similar to: several dns issues after switching fsmo roles to samba-dc

Hello Rowland, >> 3. I see the errors in the System log on the former DC (vm-dc1), like: >> The dynamic registration of the DNS record '_ldap._tcp.DomainDnsZones.domain.com. 600 IN SRV 0 100 389 vm-dc1.domain.com.' failed on the following DNS server: >> >> DNS server IP address: 172.26.1.83 >> Returned Response Code (RCODE): 0 >> Returned Status Code:

On 13/02/2020 16:28, Paul Littlefield wrote: > On 13/02/2020 15:17, Rowland penny via samba wrote: >> The various ways have already been mentioned, but are all your DCs >> listed as nameservers (NS) in the SOA's for the forward and reverse >> zones ? > > > I think so... > > > root at dc3.mydomain.com ~ $ (screen) samba-tool dns query dc3 >

On 01/06/2020 14:40, Alex via samba wrote: > 1. After connecting DNS Manager to the all DCs, I've found that the SOA record > for my domain and msdcs zones still point to the former PDC - vm-dc1. > Is that OK? Probably, all DC's are authoritative for the domain: adminuser at dc4:~$ dig soa samdom.example.com ; <<>> DiG 9.10.3-P4-Debian <<>> soa

My reverse zones have PTR records. Though I don't have NS records for all of my DC's. I guess that needs to be manually created. Also, you don't have any CNAMES or domain overrides pointing to a single DC? Perhaps Bind is pointing to another internal DNS server, and then to a public DNS? ---- Here's a way to test failover from a Windows client: You can switch logon servers

Hi. I'm running Sernet Samba 4.7 on Ubuntu 16. I noticed that when my first DC went away, I had problems. The SOA record for the domain still points at that first DC. I found, in this entry from 2014 ( https://lists.samba.org/archive/samba/2014-August/184301.html) that "Windows AD servers actually 'lie' about the SOA record, and always say that it points to themselves. So in a

Hello Kris, On 03/02/2020 07:15, Kris Lou via samba wrote: > Unless it's_not_ a global catalog. Check your SRV records again, there > should be corresponding "_gc" records (similar to "_ldap") for each DC. Checked and both DCs pass all tests:- host -t SRV _ldap._tcp.mydomain.com. host -t SRV _gc._tcp.mydomain.com. host -t SRV _kerberos._udp.mydomain.com. host -t

On 13/02/2020 13:11, Paul Littlefield wrote: > On 12/02/2020 13:08, Rowland penny via samba wrote: >> The first is that a DC must use itself as its nameserver and if >> something goes wrong e.g. Samba has fallen over, then there isn't >> much point having another nameserver, Samba isn't going to use it >> >> The second is, it will not hurt having a second

On 03/02/2020 18:49, Kris Lou via samba wrote: > > From windows: > echo %logonserver% \\DC3 > nltest /dsgetdc:<domain> DC:\\DC3 Address: \\192.168.0.218 Dom Guid: bla bla bla ... The command completed successfully. > From a *nix domain member (i.e. client, not DC): > wbinfo --getdcname=<domain> > winbind --ping-dc wbinfo --getdcname=MYDOMAIN DC3 wbinfo

What do you see/get when you run: dig NS $(hostname -d) With 2 dc's you should see 2 records. In the past this was a bug at samba joins so only 1 NS record existed. Worth to have a look at. And adding this to /etc/resolv.conf: options timeout:2 options attempts:3 options rotate Also might help. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba

Thank You Rowland. I did it like You say, killed avahi, added the record without domain suffix, but nothing changed, and the record seems no different compared to other records added with the suffix some time before. My Samba DNS record looks like this (and I see nothing special in there):   Name=, Records=3, Children=0     SOA: serial=39, refresh=900, retry=600, expire=86400, minttl=3600,

Hello Samba List, I have 2 problems with dns - seeing the child entries and a zone with an extra octet. First... I have created a /16 reverse zone as per the wiki page (https://wiki.samba.org/index.php/DNS_Administration#To_create_a_.2F24_reverse_zone)... $ samba-tool dns zonecreate dc3 130.130.in-addr.arpa $ samba-tool dns zonelist --reverse dc3 pszZoneName :

Hello List, I have successfully migrated my DCs to 4.7.6-Ubuntu However, I still have some traces of the old DCs in the DNS... $ samba-tool dns query dc3 mydomain.com @ ALL Name=, Records=8, Children=0 SOA: serial=570, refresh=900, retry=600, expire=86400, minttl=0, ns=dc3.mydomain.com. NS: samba.mydomain.com. (flags=600000f0, serial=110, ttl=900) NS: dc3.mydomain.com.

On 12/02/2020 12:54, L.P.H. van Belle via samba wrote: > > >> Hello Louis, >> >> Thanks for your reply. >> >> For that dig command I get... >> >> >> root at dc3.mydomain.com ~ $ (screen) dig NS $(hostname -d) >> >> ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> NS mydomain.com >> ;; global options: +cmd

On 06.06.2018 16:48, Rowland Penny via samba wrote: > It doesn't say that any more ;-) > > This is from my DCs > > root at dc4:~# cat /etc/resolv.conf > search samdom.example.com > nameserver 192.168.0.6 > root at dc4:~# hostname -i > 192.168.0.6 > > root at dc3:~# cat /etc/resolv.conf > search samdom.example.com > nameserver 192.168.0.7 > root at

On 6/6/2018 10:02 AM, Rowland Penny via samba wrote: > On Wed, 6 Jun 2018 15:40:48 +0200 > Ole Traupe via samba <samba at lists.samba.org> wrote: > >> >> On 06.06.2018 14:44, lingpanda101 wrote: >>>> ** SNIP ** >>>> >>>> Actually, the DCs (resolv.conf) were pointing to each other >>>> initially, and I think that was at

> > I repeat, Bind 9.12.x is unsupported at this time, just because it > worked once is no reason to use it. It may have nothing to do with your > problem, but using a supported Bind version will rule it out. Ok. :) I'll reinstall using supported version 9.11.3-2 OK, your server, but I think you should be aware that I have been using > Bind9 with Samba since December 2012

Guys, what i noticed. Look at this. Refused- 1/3/0 (Class 254) ( /24 ) Paully used /16 update 1/3/1 (Class 254) CNAME V-RDS02.mydomain.com CNAME ? And, if he uses in his example samba-tool dns add dc3 mydomain.com V-RDS02 A 130.130.0.252 A record was used. Is resolv.conf checked and it is sure in pointing to the correct DNS of the AD first? addresses: -

Hi all, i've got initial setup on DC1 (4.0.1)... all working good and flawless Added additional geographically distributed controllers (DC2, DC3, DC4,DC5) with 4.0.5 - no problem. All PC's can connect to their own site/DC Transferred all FSMO's to DC2 - transferred successfully (with seize "error" bug) DC1 crashed badly.... during maintenance, SAMBA was

Hello, dc3 = principal DC dc4 = secondary DC I had this problem last month after updating samba to version 4.10.x. and also the schema from 45 to 69. But it looked like it had been corrected. Today I noticed that on dc4 there are computers that are not on dc3. I updated: 4.7.x to 4.8.x 4.8.x to 4.9.x and only after that I upgrade to 4.10.x version. When I run these commands: samba-tool

About a week and half ago I upgraded from 4.0.12 to 4.9.6. Overall, things are functioning. However, I have come across several strange behaviors and wandered if anyone else has noticed similar behavior on 4.9.6 or has any suggestions of what might be occurring. As background information, I have 3 DCs (dc3, dc4 and dc5) -- all running the same version (4.9.6) and all have the same configuration;