similar to: Make new server the "master"

To get the question of why new servers, this one I'm using has hardware whose remaining life is measured in days. The elastic bands and sticky tape it is held together with won't hold for much longer. I'm using it to build and test a new environment, but then I need to migrate that onto something with a little more vitality before bringing it into production (in the next 56 hours). As

Thank you everyone for your help. I corrected my resolv.conf files as Peter Milesson suggested and then had to take a number of extra steps so now things are looking a little better. In case it helps anyone else in the future, here's what I found (plus I am now having problems resolving internal addresses). As far as I can see, the setup on both servers is identical (except they use their own

This is brand new. Created following Louis' instructions (although in my install of Ubuntu 20.04, it gets a little tricky with installing packages because it claims one or more don't exist after adding Louis' repository and doing an apt update). Totally separate network from my Zentyal installs, on a ProxMox virtual server, if that makes any difference. I know the admin password, I

On 03/09/2020 20:57, Peter Pollock wrote: > Ubuntu 20.4 and whatever Samba it installs (sorry, I'm not in front?of > the server right now). 4.11. x if I remember correctly, so okay to start with, but can I introduce to Louis Van Belle's repo: http://apt.van-belle.nl/ Once you get up and running, you can use the packages there to keep current. > > Bind 9.16 (although there

OK.. after school ended today, I poked around and found nothing so I started all over again. Followed Louis' instructions at https://github.com/thctlo/samba4/blob/master/full-howto-Ubuntu18.04-samba-AD_DC.txt all the way through but at the end, the resolver is not working - and kinit cannot find a KDC (I'm guessing because the resolver is not working!) This is the only server on the

..and also, kinit fails if I don't have 192.168.4.5 as the first nameserver in resolv.conf On Sat, Sep 5, 2020 at 10:26 AM Rowland penny via samba < samba at lists.samba.org> wrote: > On 05/09/2020 17:54, Peter Pollock via samba wrote: > > Please forgive me, I'm not sure what terminology to use here so this > > question may sound wrong. > > > > I have

Apparently I missed a step somewhere! On DC01 /etc/systemd/resolved.conf says [Resolve] #DNS= #FallbackDNS= #Domains= #LLMNR=no #MulticastDNS=no #DNSSEC=no #DNSOverTLS=no #Cache=yes #DNSStubListener=yes #ReadEtcHosts=yes On DC02 it reads [Resolve] DNS=8.8.8.8 FallbackDNS=8.8.4.4 #Domains= #LLMNR=no #MulticastDNS=no DNSSEC=no #DNSOverTLS=no #Cache=yes #DNSStubListener=yes #ReadEtcHosts=yes So

Tried the join. Failed to find a writeable DC Tried with --server and gave it the name of one of the servers. No luck Tried a different server and.... itadmin at dc2020:/run/samba$ samba-tool domain join kcs.local DC -U"KCS\domainadmin" --dns-backend=SAMBA_INTE RNAL --server "luke.kcs.local" Password for [KCS\domainadmin]: INFO 2020-08-30 00:37:08,420 pid:175166

On 05/09/2020 07:46, Peter Pollock wrote: > I FINALLY DID IT!!!!! > > After following Louis van Belle's walk-through to create a new DC, and > having problems at the end, I realized there was nothing in the walk > through about modifying?/var/lib/samba/bind-dns/named.conf to let > Samba know the Bind version so I did that and Voila! > > We have name resolution, can

Of course, it seems we are running Samba 4.7.6-Ubuntu. Great. The biggest regret of my last few years is that we are also running Zentyal, which I am desperate to get rid of. I'm trying to build a new server with the latest Samba and join that to the domain to see if I can get a good copy of the database, then wipe the other servers and rebuild them from scratch On Sat, Aug 29, 2020 at

Hi Peter, As Rowland pointed out in a previous post to you "Each DC should use its own ipaddress for its nameserver in /etc/resolv.conf", so the gateway IP should not be there. So make /etc/resolv.conf on DC01 nameserver 192.168.4.5 search internal.kcs and /etc/resolv.conf on DC02 nameserver 192.168.4.6 search internal.kcs If you use the internal dns backend add the following to

I upped 1.0.4 of the script.. I added checks if no DC's are found, error message and exits script, so no python errors anymore, if i did it right. ;-) on both DC's do the following. and whats the output of : cat /etc/hosts cat /etc/resolv.conf and kinit Administrator SETDNSDOMAIN=`hostname -d` SETHOSTNAME=`hostname -s` SERVER_IP_ADRESS=`hostname -i` echo "Test domainname:

Checking the databases against each other throws up pages and pages of errors. The two are completely out of sync now. What I have seen is that for no apparent reason, one of the servers suddenly decided it would sync with the Windows server, which appears to have updated the schema. Yesterday when I compared the databases on the two linux servers they only had a couple of errors, today, many

I have just set up a new AD and am having a little success with it, but DNS resolution is a little slow. I'm looking into why that is and tried an ns lookup for google.com and got the answer SERVFAIL on my AD server. The query was then passed to my next nameserver (google's own dns), which handled the query. Is this correct behaviour? I've not seen SERVFAIL before itadmin at

On Wed, 2018-09-26 at 14:47 +0100, Rowland Penny via samba wrote: > On Wed, 26 Sep 2018 15:28:42 +0200 > Daniel Jordan <d.jordan at gfd.de> wrote: > > > > > > > dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb  > > '(objectClass=domain)' objectSid > > # record 1 > > dn: DC=xx,DC=xx,DC=xx > > objectSid:

You said, "From what you posted earlier, the domain already points to the new DC, you just need to get the DNS fsmo roles." how so? The fsmo show, shows PDC, which is the old DC. DC01 is the new one. Or am I missing something else? As far as keeping it online I will just move everything I can and then seize and shut it down. I can turn off the networking to it since it is a VM and

dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb '(objectClass=domain)' objectSid # record 1 dn: DC=xx,DC=xx,DC=xx objectSid: S-1-5-21-3258148492-1502286889-3538134041 dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectClass=rIDSet)(cn=RID Set))' rIDAllocationPool # record 1 dn: CN=RID Set,CN=DC01,OU=Domain Controllers,DC=xx,DC=xx,DC=xx rIDAllocationPool:

I think it?s the cache. When you where sleeping the cache got updated. But I can be wrong Philip > On 5 Sep 2020, at 12:35, Rowland penny via samba <samba at lists.samba.org> wrote: > > On 05/09/2020 09:53, Peter Pollock via samba wrote: >> I have just set up a new AD and am having a little success with it, but DNS >> resolution is a little slow. >> >>

I went and got the newest (upped recently) script. No love. I removed the email address line to get more command line output. root at dc01:~# ./samba-check-db-repl.sh Running with with console output Running : /usr/bin/samba-tool ldapcmp --filter='whenChanged' ldap://dc01 ldap://dc02.dtsh***m.dt. Please wait.. this can take a while.. Failed to bind - LDAP error 49

When I run ./samba-check-db-repl.sh script I am getting the following: root at dc01:~# ./samba-check-db-repl.sh Failed to bind - LDAP error 49 LDAP_INVALID_CREDENTIALS - <SASL:[GSS-SPNEGO]: NT_STATUS_LOGON_FAILURE> <> Failed to connect to 'ldap://dc02.dtsh**m.dt.' with backend 'ldap': (null) ERROR(ldb): uncaught exception - None File