[Samba] DNS and DC replication clarification
- Date: Mon, 6 Mar 2017 16:30:48 +0000 (UTC)
- From: Mircea Husz via samba <samba@xxxxxxxxxxxxxxx>
- Subject: [Samba] DNS and DC replication clarification
I configured two DCs (Samba version 4.5.5) replicating ad.corp.com in two sites (
Following 'DNS configuration on Domain Controllers' section from this wiki
If I configure nameserver DC1 to be the first resolver for DC2,
samba_dnsupdate --verbose --all-names fails with '
tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = Server not found in Kerberos database.'
The failure makes sense because each DC has keys only for itself in dns.keytab, as shown by
'klist -k /usr/local/samba/private/dns.keytab'. It makes no sense functionally for one DC to update another's DNS directly.
Seems to me the failure from 'samba_dnsupdate --verbose --all-names' can be ignored when another DC's nameserver is listed first. Unless I'm missing something ?
To unsubscribe from this list go to the following URL and read the