search for: minimumttl

Mathias, thank you very much for your comprehensive instructions! Just one question: Harry suggested that, in order to overcome the below DNS related problems, the TTL would have to be adjusted (lowered). However, the TTL seems to be the only time value not covered by the command provided by you. Is it really the TTL that is the culprit or is it rather the first time value (something like

...esne: > No idea about your main issue, I was merely answering to your last > question about changing SOA record. > > Here is another view of that command: > samba-tool dns update <server> <zone> <name> SOA \ > 'OLDnameserver email serial refresh retry expire minimumttl' \ > 'NEWnameserver email serial refresh retry expire minimumttl' > > I'm not too confident with DNS internals so I'm not sure if the TTL > you mentioned is or isn't "expire" or "minimumttl". > > After digging a little bit it seems prev...

...esne: > No idea about your main issue, I was merely answering to your last > question about changing SOA record. > > Here is another view of that command: > samba-tool dns update <server> <zone> <name> SOA \ > 'OLDnameserver email serial refresh retry expire minimumttl' \ > 'NEWnameserver email serial refresh retry expire minimumttl' > > I'm not too confident with DNS internals so I'm not sure if the TTL > you mentioned is or isn't "expire" or "minimumttl". > > After digging a little bit it seems prev...

No idea about your main issue, I was merely answering to your last question about changing SOA record. Here is another view of that command: samba-tool dns update <server> <zone> <name> SOA \ 'OLDnameserver email serial refresh retry expire minimumttl' \ 'NEWnameserver email serial refresh retry expire minimumttl' I'm not too confident with DNS internals so I'm not sure if the TTL you mentioned is or isn't "expire" or "minimumttl". After digging a little bit it seems previous line is completely wrong...

...about your main issue, I was merely answering to your last >> question about changing SOA record. >> >> Here is another view of that command: >> samba-tool dns update <server> <zone> <name> SOA \ 'OLDnameserver >> email serial refresh retry expire minimumttl' \ 'NEWnameserver email >> serial refresh retry expire minimumttl' >> >> I'm not too confident with DNS internals so I'm not sure if the TTL >> you mentioned is or isn't "expire" or "minimumttl". >> >> After digging a l...

...: > > No idea about your main issue, I was merely answering to your last > question about changing SOA record. > > Here is another view of that command: > samba-tool dns update <server> <zone> <name> SOA \ > 'OLDnameserver email serial refresh retry expire minimumttl' \ > 'NEWnameserver email serial refresh retry expire minimumttl' > > I'm not too confident with DNS internals so I'm not sure if the TTL you > mentioned is or isn't "expire" or "minimumttl". > > After digging a little bit it seems previ...

...sne: > No idea about your main issue, I was merely answering to your last > question about changing SOA record. > > Here is another view of that command: > samba-tool dns update <server> <zone> <name> SOA \ 'OLDnameserver > email serial refresh retry expire minimumttl' \ 'NEWnameserver email > serial refresh retry expire minimumttl' > > I'm not too confident with DNS internals so I'm not sure if the TTL > you mentioned is or isn't "expire" or "minimumttl". > > After digging a little bit it seems pre...

...msdcs, Records=0, Children=0 Name=_sites, Records=0, Children=1 Name=_tcp, Records=0, Children=4 Name=_udp, Records=0, Children=2 Name=DomainDnsZones, Records=0, Children=2 Name=ForestDnsZones, Records=0, Children=2 Name=m700, Records=0, Children=0 This shows us TTL is in fact equal to minimumttl inside AD DB. According to http://stackoverflow.com/questions/20297531/meaning-of-the-five-fields-of-the-answer-section-in-dig-query the second member of dig's answer section is TTL. dig -t soa samba.domain.tld ... samba.domain.tld. *3593* IN SOA m700.samba.domain.tld. hostmaster.sam...

...out your main issue, I was merely answering to your last >> question about changing SOA record. >> >> Here is another view of that command: >> samba-tool dns update <server> <zone> <name> SOA \ 'OLDnameserver >> email serial refresh retry expire minimumttl' \ 'NEWnameserver email >> serial refresh retry expire minimumttl' >> >> I'm not too confident with DNS internals so I'm not sure if the TTL >> you mentioned is or isn't "expire" or "minimumttl". >> >> After digging a...

