On 6/3/22 10:54, L. van Belle via samba wrote:> Well, that bind isnt starting when you remove the flat file zone. > that "is" correct. I tell you why that is.. > > what is also to be observced that, you need to replace the entries from > flatfile to bind_DLZ. > so, why bind_dlz doesn't start, its trying to load a "non-existing" zone. > > The fix is, threat this as a new install. > so, remove smb.conf, stop and provision samba. > > My thoughts where right here. > starting samba without a "provisioned" zone in bind_dlz. > > now, after you have provisioned this server, repeat on the others. > re-read : > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Dom > ain_Controller > > if you need extra servers with dns services. *( Not samba-ad-dc's, because > ad-dc's you just join in the domain. ) Just set a forwarding zone to the > AD-DC's or slave zones on these other servers. > > I hope this helps you. > > Greetz, > > Louis > > >> -----Oorspronkelijk bericht----- >> Van: samba <samba-bounces at lists.samba.org> Namens Zombie Ryushu via >> samba >> Verzonden: vrijdag 3 juni 2022 16:19 >> Aan: Rowland Penny via samba <samba at lists.samba.org> >> Onderwerp: [Samba] Bind Questions I know you are going to ask: >> >> Okay, so I know you will have some questions abound Bind. Let me >> answer a few of them for you. >> >> I did re-enable a Flat File Zone just so Bind would start. I also have >> a commented out AD Zone that crashes Bind. >> >> I did generate a DNS Keytab with samba-tool export keytab. >> >> Bind won't start if I use the AD Dynamic zone. >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >I don't have the Resources to setup another constantly running system. I CAN NOT have two continuously running hardware DNS Servers. I don't have enough electrical power for that. I can have spares that I can power up occasionally as backups that are offline most of the time. I also do not want to create some convoluted Virtualization scheme to drain my resources. This is the entire reason I did not want to hand DNS over to Samba. Additionally I have a bunch of existing users. I will NOT Rip my Domain to shreds over this.
On Fri, 2022-06-03 at 11:02 -0400, Zombie Ryushu via samba wrote:> > > > > I don't have the Resources to setup another constantly running > system. I > CAN NOT have two continuously running hardware DNS Servers. I don't > have > enough electrical power for that. I can have spares that I can power > up > occasionally as backups that are offline most of the time.I suggest you destroy your 'spares', they will be too far out of date when you come to use them. I suggest when you fix your AD domain, you back it up with samba-tool regularly.> > I also do not want to create some convoluted Virtualization scheme > to > drain my resources. This is the entire reason I did not want to hand > DNS > over to Samba.Big problem there, a Samba AD DC must be authoritative for the AD dns domain. Whilst you can use another dns server for your clients, this dns server must be set up to forward ALL AD domain dns requestts to the AD DC. Anything else will lead to problems.> > Additionally I have a bunch of existing users. I will NOT Rip my > Domain > to shreds over this.Don't blame you, but you are going to have to do something, you appear to be going around in circles. Rowland
Op 03-06-2022 om 17:02 schreef Zombie Ryushu via samba:> On 6/3/22 10:54, L. van Belle via samba wrote: >> Well, that bind isnt starting when you remove the flat file zone. >> that "is" correct. I tell you why that is.. >> >> what is also to be observced that, you need to replace the entries from >> flatfile to bind_DLZ. >> so, why bind_dlz doesn't start, its trying to load a "non-existing" >> zone. >> >> The fix is, threat this as a new install. >> so, remove smb.conf, stop and provision samba. >> >> My thoughts where right here. >> starting samba without a "provisioned" zone in bind_dlz. >> >> now, after you have provisioned this server, repeat on the others. >> re-read : >> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Dom >> >> ain_Controller >> >> if you need extra servers with dns services.? *( Not samba-ad-dc's, >> because >> ad-dc's you just join in the domain. ) Just set a forwarding zone to the >> AD-DC's or slave zones on these other servers. >> >> I hope this helps you. >> >> Greetz, >> >> Louis >> >> >>> -----Oorspronkelijk bericht----- >>> Van: samba <samba-bounces at lists.samba.org> Namens Zombie Ryushu via >>> samba >>> Verzonden: vrijdag 3 juni 2022 16:19 >>> Aan: Rowland Penny via samba <samba at lists.samba.org> >>> Onderwerp: [Samba] Bind Questions I know you are going to ask: >>> >>> Okay, so I know you will have some questions abound Bind. Let me >>> answer a few of them for you. >>> >>> I did re-enable a Flat File Zone just so Bind would start. I also have >>> a commented out AD Zone that crashes Bind. >>> >>> I did generate a DNS Keytab with samba-tool export keytab. >>> >>> Bind won't start if I use the AD Dynamic zone. >>> >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions:? https://lists.samba.org/mailman/options/samba >> > I don't have the Resources to setup another constantly running system. > I CAN NOT have two continuously running hardware DNS Servers. I don't > have enough electrical power for that. I can have spares that I can > power up occasionally as backups that are offline most of the time. > > I also do not want to create some convoluted Virtualization scheme to > drain my resources. This is the entire reason I did not want to hand > DNS over to Samba. > > Additionally I have a bunch of existing users. I will NOT Rip my > Domain to shreds over this. > >Fire up some privileged lxc containers and you can achieve this without extra hardware. Samba AD-DC and Samba Fileserver will run fine in a privileged lxc containers.