the problem is that dnsupdate is not working becuase i use dlz. i cannot
use dbsupdate with dnsupdate it fails.
*Patrik*
WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> |
NPM
<https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com>
| +36
20 342 8046
On Sat, Aug 3, 2019 at 9:22 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 03/08/2019 03:01, Patrik via samba wrote:
> > My config is this:
> > # Global parameters
> > [global]
> > # bind interfaces only = Yes
> > # if this is turned on, always perfect
> > # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> > # interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
> > 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> > # interfaces = lo 192.168.81.20
> 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
> > # if all interfaces known, order is important, the last is the
required
> > # interfaces = lo 192.168.78.20 192.168.81.20
> > # interfaces = lo enp1s0f3 enp1s0f2
> > netbios name = SERVER
> > realm = P3X-DC.PATRIKX3.COM
> > # server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> > winbindd, ntp_signd, kcc, dnsupdate
> > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd,
> > ntp_signd, kcc
> >
> It looks to me that you already know the answer, even if you don't
> realise it ;-)
>
> You have turned off the culprit, 'dnsupdate', this uses a list
> 'dns_update_list' to add any missing dns entries. Amongst the
records it
> checks for are:
>
> A ${HOSTNAME} $IP
> AAAA ${HOSTNAME} $IP
>
> ${IF_RWDC}A ${DNSDOMAIN} $IP
> ${IF_RWDC}AAAA ${DNSDOMAIN} $IP
>
> There are others.
>
> You need to decide which interface to use and set this in smb.conf, you
> will then need to delete the incorrect dns records from AD.
>
> Also, you are using the AD DC as a fileserver (not recommended), so can
> I suggest you change your smb.conf to this:
>
> [global]
> netbios name = SERVER
> realm = P3X-DC.PATRIKX3.COM
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> workgroup = P3X-DC
> idmap_ldb:use rfc2307 = yes
> bind interfaces only = Yes
> interfaces = lo enp1s0f2
> # log level = 3
> template shell = /bin/bash
> template homedir = /home/%U
>
> [netlogon]
> path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [media]
> path = /media
> read only = no
>
> [mounts]
> path = /mnt
> read only = no
>
> [router-logs]
> path = /var/log-router
> read only = yes
>
> Then go and read this:
>
> https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
>
> If you must use a DC as a fileserver, you cannot set the permissions as
> if it is a Unix domain member.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>