similar to: AD, multiple DC, some DC without DNS at all

Hi all, Thank you Mark for these precisions. I did switch a DC to --dns-backend=NONE using samba-tool domain join. This removed dns-<DCname> user for this DC and associated keytab. We changed /etc/resolv.conf to use another DC - one with Bind running - as nameserver. Stopping there, running samba_dnsupdate gave error "NOTAUTH". As we want our DC being able to push into DNS

I do : ) 2016-03-03 10:52 GMT+01:00 Rowland penny <rpenny at samba.org>: > On 03/03/16 09:31, mathias dufresne wrote: > >> Hi all, >> >> Thank you Mark for these precisions. >> >> I did switch a DC to --dns-backend=NONE using samba-tool domain join. This >> removed dns-<DCname> user for this DC and associated keytab. >> >> We

Hi all, I would like to be able to rely on samba given tools to manage my DNS entries but until now, I failed. >From what I have understood there is one and only one tool responsible to update DNS: samba_dnsupdate. Is that previous affirmation true? I had issue with DNS backend set to internal DNS server: samba_dnsupdate was almost never working. So I switched to Bind-DLZ as advised here

On 03/03/16 09:31, mathias dufresne wrote: > Hi all, > > Thank you Mark for these precisions. > > I did switch a DC to --dns-backend=NONE using samba-tool domain join. This > removed dns-<DCname> user for this DC and associated keytab. > > We changed /etc/resolv.conf to use another DC - one with Bind running - as > nameserver. > > Stopping there, running

On 1/2/2018 1:51 PM, Rowland Penny wrote: > On Tue, 2 Jan 2018 13:38:52 -0500 > lingpanda101 via samba <samba at lists.samba.org> wrote: > > >> A few other observations while attempting to switch. >> >> * I do not have a dns.keytab file. Should I or is created after >> attempting to switch? > See my earlier post about samba_dnsupgrade. >

Hello Mathias, Am 01.03.2016 um 11:59 schrieb mathias dufresne: > I thought there was an option for samba_dnsupgrade command to tell "remove > all DNS service from current DC" but I don't find it anymore. I think there's no such option (yet), but would be worth a feature request. :-) > This question is because we are about to deploy an AD with 20 or more DC >

Hey, Thank you Louis for this script, I didn't yet took time to dig in but I'll do. I didn't took time neither to perform another test. That should be done today. Anyway I waited for DC synchronisation before posting. I joined my DC and removed the old ones almost at same time then I gave more than 12 hours to my DC to synchronize. Then I tried to understand what happened, I wrote

Using your log parameters, the shutting down message is not showed, but when I reload rndc a get the same effect. Everything is working fine until bond9_dlz needs to reload (and no restart) rndc. When this happens, I need to restart bind and everything works fine again. I'm starting named with named -d 3 -u named and using /var/log/messages. See log using your parameters: # rndc reload

Hello List, I am trying to compile and install Samba 4 using the wiki guide on Centos 6.2. I am currently using the current source from git. It seems that the zone file used for Bind is not configured and not installed in the private directory. Is there any way to get this file generated so I can finish my install? Thank you for your time and have a great day!! Kind regards, Jeremy

On 1/2/2018 2:23 PM, Rowland Penny wrote: > On Tue, 2 Jan 2018 14:15:11 -0500 > lingpanda101 <lingpanda101 at gmail.com> wrote: > >> On 1/2/2018 1:51 PM, Rowland Penny wrote: >>> On Tue, 2 Jan 2018 13:38:52 -0500 >>> lingpanda101 via samba <samba at lists.samba.org> wrote: >>> >>> >>>> A few other observations while

On 3/1/2016 5:59 AM, mathias dufresne wrote: > Hi all, > > How to configure Samba to remove DNS service from DC? > > I thought there was an option for samba_dnsupgrade command to tell "remove > all DNS service from current DC" but I don't find it anymore. > > This question is because we are about to deploy an AD with 20 or more DC > and there is no need

Thx mathias for your reply First, yes im using internal DNS, i just try to add new dns from other dc but it doesnt work, i think the (maybe) corrupted dns data already sync to other dc And i still run my samba4 installation, because sofar the only problem is, i cant add new dns record In other case i found up one of my team just re install 2 samba4 server in site office with different AD

Mathias, Thanks for your reply. Please, try to start your bind with some debug level and run commando "rndc reload" and see the end of the log. I saw samba source code and found the destroy dns function in dlz_bind9.c and called by turture blz_bind9.c. When dlz_bind9.c is shutting down, I get this error when I try to update dns. update failed: NOTAUTH Failed nsupdate: 2

On 1/2/2018 12:25 PM, Rowland Penny wrote: > On Tue, 2 Jan 2018 12:09:33 -0500 > lingpanda101 via samba <samba at lists.samba.org> wrote: > >> Hello, >> >>     Installing bind9 on my Ubuntu 14.04 via. apt-get displays the >> following options. >> >>  #named -V >> BIND 9.9.5-3ubuntu0.16-Ubuntu (Extended Support Version) >>

Hi all, I posted on both mailing as this seems to be (to me) an internal issue. As the 4.3.1 went out I decided to switch my DC from 4.3.0 to this new version. The process was to install Samba 4.3.1 on new systems, joining these Samba as DC, seizing FSMO roles, demote all 4.3.0. The few I tested until now is working except for DNS entries: samba_dnsupdate is not working as it tries to update

Dear Samba experts, Since a couple of days I am trying to fix my domain. I have each two ADDCs on raspis on two sites. One is running on Raspian and works fine. The other three are on Gentoo and something is broken there. When I point the name resolution in resolv.conf to the Raspian machine the dynamic updates are just working fine: # horus /srv/samba/demoshare # samba_dnsupdate --verbose

2016-04-04 14:20 GMT+02:00 Rowland penny <rpenny at samba.org>: > On 04/04/16 10:23, mathias dufresne wrote: > >> SOA means "this DNS se'rver can modify the zone". >> > > No it doesn't, it stands for 'Start Of Authority' and contains who to > contact for the domain records. > Rowland... thank you again Captain Obvious. Yes SOA means

Dear list, we use debian stretch with Louis's 4.10.5 packages and bind9_dlz backend. There are two AD DCs with redundant ISC DHCP servers on them. The DHCP servers are updating the DNS along the lines of https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_with_BIND9 but with nsupdate commands replaced by suitable calls to "samba-tool" (I had problems getting the

You do what you want! The point is the clients must resolve everything. You have two options: A - client resolver is non-DC DNS server: here the non-DC DNS server must be configured to forward DNS requests about AD to AD DNS servers (to DCs) B - client resolver is AD DNS server: here AD DNS server(s) used as resolver(s) must be configured to forward any non-AD DNS request to non-DC DNS server.

Hi guys, I'm facing a problems with samba4 + bind9_dlz that consuming my time for several days. Everything is working fine until samba4 need to update dns when I'm work with more than one DC server. When samba (or bind) need to reload all zones, the module bind9_dlz is shutting down and then all my environment stops and I need to restart the bind to up again. See my log: ... Jan