet.cu. Checking 0 100 3268 ccmg7.eccmg.cupet.cu. against SRV _gc._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 as _ldap._tcp.gc._msdcs.eccmg.cupet.cu. Checking 0 100 3268 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.gc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 as _gc._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu. Checking 0 100 3268 ccmg7.eccmg.cupet.cu. against SRV _gc._tcp.Default-First-Site-Name._sites.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.eccmg.cupet.cu. Checking 0 100 3268 ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 3268 No DNS updates needed
Andrew Bartlett
2017-Dec-11 19:33 UTC
[Samba] Samba with DNS backend set to NONE (was: Re: Update samba and Debian)
On Mon, 2017-12-11 at 19:02 +0000, Sandy via samba wrote:> Thank all those who have responded, mainly to Rowland and tell them that I just managed to mount a samba server 4.7.3 with Debian 9 implementing the option of NONE when choosing the DNS server, the steps that followed were as follows > 1- Download samba 4.7.3 > 2- ./configure.develpment & make & make install > 3- apt-get install debian9 > 4- Follow the steps of the how to of the samba website > 5- When in the previous step I asked what type of DNS to use, I put NONE > 6- Then restart and manually configure the following files > - /etc/bind/named.conf.local > - /etc/bind/named.conf.option > - / var / cache / bind / direct_zone > - / var / cache / bind / zone_inverzaI'm sorry but I think you have only bought yourself long-term pain. Samba is free software, you are free to use and abuse it however you like, but I don't see how the AD ACLs for DNS entries are applied in this case, or how you plan to do multi-master replication. In particular, adding a second DC will be painful. There is a big difference between what is technically possible (and we try to keep many things technically possible) and what is a good idea. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
On Mon, 11 Dec 2017 19:02:52 +0000 Sandy via samba <samba at lists.samba.org> wrote:> Thank all those who have responded, mainly to Rowland and tell them > that I just managed to mount a samba server 4.7.3 with Debian 9 > implementing the option of NONE when choosing the DNS server, the > steps that followed were as follows 1- Download samba 4.7.3 > 2- ./configure.develpment & make & make install 3- apt-get install > debian9 4- Follow the steps of the how to of the samba website 5- > When in the previous step I asked what type of DNS to use, I put NONE > 6- Then restart and manually configure the following files > - /etc/bind/named.conf.local > - /etc/bind/named.conf.option > - / var / cache / bind / direct_zone > - / var / cache / bind / zone_inverza > It is good to clarify that these files were manually configured > then restart and all the tests recommended by the site are perfect.You are not using a Samba supported dns server, Samba AD will not be able to update your dns files. From the Samba provision code: if dns_backend == "NONE": logger.info("No DNS backend set, not configuring DNS") return What part of 'No DNS backend set, not configuring DNS' do you not understand ? Do not do this! Rowland Penny Samba team member
sandy.napoles at eccmg.cupet.cu
2017-Dec-11 19:42 UTC
[Samba] Samba with DNS backend set to NONE (was: Re: Update samba and Debian)
11 de diciembre de 2017 14:35, "Andrew Bartlett via samba" <samba at lists.samba.org> escribió:> On Mon, 2017-12-11 at 19:02 +0000, Sandy via samba wrote: > >> Thank all those who have responded, mainly to Rowland and tell them that I just managed to mount a >> samba server 4.7.3 with Debian 9 implementing the option of NONE when choosing the DNS server, the >> steps that followed were as follows >> 1- Download samba 4.7.3 >> 2- ./configure.develpment & make & make install >> 3- apt-get install debian9 >> 4- Follow the steps of the how to of the samba website >> 5- When in the previous step I asked what type of DNS to use, I put NONE >> 6- Then restart and manually configure the following files >> - /etc/bind/named.conf.local >> - /etc/bind/named.conf.option >> - / var / cache / bind / direct_zone >> - / var / cache / bind / zone_inverza > > I'm sorry but I think you have only bought yourself long-term pain. > > Samba is free software, you are free to use and abuse it however you > like, but I don't see how the AD ACLs for DNS entries are applied in > this case, or how you plan to do multi-master replication. > > In particular, adding a second DC will be painful. > > There is a big difference between what is technically possible (and we > try to keep many things technically possible) and what is a good idea. > > Andrew Bartlett > -- > Andrew Bartlett http://samba.org/~abartlet > Authentication Developer, Samba Team http://samba.org > Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaok, I'll compile it as it says the how to samba 4, I was just testing this alternative and saw that it worked well, but good considering future changes and updates I will do as proposed by the samba4 site...
