samba - May 2024 - named wont start

On 5/1/24 17:32, Peter Carlson via samba wrote:
>
>>>>> In an ideal world, the Samba dns server (be it the internal
or
>>>>> Bind9) should just be responsible for the AD domain and
forward
>>>>> anything unknown to another dns server (which is how dns
servers
>>>>> generally work).
>
> ok, so I spun up another server and split dns out. I ran:
>
> ?? systemctl stop named
>
> ?? systemctl disable named
>
> ?? samba_upgradedns --dns-backend=SAMBA_INTERNAL
>
> ?? systemctl restart samba-ad-dc.service
>
> nothing responds on port 53 for dns :(
>
> Peter
oops I forgot to add "dns" to server services in smb.conf

On 5/1/24 17:51, Peter Carlson via samba wrote:
>
> On 5/1/24 17:32, Peter Carlson via samba wrote:
>>
>>>>>> In an ideal world, the Samba dns server (be it the
internal or
>>>>>> Bind9) should just be responsible for the AD domain and
forward
>>>>>> anything unknown to another dns server (which is how
dns servers
>>>>>> generally work).
>>
>> ok, so I spun up another server and split dns out. I ran:
>>
>> ?? systemctl stop named
>>
>> ?? systemctl disable named
>>
>> ?? samba_upgradedns --dns-backend=SAMBA_INTERNAL
>>
>> ?? systemctl restart samba-ad-dc.service
>>
>> nothing responds on port 53 for dns :(
>>
>> Peter
>
> oops I forgot to add "dns" to server services in smb.conf
ok, but I am not getting resolution of the default records

root at nc1:/etc/samba# host -t SRV _ldap._tcp.san***ent.local.
Host _ldap._tcp.san***ent.local. not found: 3(NXDOMAIN)
root at nc1:/etc/samba# host -t SRV _ldap._tcp.san***ent.local
Host _ldap._tcp.san***ent.local not found: 3(NXDOMAIN)

root at nc1:/etc/samba# samba-tool dns zonelist 127.0.0.1 -U peter
 ? 2 zone(s) found

 ? pszZoneName???????????????? : san***ent.local
 ? Flags?????????????????????? : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
 ? ZoneType??????????????????? : DNS_ZONE_TYPE_PRIMARY
 ? Version???????????????????? : 50
 ? dwDpFlags?????????????????? : DNS_DP_AUTOCREATED 
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
 ? pszDpFqdn?????????????????? : DomainDnsZones.san***ent.local

 ? pszZoneName???????????????? : _msdcs.san***ent.local
 ? Flags?????????????????????? : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
 ? ZoneType??????????????????? : DNS_ZONE_TYPE_PRIMARY
 ? Version???????????????????? : 50
 ? dwDpFlags?????????????????? : DNS_DP_AUTOCREATED 
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
 ? pszDpFqdn?????????????????? : ForestDnsZones.san***ent.local

root at nc1:/etc/samba# samba-tool dns zoneinfo 127.0.0.1 san***ent.local 
-U peter
 ? pszZoneName???????????????? : san***ent.local
 ? dwZoneType????????????????? : DNS_ZONE_TYPE_PRIMARY
 ? fReverse??????????????????? : FALSE
 ? fAllowUpdate??????????????? : DNS_ZONE_UPDATE_SECURE
 ? fPaused???????????????????? : FALSE
 ? fShutdown?????????????????? : FALSE
 ? fAutoCreated??????????????? : FALSE
 ? fUseDatabase??????????????? : TRUE
 ? pszDataFile???????????????? : None
 ? aipMasters????????????????? : []
 ? fSecureSecondaries????????? : DNS_ZONE_SECSECURE_NO_XFER
 ? fNotifyLevel??????????????? : DNS_ZONE_NOTIFY_LIST_ONLY
 ? aipSecondaries????????????? : []
 ? aipNotify?????????????????? : []
 ? fUseWins??????????????????? : FALSE
 ? fUseNbstat????????????????? : FALSE
 ? fAging????????????????????? : FALSE
 ? dwNoRefreshInterval???????? : 168
 ? dwRefreshInterval?????????? : 168
 ? dwAvailForScavengeTime????? : 0
 ? aipScavengeServers????????? : []
 ? dwRpcStructureVersion?????? : 0x2
 ? dwForwarderTimeout????????? : 0
 ? fForwarderSlave???????????? : 0
 ? aipLocalMasters???????????? : []
 ? dwDpFlags?????????????????? : DNS_DP_AUTOCREATED 
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
 ? pszDpFqdn?????????????????? : DomainDnsZones.san***ent.local
 ? pwszZoneDn????????????????? : 
DC=san***ent.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=san***ent,DC=local
 ? dwLastSuccessfulSoaCheck??? : 0
 ? dwLastSuccessfulXfr???????? : 0
 ? fQueuedForBackgroundLoad??? : FALSE
 ? fBackgroundLoadInProgress?? : FALSE
 ? fReadOnlyZone?????????????? : FALSE
 ? dwLastXfrAttempt??????????? : 0
 ? dwLastXfrResult???????????? : 0
root at nc1:/etc/samba#

root at nc1:/etc/samba# cat /etc/resolv.conf
# Samba server IP address
nameserver 192.168.10.11

# fallback resolver
nameserver 8.8.8.8

# main domain for Samba
search san***ent.local

root at nc1:/etc/samba# cat smb.conf
# Global parameters
[global]
 ?? ?netbios name = NC1
 ?? ?realm = SAN***ENT.LOCAL
 ?? ?server role = active directory domain controller
 ?? ?server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbindd, ntp_signd, kcc, dns, dnsupdate
 ?? ?workgroup = SDCP
 ?? ?idmap_ldb:use rfc2307 = yes
 ?? ?ldap server require strong auth = no

 ?? ?tls enabled? = yes
 ?? ?tls keyfile? = tls/myKey.pem
 ?? ?tls certfile = tls/myCert.pem
#??? tls cafile?? = tls/myIntermediate .pem? # if not required, set empty

[sysvol]
 ?? ?path = /var/lib/samba/sysvol
 ?? ?read only = No

[netlogon]
 ?? ?path = /var/lib/samba/sysvol/san***ent.local/scripts
 ?? ?read only = No