Yes, i believe you hitted "not" having the "root zone" in internal DNS. If i recall correctly its somewhere in 4.4. or 4.5 fix. But as Rowland said, i suggest also upgrading. ps other fix is, switch to bind9_DLZ But again i still advice to upgrade. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Andrea Ballarati via samba > Verzonden: dinsdag 14 juli 2020 18:11 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] internal DNS not forwarding > > Hi Louis, > > root at dc:~# samba -V > Version 4.3.11-Ubuntu > > Andrea > > Il 14/07/20 13:55, L.P.H. van Belle via samba ha scritto: > > Yes, all these work here also (! With bind9_dlz ) > > > > nslookup nasa.org $(hostname -i) ( running the command on > the DC itself.) > > nslookup nasa.org 1.1.1.1 > > nslookup nasa.org 8.8.8.8 > > > > Old samba version without the root zone provisioned maybe? > > That is an old bug. > > > > Which samba version is this? > > > > > > Greetz, > > > > Louis > > > > > > > >> -----Oorspronkelijk bericht----- > >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >> Rowland penny via samba > >> Verzonden: dinsdag 14 juli 2020 13:47 > >> Aan: samba at lists.samba.org > >> Onderwerp: Re: [Samba] internal DNS not forwarding > >> > >> On 14/07/2020 11:56, Andrea Ballarati via samba wrote: > >>> Hello, > >>> I am trying to setup a samba4 AD dc in my network using smb-tool. > >>> Everything seems to work except DNS forwarding. > >>> If I query for the dc > >>> root at dc:~# nslookup dc.local.domain.it > >>> I get the correct answer: > >>> root at dc:~# nslookup dc > >>> Server:???????? aaa.bbb.ccc.ddd > >>> Address:??????? aaa.bbb.ccc.ddd#53 > >>> > >>> Name:?? dc.xxxx.yyyy.it > >>> Address: aaa.bbb.ccc.ddd > >>> > >>> but if I query for an external domain: > >>> root at dc:~# nslookup www.nasa.gov > >>> Server:???????? aaa.bbb.ccc.ddd > >>> Address:????? aaa.bbb.ccc.ddd#53 > >>> > >>> Non-authoritative answer: > >>> *** Can't find www.nasa.gov: No answer > >>> > >>> Here is my smb.conf: > >>> [global] > >>> ??????? workgroup = XXXX > >>> ??????? realm = XXXX.YYYY.IT > >>> ??????? netbios name = DC > >>> ??????? server role = active directory domain controller > >>> ??????? idmap_ldb:use rfc2307 = yes > >>> ??????? dns forwarder = 8.8.8.8 > >>> > >>> [netlogon] > >>> ??????? path = /var/lib/samba/sysvol/xxxx.yyyy.it/scripts > >>> ??????? read only = No > >>> > >>> [sysvol] > >>> ??????? path = /var/lib/samba/sysvol > >>> ??????? read only = No > >>> > >>> and my resolv.conf > >>> > >>> search xxxx.yyyy.it > >>> nameserver aaa.bbb.ccc.ddd > >>> > >>> Thank you in advance > >>> Andrea > >>> > >> Strange, it should work, can you ping Google (8.8.8.8) and > >> www.nasa.gov ? > >> > >> Could there be anything blocking access to the internet ( > >> firewall etc) ? > >> > >> Rowland > >> > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > >> > > > -- > ing. Andrea Ballarati > andrea.ballarati at gmail.com > mob. 3481424892 > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Hi Louis, I'm going to update OS version following? your and Rowland's hint. Thank you Andrea Il 15/07/20 08:57, L.P.H. van Belle via samba ha scritto:> Yes, i believe you hitted "not" having the "root zone" in internal