Patrick Goetz
2021-Nov-04 16:00 UTC
[Samba] Using samba-tool to join a linux file server to the domain doesn't appear to work
On 11/4/21 10:49, cn--- via samba wrote:> Am 04.11.21 um 16:43 schrieb Patrick Goetz via samba: >> While you're looking at this, would it be possible to add code to add >> a PTR record as well as the A record?? This would match the behavior >> for Windows AD controllers. > > The default on Windows does not create the PTR. Usually you have to set > up a GPO that the clients update their PTR. >I have no idea, but I checked with one of my colleagues who is a Windows guru/domain admin, and he insisted that both an A and PTR record are created for the domain member when you join the (Windows server) domain. The caveat to this is the AD domain at my university is an unbelievable mess that they've tinkered with for over a decade. Imagine a book written by 100 monkeys, each with their own typewriter with pages assembled by an inebriated octopus, and you won't be too far off.> I would also like this to happen automatically but by default the > reverse zone is not created in a Samba AD. I don't know about Windows > there but I doubt it done there. > > Regards > > Christian >
Rowland Penny
2021-Nov-04 16:09 UTC
[Samba] Using samba-tool to join a linux file server to the domain doesn't appear to work
On Thu, 2021-11-04 at 11:00 -0500, Patrick Goetz via samba wrote:> > On 11/4/21 10:49, cn--- via samba wrote: > > Am 04.11.21 um 16:43 schrieb Patrick Goetz via samba: > > > While you're looking at this, would it be possible to add code to > > > add > > > a PTR record as well as the A record? This would match the > > > behavior > > > for Windows AD controllers. > > > > The default on Windows does not create the PTR. Usually you have to > > set > > up a GPO that the clients update their PTR. > > > > I have no idea, but I checked with one of my colleagues who is a > Windows > guru/domain admin, and he insisted that both an A and PTR record are > created for the domain member when you join the (Windows server) > domain.He has probably inherited a domain that has a GPO set to do this (or something similar), Windows does not, out of the box, create reverse records.> > The caveat to this is the AD domain at my university is an > unbelievable > mess that they've tinkered with for over a decade.You just described all places of learning, they all appear to be a mess, probably because all teachers think they know everything and usually know nothing.> Imagine a book > written by 100 monkeys, each with their own typewriter with pages > assembled by an inebriated octopus, and you won't be too far off.Sounds about right.> > > I would also like this to happen automatically but by default the > > reverse zone is not created in a Samba AD. I don't know about > > Windows > > there but I doubt it done there.Windows will work without a reverse zone, so it isn't created by default, but as they have found out, everything else that Windows works with will not. Rowland