Luis Peromarta
2024-Oct-19 10:28 UTC
[Samba] Best way to get the current PDC emulator master via DNS (Possible bug?)
OK, so I was thinking I should probably do some basic scripting to check pdc entries in dns as part of routine checks. To my surprise, in 2 managed installations, transferring the pdc role no longer creates the new dns entries. Has anyone seen this ? Samba 4.20.5 bookworm back ports. Regards, On Oct 19, 2024 at 08:31 +0200, Luis Peromarta <lperoma at icloud.com>, wrote:> You?re correct. That?s the record. However when the PDC emulator role is transferred to another domain controller, a new?DNS?record is generated. Samba does not remove the previous PDC emulator entry from?DNS. If DC1 held the PDC emulator role and it has been transferred to DC2, two records will exist. > > You need to manually remove the old one. > > This will tell you which dc holds the role. > samba-tool fsmo show > On 19 Oct 2024 at 02:46 +0200, contactdarin at posteo.net, wrote: > > > > Am I correct to use the _ldap._tcp.pdc._msdcs.example.com address? If > > not, is there a way to get the PDC emulator via DNS?
Rowland Penny
2024-Oct-19 10:32 UTC
[Samba] Best way to get the current PDC emulator master via DNS (Possible bug?)
On Sat, 19 Oct 2024 12:28:01 +0200 Luis Peromarta via samba <samba at lists.samba.org> wrote:> OK, so I was thinking I should probably do some basic scripting to > check pdc entries in dns as part of routine checks. To my surprise, > in 2 managed installations, transferring the pdc role no longer > creates the new dns entries. > > Has anyone seen this ? Samba 4.20.5 bookworm back ports.Transferring the PDC_Emulator FSMO role does not create the dns entry, it is created by samba_dnsupdate, which is run every 10 minutes. Rowland