similar to: samba 4.2.7 strange DNS things.

Hai marco, Well, this is a hard one to answer for me. I'll give it a try. ;-) > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Marco Gaiarin via samba > Verzonden: vrijdag 2 augustus 2019 15:28 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] winbind seems to hang when the DC goes > down instead of switching

Hai, ? I just installed a clean sernet samba 4.2.1 with just 2 dc's, used my scripts, all went ok, but when i check the logs. Im see-ing the following..?? ( with every start of restart ) ? [2015/04/22 13:50:40.622537,? 0] ../source4/smbd/server.c:370(binary_smbd_main) ? samba version 4.2.1-SerNet-Debian-7.wheezy started. ? Copyright Andrew Tridgell and the Samba Team 1992-2014 [2015/04/22

Hai, well, Close.. I see multiple errors which makes that DNS setup isnt working. We have multiple ways to setup networking these days, which also makes things more confusing.. - old style. /etc/network/interfaces - netplan /etc/netplan/00-installer-config.yaml - systemd /etc/systemd/network/lan-devX.network > > > probably isn't, if netplan is being used :-) > >

Ok, I updated resolv.conf as you said. Then I restarted the network service on this member server and afterwords suspended the 1st DC. Now, kinit gives me again: "Cannot contact any KDC for realm 'BPN.TU-BERLIN.DE' while getting initial credentials" Ole Am 05.01.2016 um 13:41 schrieb L.P.H. van Belle: > For the member servers, to reduce timeouts etc when one DC is down.

Hi all, Firs I apologize I did not manage to find time to reply earlier. The initial issue was about how Samba AD react when one DC is out and more specifically about what happen when FSMO ower is unreachable (poweroff in Ole tests). This issue is solved using a correct AD Sites configuration. Here I kept 3 DCs in my domain. Sites: I set up a second site named "authentication" and

For the member servers, to reduce timeouts etc when one DC is down. Change your resolv.conf to : domain internal.domain.tld search internal.domain.tld nameserver IP_DC1 nameserver IP_DC2 options timeout:2 options attempts:2 options rotate options edns0 see man resolv.conf for the options explained. Ow.. and .. domain and search are NOT exclusive anymore in Debian Jessie and up. At least,

Yes, it does for me, too. What is an mx record? Am 07.01.2016 um 09:45 schrieb L.P.H. van Belle: > Hai Ole, > > What does this give you as output? > host bpn.tu-berlin.de > > I assum you dnsdomain name is the same as your REALM_NAME ? > > For me it show the 2 ipadresses of my DC's. > And my MX record. > > Greetz, > > Louis > >>

And for Ole, the OP, to solve its own failover issue: As there is 2 physical sites and only 2 DC. Let's say Site1 is 10.1.0.0/16 Site2 is 10.2.0.0/16 I would create 2 additional AD Sites : Site1 + Site2 To AD site "Site1" I would associate 10.1.0.0/16 and associate also DC1 To AD site "Site2" I would associate 10.2.0.0/16 and associate also DC2 To Default-First-Site-Name no

Hai Marco, Yes, best is to use the "localhost" dns setup as caching/forwarder only. All you need is for the forwarding is : zone "your.dnsdomain.tld" { type forward; forwarders { IP_DC1; IP_DC2; }; }; zone "168.192.in-addr.arpa" { type forward; forwarders { IP_DC1; IP_DC2; }; }; If you think its still to slow, remove > options attempts:2

Hi all, Wish you a happy new year altogether! Mathias, James, let me first say that I highly appreciate your help with all your testing and writing up your thoughts. Here are my responses: A. I have no different sites, no various subnets; so I don't really know what to do. B. I don't understand the purpose of setting my domain up with different sites with associated networks, if on

Hai Ole, What does this give you as output? host bpn.tu-berlin.de I assum you dnsdomain name is the same as your REALM_NAME ? For me it show the 2 ipadresses of my DC's. And my MX record. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens James > Verzonden: woensdag 6 januari 2016 19:10 > Aan: samba at

On 1/4/2016 12:23 PM, Ole Traupe wrote: > Hi all, > > Wish you a happy new year altogether! > > Mathias, James, let me first say that I highly appreciate your help > with all your testing and writing up your thoughts. > > Here are my responses: > > A. I have no different sites, no various subnets; so I don't really > know what to do. > > B. I don't

Hai, Have you ever tried this with a systemd networking setup. I suggest you try this, this at least helped me with some split dns issues. Below shows how i did it. Configure you network with system, the configs.. #/etc/systemd/network/lan-dev.network # # Configure global settings in /etc/systemd/*.conf # # Dont forget : rm /etc/resolv.conf && ln -s /run/systemd/resolve/resolv.conf

Hi James, First thanks for you detailed answer and the tests you did to be able to write this. Before reading your mail I was believing MS Windows keeps only one credentials, those for last connected account. This is why I did not pushed too far authentication process. Tomorrow I'm back to work and I'll redo this test, using some others users to test than some I have already used to

Using ldbsearch we can find needed informations if we know AD Sites names list. Sites informations are stored in CN=CONFIGURATION,DC=SAMBA,DC=DOMAIN,DC=TLD. Here there is a CN=Sites which seems to contains Sites informations. Next using a search with -b 'CN=<site-name>,CN=Sites,CN=CONFIGURATION,DC=SAMBA,DC=DOMAIN,DC=TLD' we can list object related to <site-name>. And we

Once both DC were rebooted, after the MS Windows was also rebooted (here I could have just wait I think) this MS Windows client is connecting on DC from its AD Site again. 2015-12-23 16:51 GMT+01:00 mathias dufresne <infractory at gmail.com>: > Hi all, > > Firs I apologize I did not manage to find time to reply earlier. > > The initial issue was about how Samba AD react when

>> There is no link between SOA and NS except they share the zone.... Really... ? i dont agree.. SOA specifies the DNS server providing authoritative information about a domain, so looks to me its direcly related to NameServers. SOA contains the primary (NS) server of the domain. Looks to me its related... Below it nice explained how DNS works. That a SOA not (always) related is

Yes, thats exacly what ole must test. And optionaly the result of : dig A internal.domain.tld @IP_DC1 dig A internal.domain.tld @IP_DC2 Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland penny > Verzonden: donderdag 7 januari 2016 10:20 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Authentication

Hello, I have dns zone domain.com configured on nsd server. If a try #dig axfr @localhost domain.com then i receive correct answer, but if i try #dig a @localhost domain.com then i received nothing but should be 127.0.0.1 How can i troubleshoot this problem? output: [root at ns1 ~]# dig axfr @localhost domain.com ; <<>> DiG 9.8.3-P1-RedHat-9.8.3-2.P1.fc15 <<>> axfr

On 12/23/2015 12:39 PM, mathias dufresne wrote: > And for Ole, the OP, to solve its own failover issue: > As there is 2 physical sites and only 2 DC. > Let's say > Site1 is 10.1.0.0/16 > Site2 is 10.2.0.0/16 > I would create 2 additional AD Sites : Site1 + Site2 > To AD site "Site1" I would associate 10.1.0.0/16 and associate also DC1 > To AD site