Rowland Penny
2017-Dec-11 19:51 UTC
[Samba] Samba with DNS backend set to NONE (was: Re: Update samba and Debian)
On Tue, 12 Dec 2017 08:33:55 +1300 Andrew Bartlett via samba <samba at lists.samba.org> wrote:> On Mon, 2017-12-11 at 19:02 +0000, Sandy via samba wrote: > > Thank all those who have responded, mainly to Rowland and tell them > > that I just managed to mount a samba server 4.7.3 with Debian 9 > > implementing the option of NONE when choosing the DNS server, the > > steps that followed were as follows 1- Download samba 4.7.3 > > 2- ./configure.develpment & make & make install 3- apt-get install > > debian9 4- Follow the steps of the how to of the samba website 5- > > When in the previous step I asked what type of DNS to use, I put > > NONE 6- Then restart and manually configure the following files > > - /etc/bind/named.conf.local > > - /etc/bind/named.conf.option > > - / var / cache / bind / direct_zone > > - / var / cache / bind / zone_inverza > > I'm sorry but I think you have only bought yourself long-term pain. > > Samba is free software, you are free to use and abuse it however you > like, but I don't see how the AD ACLs for DNS entries are applied in > this case, or how you plan to do multi-master replication. > > In particular, adding a second DC will be painful. > > There is a big difference between what is technically possible (and we > try to keep many things technically possible) and what is a good > idea. > > Andrew BartlettHi Andrew, you are probably wasting your time here, I have been trying to tell him not to do this for 2 days now, he has just ploughed on. Perhaps we should remove the dns 'NONE' option from provision ? Rowland
sandy.napoles at eccmg.cupet.cu
2017-Dec-11 20:19 UTC
[Samba] Samba with DNS backend set to NONE (was: Re: Update samba and Debian)
11 de diciembre de 2017 15:10, "Andrew Bartlett" <abartlet at samba.org> escribió:> On Mon, 2017-12-11 at 19:02 +0000, Sandy via samba wrote: > >> Thank all those who have responded, mainly to Rowland and tell them that I just managed to mount a >> samba server 4.7.3 with Debian 9 implementing the option of NONE when choosing the DNS server, the >> steps that followed were as follows >> 1- Download samba 4.7.3 >> 2- ./configure.develpment & make & make install >> 3- apt-get install debian9 >> 4- Follow the steps of the how to of the samba website >> 5- When in the previous step I asked what type of DNS to use, I put NONE >> 6- Then restart and manually configure the following files >> - /etc/bind/named.conf.local >> - /etc/bind/named.conf.option >> - / var / cache / bind / direct_zone >> - / var / cache / bind / zone_inverza > > I'm sorry but I think you have only bought yourself long-term pain. > > Samba is free software, you are free to use and abuse it however you > like, but I don't see how the AD ACLs for DNS entries are applied in > this case, or how you plan to do multi-master replication. > > In particular, adding a second DC will be painful. > > There is a big difference between what is technically possible (and we > try to keep many things technically possible) and what is a good idea. > > Andrew Bartlett > -- > Andrew Bartlett http://samba.org/~abartlet > Authentication Developer, Samba Team http://samba.org > Samba Developer, Catalyst IT http://catalyst.net.nz/services/sambanobody is wasting time, as I said before I was trying to see if it worked, but I see what the site says is the best option, and it would not be a bad idea to remove option NONE from the provision, if it is not going to be used, then delete it would be all better, for me the thread is already closed, as I said before will guide me step by step for every help they gave me and for...
Rowland Penny
2017-Dec-11 20:34 UTC
[Samba] Samba with DNS backend set to NONE (was: Re: Update samba and Debian)
On Mon, 11 Dec 2017 20:19:06 +0000 Sandy via samba <samba at lists.samba.org> wrote:> nobody is wasting time, as I said before I was trying to see if it > worked, but I see what the site says is the best option, and it would > not be a bad idea to remove option NONE from the provision, if it is > not going to be used, then delete it would be all better, for me the > thread is already closed, as I said before will guide me step by step > for every help they gave me and for... >You have wasted two days of your time, I told you two days ago NOT to use the 'NONE' dns server, but you wouldn't listen, but it was your time ;-) Rowland