Displaying 20 results from an estimated 8000 matches similar to: "Remove Redundant DCs internal DNS"
2018 May 31
4
Remove Redundant DCs internal DNS
On Thu, 31 May 2018 09:42:50 +0000
Paul Littlefield via samba <samba at lists.samba.org> wrote:
> On 29/05/18 12:55, Paul Littlefield via samba wrote:
> > Hello List,
> >
> > I have successfully migrated my DCs to 4.7.6-Ubuntu
> >
> > However, I still have some traces of the old DCs in the DNS...
> >
> > $ samba-tool dns query dc3 mydomain.com
2020 Feb 13
2
Failover DC did not work when Main DC failed
On 13/02/2020 13:11, Paul Littlefield wrote:
> On 12/02/2020 13:08, Rowland penny via samba wrote:
>> The first is that a DC must use itself as its nameserver and if
>> something goes wrong e.g. Samba has fallen over, then there isn't
>> much point having another nameserver, Samba isn't going to use it
>>
>> The second is, it will not hurt having a second
2018 Jun 01
3
Remove Redundant DCs internal DNS
On 31/05/18 18:44, Andrew Bartlett via samba wrote:
> So there is also an easier option in the long term. Plus we will make
> the online demote clean up the extra records.
That would be great, because I've just cleaned up about 40 entries using the Windows DNS Manager gui tool!
I also learnt a lot about adding extra NS and PTR records using this gui tool (mydomain.com and
2020 Nov 03
4
DNS /16 reverse zone issues with children and octets
Hello Samba List,
I have 2 problems with dns - seeing the child entries and a zone with an extra octet.
First...
I have created a /16 reverse zone as per the wiki page (https://wiki.samba.org/index.php/DNS_Administration#To_create_a_.2F24_reverse_zone)...
$ samba-tool dns zonecreate dc3 130.130.in-addr.arpa
$ samba-tool dns zonelist --reverse dc3
pszZoneName :
2019 Feb 09
4
Samba + BIND9 DLZ. DNS dosen't resolve FQDN, only short hostname
Thank You Rowland. I did it like You say, killed avahi, added the record
without domain suffix, but nothing changed, and the record seems no
different compared to other records added with the suffix some time before.
My Samba DNS record looks like this (and I see nothing special in there):
Name=, Records=3, Children=0
SOA: serial=39, refresh=900, retry=600, expire=86400, minttl=3600,
2020 Feb 13
2
Failover DC did not work when Main DC failed
On 13/02/2020 16:28, Paul Littlefield wrote:
> On 13/02/2020 15:17, Rowland penny via samba wrote:
>> The various ways have already been mentioned, but are all your DCs
>> listed as nameservers (NS) in the SOA's for the forward and reverse
>> zones ?
>
>
> I think so...
>
>
> root at dc3.mydomain.com ~ $ (screen) samba-tool dns query dc3
>
2018 Mar 09
2
Delete second IP address from aipServerAddrs and aipListenAddrs DC
For some reason, the provision picked up 2 network IP addresses in my VM.
Snipped output below...
root at dc1.example.com ~ $ (screen) samba-tool dns serverinfo dc1
dwVersion : 0xece0205
fBootMethod : DNS_BOOT_METHOD_DIRECTORY
fAdminConfigured : FALSE
fAllowUpdate : TRUE
fDsAvailable : TRUE
2020 Feb 12
4
Failover DC did not work when Main DC failed
What do you see/get when you run:
dig NS $(hostname -d)
With 2 dc's you should see 2 records.
In the past this was a bug at samba joins so only 1 NS record existed.
Worth to have a look at.
And adding this to /etc/resolv.conf:
options timeout:2
options attempts:3
options rotate
Also might help.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba
2018 Mar 10
3
Delete second IP address from aipServerAddrs and aipListenAddrs DC
On 09/03/18 13:30, lingpanda101 via samba wrote:
> On 3/9/2018 5:30 AM, Paul Littlefield via samba wrote:
>> For some reason, the provision picked up 2 network IP addresses in my VM.
>>
>> Snipped output below...
>>
>>
>> root at dc1.example.com ~ $ (screen) samba-tool dns serverinfo dc1
>> dwVersion : 0xece0205
>>
2024 Mar 31
1
Inconsistent SOA records from different Samba AD-DC DNS servers
Hi all,
I am experiencing strange behaviour regarding DNS resolution with my
samba-driven AD.
