Hello Louis,
$host tristsnpa43.ad2.domain.eu
tristsnpa43.ad2.domain.eu has address 10.10.20.43
$dig tristsnpa43.ad2.domain.eu +short
10.10.20.43
$host 10.10.20.43
43.20.10.10.in-addr.arpa domain name pointer tristsnpa43.ad2.domain.eu.
$dig -x 10.10.20.43 +short
tristsnpa43.ad2.domain.eu.
$resolvectl
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Link 2 (vlan10)
Current Scopes: DNS
Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=yes/supported
Current DNS Server: 10.10.10.9
DNS Servers: 10.10.10.9
DNS Domain: ~inf.domain.eu
Link 3 (vlan20)
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=yes/supported
Current DNS Server: 127.0.0.1
DNS Servers: 127.0.0.1
DNS Domain: ad2.domain.eu ~.
For named, I have
systemctl edit named.service<<EOF
[Service]
ExecReloadExecReload=/usr/bin/systemctl restart named.service
ExecStartPost=/bin/sleep 10
[Unit]
AfterAfter=network.target network-online.target
EOF
}
For samba-ad-dc, I have
systemctl edit samba-ad-dc.service<<EOF
[Unit]
AfterAfter=network.target network-online.target named.service
EOF
}
Also as I previously mentioned:
Problem appears
1) on first start after boot
2) if systemctl restart samba-ad-dc (which rules out a problem with named since
it is not restarted)
3) after the refresh period of 90mn +-30mn
Problem is NOT exhibited when
ssh to dc as root, run samba-gpupdate --force, -X, --rsop
I can sent a d10 log of working and not working examples, however, I could not
find a way to get similar looking logs
samba-gpupdate --force -d10
cat /var/log/samba/log.winbindd will give a very detailed log.
I tried to add in smb.conf gpo update command=/usr/sbin/samba-gpupdate -d10 but
the log does not look the same.
Anyway, here are the logs attached.
Have a great day,
Eric
------- Original Message -------
On Friday, June 24th, 2022 at 10:29 AM, L. van Belle via samba <samba at
lists.samba.org> wrote:
> Just wondering here.
>
> Dit you check you A/PTR records of that new joined server.
> and, did you configure the start order of the services, especially if you
> use bind_DLZ
>
>
> In that case.
> systemctl edit bind9
> add:
>
> [Service]
> # Disable reloading completely.
> ExecReload> # Or set it to restart, above line is needed also,
> # so if needed only enable one below here.
> #ExecReload=/usr/sbin/rndc restart
>
>
> systemctl edit samba-ad-dc
>
> add :
> [Unit]
> After=network.target network-online.target bind9.service named.service
>
> # These below might not be needed anymore.
> [Service]
> NotifyAccess=all
>
>
> systemctl daemon-reload
> systemctl stop samba-ad-dc bind9
> systemctl start samba-ad-dc bind9
>
> check logs, reboot, let us know the result.
>
> Greetz,
>
> Louis
>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: working.txt
URL:
<http://lists.samba.org/pipermail/samba/attachments/20220624/078b2f0f/working.txt>