DNS. > If i recall correctly its somewhere in 4.4. or 4.5 fix. > > But as Rowland said, i suggest also upgrading. > > ps other fix is, switch to bind9_DLZ > > But again i still advice to upgrade. > > > Greetz, > > Louis > > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Andrea Ballarati via samba >> Verzonden: dinsdag 14 juli 2020 18:11 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] internal DNS not forwarding >> >> Hi Louis, >> >> root at dc:~# samba -V >> Version 4.3.11-Ubuntu >> >> Andrea >> >> Il 14/07/20 13:55, L.P.H. van Belle via samba ha scritto: >>> Yes, all these work here also (! With bind9_dlz ) >>> >>> nslookup nasa.org $(hostname -i) ( running the command on >> the DC itself.) >>> nslookup nasa.org 1.1.1.1 >>> nslookup nasa.org 8.8.8.8 >>> >>> Old samba version without the root zone provisioned maybe? >>> That is an old bug. >>> >>> Which samba version is this? >>> >>> >>> Greetz, >>> >>> Louis >>> >>> >>> >>>> -----Oorspronkelijk bericht----- >>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >>>> Rowland penny via samba >>>> Verzonden: dinsdag 14 juli 2020 13:47 >>>> Aan: samba at lists.samba.org >>>> Onderwerp: Re: [Samba] internal DNS not forwarding >>>> >>>> On 14/07/2020 11:56, Andrea Ballarati via samba wrote: >>>>> Hello, >>>>> I am trying to setup a samba4 AD dc in my network using smb-tool. >>>>> Everything seems to work except DNS forwarding. >>>>> If I query for the dc >>>>> root at dc:~# nslookup dc.local.domain.it >>>>> I get the correct answer: >>>>> root at dc:~# nslookup dc >>>>> Server:???????? aaa.bbb.ccc.ddd >>>>> Address:??????? aaa.bbb.ccc.ddd#53 >>>>> >>>>> Name:?? dc.xxxx.yyyy.it >>>>> Address: aaa.bbb.ccc.ddd >>>>> >>>>> but if I query for an external domain: >>>>> root at dc:~# nslookup www.nasa.gov >>>>> Server:???????? aaa.bbb.ccc.ddd >>>>> Address:????? aaa.bbb.ccc.ddd#53 >>>>> >>>>> Non-authoritative answer: >>>>> *** Can't find www.nasa.gov: No answer >>>>> >>>>> Here is my smb.conf: >>>>> [global] >>>>> ??????? workgroup = XXXX >>>>> ??????? realm = XXXX.YYYY.IT >>>>> ??????? netbios name = DC >>>>> ??????? server role = active directory domain controller >>>>> ??????? idmap_ldb:use rfc2307 = yes >>>>> ??????? dns forwarder = 8.8.8.8 >>>>> >>>>> [netlogon] >>>>> ??????? path = /var/lib/samba/sysvol/xxxx.yyyy.it/scripts >>>>> ??????? read only = No >>>>> >>>>> [sysvol] >>>>> ??????? path = /var/lib/samba/sysvol >>>>> ??????? read only = No >>>>> >>>>> and my resolv.conf >>>>> >>>>> search xxxx.yyyy.it >>>>> nameserver aaa.bbb.ccc.ddd >>>>> >>>>> Thank you in advance >>>>> Andrea >>>>> >>>> Strange, it should work, can you ping Google (8.8.8.8) and >>>> www.nasa.gov ? >>>> >>>> Could there be anything blocking access to the internet ( >>>> firewall etc) ? >>>> >>>> Rowland >>>> >>>> >>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >>>>
I've upgraded OS to the last LTM release and now: root at dc:~# samba -V Version 4.7.6-Ubuntu root at dc:~# nslookup www.google.com Server:???????? aaa.bbb.ccc.ddd Address:??????? aaa.bbb.ccc.ddd#53 Non-authoritative answer: Name:?? www.google.com Address: 216.58.209.36 Name:?? www.google.com Address: 2a00:1450:4002:802::2004 Many thanks to everyone ^_^ Andrea