Rowland Penny
2023-Aug-17 08:52 UTC
[Samba] Windows 10 clients unable to work on domain after update of windows (on client) and samba on dc
On Thu, 17 Aug 2023 10:25:39 +0200 Fabio Fantoni via samba <samba at lists.samba.org> wrote:> Hi, update after other tests: > > The samba_dnsupdate issue above was because on this dc there was > itself as first dns in /etc/resolv.conf but as not pdc anymore fails > to update dns record, after set new pdc as first dns server in > resolv.conf worked. is it correct that samba_dnsupdate works only > with pdc?No, it isn't correct, samba_dnsupdate is supposed to run on all DCs, in fact it runs every 10 minutes. Each DC is supposed to use itself as its first nameserver, by changing that to another DC, your DC is now using that DC and is probably making all changes on it, which may, or may not, replicate back.> > Another issue solved was not related to samba > > Remain the netlogon and sysvol share not accessible from windows 10 > client using the filemanager, group policy are still working anyway; > I not understand why these share are not accessible, someone know the > cause please? >Because you have problems other than the samba_dnsupdate one, it looks like you may have database problems, have you tried running 'samba-tool dbcheck' ? If all else fails, I suggest you demote this DC (provided that the other DC doesn't have any problems) and then join another one. Rowland
Fabio Fantoni
2023-Aug-17 09:15 UTC
[Samba] Windows 10 clients unable to work on domain after update of windows (on client) and samba on dc
Il 17/08/2023 10:52, Rowland Penny ha scritto:> On Thu, 17 Aug 2023 10:25:39 +0200 > Fabio Fantoni via samba <samba at lists.samba.org> wrote: > >> Hi, update after other tests: >> >> The samba_dnsupdate issue above was because on this dc there was >> itself as first dns in /etc/resolv.conf but as not pdc anymore fails >> to update dns record, after set new pdc as first dns server in >> resolv.conf worked. is it correct that samba_dnsupdate works only >> with pdc? > No, it isn't correct, samba_dnsupdate is supposed to run on all DCs, in > fact it runs every 10 minutes. > Each DC is supposed to use itself as its first nameserver, by changing > that to another DC, your DC is now using that DC and is probably making > all changes on it, which may, or may not, replicate back. > >> Another issue solved was not related to samba >> >> Remain the netlogon and sysvol share not accessible from windows 10 >> client using the filemanager, group policy are still working anyway; >> I not understand why these share are not accessible, someone know the >> cause please? >> > Because you have problems other than the samba_dnsupdate one, it looks > like you may have database problems, have you tried running > 'samba-tool dbcheck' ? > > If all else fails, I suggest you demote this DC (provided that the > other DC doesn't have any problems) and then join another one. > > Rowlandthanks for reply I already did any time before/after update, tests issue etc... these: samba-tool ntacl sysvolcheck samba-tool dbcheck --cross-ncs samba-tool drs showrepl no error on sysvol and replication dbcheck don't show errors but only minor things like this: ... NOTE: old (due to rename or delete) DN string component for lastKnownParent in object DC=@\0ADEL:c4493523-6c32-4884-b38a-316f8278dce0,CN=Deleted Objects,DC=DomainDnsZones,DC=m2r,DC=local - DC=duckdns.org,CN=MicrosoftDNS,DC=DomainDnsZones,DC=m2r,DC=local Not fixing old string component Checked 3646 objects (0 errors) that I suppose can be ignored, right? I should remove it and replace with a windows server as my employer wants but failed all attemps to add windows servers (major of tests with 2008R2 and some with 2012R2) as dc for now, seems missed to complete first replication for missing of DFS-R and I was unable to fix it also manually enabling sysvol on windows and copy content from samba dc. -- Questa email ? stata esaminata alla ricerca di virus dal software antivirus Avast. www.avast.com