...dc1.samba.company.com. dc3.samba.company.com. hostmaster.samba.company.com. 4 900 600 86400 0 -U username This can never be right? (and yes, I've tried it on my testserver, and it does not work, getting "ERROR: Data requires 7 elements - nameserver, email, serial refresh, retry, expire, minimumttl Can anyone tell me what the correct magic is? (or: should I even be updating the SOA to point to each separate DC at all?) Regards, MJ

Aaaaaaand more problems... Welcome to the continuing saga of FILER. It appears that neither SOA or NS records were updated during the process of moving fsmo roles to CBADC01. SOA entries on all three active DCs point to FILER. There aren't any NS records for any of the new DCs, only FILER. In RSAT each DNS server's properties show filer.cb.cliffbells.com is the primary server. This

...or ipaddress, or 127.0.0.1 or localhost <zone> is the forest zone, usually in the format '_msdcs.samdom.example.com' (where samdom.example.com' is your dns domain) "olddata" is what is there now and is the format: "fqdn_dns fqdn_email serial refresh retry expire minimumttl" You can obtain this with ldbsearch: ldbsearch --cross-ncs --show-binary -H /var/lib/samba/private/sam.ldb -b "CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com" '(&(objectClass=dnsNode)(name=@))' You will need to run that as root and obvious change it to...

...st >> going with it. >> >> JS >> > I should mention the syntax to update the SOA if you do not know. I did > this back in the Samba 4.0 days. Not sure if things have changed. > > samba-tool dns update SOA "fqdn_dns fqdn_email serial refresh retry expire > minimumttl" > > > > > -- > -James > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >

...nk by candle light. I'm considering just > going with it. > > JS I should mention the syntax to update the SOA if you do not know. I did this back in the Samba 4.0 days. Not sure if things have changed. samba-tool dns update SOA "fqdn_dns fqdn_email serial refresh retry expire minimumttl" -- -James

...alhost > > <zone> is the forest zone, usually in the format > '_msdcs.samdom.example.com' (where samdom.example.com' is your dns > domain) > > "olddata" is what is there now and is the format: > "fqdn_dns fqdn_email serial refresh retry expire minimumttl" > > You can obtain this with ldbsearch: > > ldbsearch --cross-ncs --show-binary -H /var/lib/samba/private/sam.ldb > -b "CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com" > '(&(objectClass=dnsNode)(name=@))' > > You will need to run...

...ver> <zone> <zone> SOA ....... The question is what to put after for <olddata> and <newdata>. olddata and newdata must be surrounded by quotes and contain 7 elements, as error shows us: ERROR: Data requires 7 elements - nameserver, email, serial, refresh, retry, expire, minimumttl In these quotes each data must be separated by spaces and no space can exist between last character used for minimumttl and the closing quote. Using data from previous query that would give, to replace dc14 with dc27: samba-tool dns update <server> <zone> <zone> SOA \ '*dc1...

...e=_sites, Records=0, Children=1 > Name=_tcp, Records=0, Children=4 > Name=_udp, Records=0, Children=2 > Name=DomainDnsZones, Records=0, Children=2 > Name=ForestDnsZones, Records=0, Children=2 > Name=m700, Records=0, Children=0 > > This shows us TTL is in fact equal to minimumttl inside AD DB. Not for me: SOA: serial=29, refresh=180, retry=600, expire=86400, minttl=180, ns=DC2.my.domain.tld., email=hostmaster.my.domain.tld. (flags=600000f0, serial=0, ttl=3600) > > According to > http://stackoverflow.com/questions/20297531/meaning-of-the-five-fields-of-the-an...

...Children=4 > Name=_udp, Records=0, Children=2 > Name=DomainDnsZones, Records=0, Children=2 > Name=ForestDnsZones, Records=0, Children=2 > Name=m700, Records=0, Children=0 > > This shows us TTL is in fact equal to minimumttl inside AD DB. > > > Not for me: > > SOA: serial=29, refresh=180, retry=600, expire=86400, > minttl=180, ns=DC2.my.domain.tld., > email=hostmaster.my.domain.tld. (flags=600000f0, serial=0, > ttl=3600) > > > > Acc...

Hey, Thank you Louis for this script, I didn't yet took time to dig in but I'll do. I didn't took time neither to perform another test. That should be done today. Anyway I waited for DC synchronisation before posting. I joined my DC and removed the old ones almost at same time then I gave more than 12 hours to my DC to synchronize. Then I tried to understand what happened, I wrote

...n=1 >> Name=_tcp, Records=0, Children=4 >> Name=_udp, Records=0, Children=2 >> Name=DomainDnsZones, Records=0, Children=2 >> Name=ForestDnsZones, Records=0, Children=2 >> Name=m700, Records=0, Children=0 >> >> This shows us TTL is in fact equal to minimumttl inside AD DB. > > Not for me: > > SOA: serial=29, refresh=180, retry=600, expire=86400, minttl=180, > ns=DC2.my.domain.tld., email=hostmaster.my.domain.tld. > (flags=600000f0, serial=0, ttl=3600) > > >> >> According to >> http://stackoverflow.com/questio...