This is with Debian-packaged samba on raspberry Pi:
# samba -V
Version 4.19.5-Debian
# uname -a
Linux dc3.ad.mydomain.tld 6.1.0-rpi8-rpi-v8 #1 SMP PREEMPT Debian
1:6.1.73-1+rpt1 (2024-01-25) aarch64 GNU/Linux
I would expect that every DNS server of the domain would respond with
the same SOA record. But
2015 Nov 20
7
Authentication to Secondary Domain Controller initially fails when PDC is offline
On 11/20/2015 7:40 AM, Ole Traupe wrote:
>
>
> Am 20.11.2015 um 11:54 schrieb mathias dufresne:
>> Hi Ole,
>>
>> I'm still not answering your issue but I come back to speak about
>> TTL. Perhaps someone would be able to bring us some light on that.
>>
>> This morning I'm trying to reproduce the way I do broke my test AD
>> domain. This
2020 Feb 12
2
Failover DC did not work when Main DC failed
On 12/02/2020 12:54, L.P.H. van Belle via samba wrote:
>
>
>> Hello Louis,
>>
>> Thanks for your reply.
>>
>> For that dig command I get...
>>
>>
>> root at dc3.mydomain.com ~ $ (screen) dig NS $(hostname -d)
>>
>> ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> NS mydomain.com
>> ;; global options: +cmd
2020 Feb 11
3
Failover DC did not work when Main DC failed
On 03/02/2020 18:49, Kris Lou via samba wrote:
>
> From windows:
> echo %logonserver%
\\DC3
> nltest /dsgetdc:<domain>
DC:\\DC3
Address: \\192.168.0.218
Dom Guid: bla bla bla
...
The command completed successfully.
> From a *nix domain member (i.e. client, not DC):
> wbinfo --getdcname=<domain>
> winbind --ping-dc
wbinfo --getdcname=MYDOMAIN
DC3
wbinfo
2020 Jul 07
3
Can someone explain why host reports no SOA record for domain on DC?
[root at smb4-1 ~ (master)]# samba-tool dns query localhost brockley.harte-lyne.ca
brockley.harte-lyne.ca ALL -U administrator
Password for [BROCKLEY\administrator]:
Name=, Records=4, Children=0
SOA: serial=3, refresh=900, retry=600, expire=86400, minttl=3600,
ns=SMB4-1.brockley.harte-lyne.ca., email=hostmaster.brockley.harte-lyne.ca.
(flags=600000f0, serial=110, ttl=3600)
NS:
2020 Nov 17
2
can't delete recursive DNS entry
Due to a mistake I created a subdomain with the name of the domain itself.
In my case the domain is briesebaer.intern and I created the subdomain
briesebaer.intern.
Using DNS RSAT Tool I see under briesebaer.intern the subdomain intern and
then a recurrence of the whole domain.
That means: under intern there is briesebaer and all of the dns query
beneath.
The query shows the Name=intern
2020 Feb 13
3
Failover DC did not work when Main DC failed
My reverse zones have PTR records. Though I don't have NS records for all
of my DC's. I guess that needs to be manually created.
Also, you don't have any CNAMES or domain overrides pointing to a single
DC? Perhaps Bind is pointing to another internal DNS server, and then to a
public DNS?
----
Here's a way to test failover from a Windows client:
You can switch logon servers
2020 Jul 07
2
How to delete an unwanted NS record
I have this on the DC smb4-1.brockley.harte-lyne.ca:
samba-tool dns query localhost brockley.harte-lyne.ca brockley.harte-lyne.ca
ALL -U administrator
Password for [BROCKLEY\administrator]:
Name=, Records=6, Children=0
SOA: serial=7, refresh=900, retry=600, expire=86400, minttl=3600,
ns=SMB4-1.brockley.harte-lyne.ca., email=support.harte-lyne.ca.
(flags=600000f0, serial=110, ttl=3600)
2020 Jul 07
2
How to delete an unwanted NS record
On 07.07.2020 21:14, Rowland penny via samba wrote:
> On 07/07/2020 20:00, James B. Byrne via samba wrote:
>> I have this on the DC smb4-1.brockley.harte-lyne.ca:
>>
>> samba-tool dns query localhost brockley.harte-lyne.ca
>> brockley.harte-lyne.ca
>> ALL -U administrator
>> Password for [BROCKLEY\administrator]:
>> ?? Name=, Records=6, Children=0
2014 Aug 13
1
adjust SOA record
Hi,
We have outdated SOA information in our samba DNS. We used to have a
DC1, and it is no more, however it's listed in our SOA records on both
remaining DC's. I think this is not correct.
I am under the impression that in order to get full failover support,
all DC's need to have listed themselves as SOA. This is also what google
tells me:
2015 Nov 20
2
Authentication to Secondary Domain Controller initially fails when PDC is offline
Hi Ole,
I'm still not answering your issue but I come back to speak about TTL.
Perhaps someone would be able to bring us some light on that.
This morning I'm trying to reproduce the way I do broke my test AD domain.
This leads me to deal with SOA record (I broke my test AD seizing FSMO
roles before removing old FSMO owner, SOA was not changed during that
process and I suspect this was