similar to: AD DLZ backend - 'proper' way of doing it

Greetings Rowland. Are you able to provide sample config about this? I'm not sure how exactly to resolve single zone with BIND and forward everything else to the next dns server. Thank you for the help On Fri, Jun 28, 2019 at 11:55 AM Rowland penny via samba < samba at lists.samba.org> wrote: > On 28/06/2019 09:46, Zdravko Zdravkov via samba wrote: > > Hey all. > >

Just a wild guess, but I and others have been having problems with samba_dlz, because of named "reload." Try to see if systemctl reload named and systemctl restart named break and fix the server respectively. (if your're not using systemd, try "serivice named reload", "service named restart instead") If you have a /etc/logrotate.d/named file containing

Sure. It's actually a video, the part starts around 2:50 - https://www.youtube.com/watch?v=LSCJSVbFEfc On Mon, Jan 22, 2018 at 1:01 PM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Mon, 22 Jan 2018 12:24:00 +0000 > Zdravko Zdravkov via samba <samba at lists.samba.org> wrote: > > > Here's the problem. I've got working samba AD server.

Hi folks. I've just experienced strange behaviour with our samba ad configured with bind9 dlz and our ftp server (separate machine on the same network). In the past few days I've noticed significant drop of the download speed from the ftp server. As nothing obvious came to my mind I just rebooted our samba AD server. Afterwards the speed increased about 9 times, back to what we are used

Here's the problem. I've got working samba AD server. I've configured it to work with bind9 DLZ backend and I'm managing the DNS entries from the windows DNS manager. I've made delegated DNS record for our EMC cluster storage, according to a guide. The record points to the SmartConnect service IP of the EMC. Since last week I've noticed that my DNS queries to the storage

Hi there. Setup is Centos 7.4 with Samba 4.7.4. I In our second office I've got configured Centos 7.5 with latest samba ad + dlz, which I've set just as Andrew suggested, using separate bind9 that forwards queries to the samba AD(dlz) for the given dns zone. Unfortunately the office isn't operational yet, so I can't share any experience. Best On Fri, Dec 7, 2018 at 10:11 AM

So, so.. Server and clients are CentOS7. Server was configured using samba-tool domain provision. *smb.conf* from server [global] > netbios name = AD > realm = XXXXXX > server role = active directory domain controller > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > winbindd, ntp_signd, kcc, dnsupdate > workgroup =

On Thu, 3 May 2018 18:08:20 +0100 Zdravko Zdravkov via samba <samba at lists.samba.org> wrote: > Hi Rowland. > > As suggested I switched to winbind with rid backend, since I had free > time for tests today. This is what I've done for few min. > > smb.conf from the testing pc > > [global] > workgroup = XXXX > security = ads >

Hi everyone. Since yesterday we started experiencing very weird problem with our samba AD server and our Isilon storage. This seems to affect only the storage, as our Windows workstations are fine. Suddenly the storage lost connectivity to the AD and so it's unable to provide access to the SMB shares. I've tried rejoining without success and whatnot. Today I even created second AD dc for

Hi Rowland. Trying the suggested named.conf broke the local resolve of the storage as well (for clients in 192.168.26.0), so I reverted back to my old one since I have computers here using the storage at the moment. Would you have any other suggestions? On Fri, Jun 1, 2018 at 1:04 PM, Rowland Penny via samba < samba at lists.samba.org> wrote: > On Fri, 1 Jun 2018 12:12:43 +0100 >

Hi Denis. Since we have "tricky" people working on the Linux machines we prefer NFS because it's less hassle to mount and requires no credentials. Basically because of the users we tend to choose the easiest possible way for them to access the needed resources. I guess pam-script module mounting is exactly for this purpose, but I'll to research more since I'm not familiar

Hi all. Our setup is samba+dlz AD DC. Since last week the DNS doesn't resolve the delegated record for our storage *storage.domain.ltd* (192.168.26.xx) when being queried from clients in 192.168.29.0 which is our openvpn designated network. The OpenVPN is configured to push the DNS of our network, and also successfully resolves other hosts in the 192.168.26.0 subnet. I have no memory of

Hi guys. I've got working samba AD server. It is playing nicely with Windows 10 and also successfully authenticating Linux machines with SSSD. On the Windows machines I have our EMC storage smb mounted via group policy. Managing permissions for users and groups there, as you know, happens with right click, security etc.. As you may have already guessed the troubles come when my Linux

True that! Sorry smb.conf > [global] > netbios name = AD > realm = XXXX.CO.UK > server role = active directory domain controller > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > winbindd, ntp_signd, kcc, dnsupdate > workgroup = XXXX > idmap config XXXX:unix_nss_info = yes >

On 28/06/2019 12:15, Zdravko Zdravkov wrote: > Hi Rowland. > > I've followed your advice. This is how my named.conf looks?like at > the?moment: > > include "/usr/local/samba/bind-dns/named.conf"; > options { > ? ? listen-on port 53 { 127.0.0.1; 192.xx.xx.x; }; > ? ? auth-nxdomain yes; > ? ? directory "/var/named"; >

Fyi, I've been trying to get the devs to take notice of this problem. People keep pointing fingers. Samba says its Named/bind, bind says its the OS vendors.... See: https://bugzilla.samba.org/show_bug.cgi?id=13214 https://bugzilla.samba.org/show_bug.cgi?id=13230 Maybe I'll be forced to hack on the code myself to figure out what's really happening when a "reload" happens.

Bingo! That's it. I think I owe you a beer, mate :) On Mon, Jan 29, 2018 at 11:34 AM, Kristján Valur Jónsson via samba < samba at lists.samba.org> wrote: > Just a wild guess, but I and others have been having problems with > samba_dlz, because of named "reload." > Try to see if > systemctl reload named > and > systemctl restart named > break and fix the

Hai, Check the content of : /etc/logrotate.d/named If you see postrotate /etc/init.d/smbd reload > /dev/null endscript Change that to postrotate if [ -d /run/systemd/system ]; then; systemctl -q is-active named && systemctl reload named; else; /etc/init.d/named reload ; fi'; endscript Its something like that, so who pointing.. That does not matter, because this is OS

Hi Rowland, On Fri, Jun 28, 2019, 04:55 Rowland penny via samba <samba at lists.samba.org> wrote: > You should be doing it the other way around. Your AD clients should be > using the AD DC's as their nameservers and anything outside the AD dns > domain should be forwarded to an external DNS server. > On this wiki page [1] it says: > For high traffic environments, it is

Hai, As Andrew also told, setup a caching dns and forward the samba dns zones. This works great, i use this on 2 internet connected servers. What we (i) also want to know is your running OS and samba version. That does help us, yes, really.. ;-) A very simple to setup for a forwarding dns. Install bind9 on the ftp server. Set in the named.options. dnssec-enable yes;