Web lists-archives.com

Re: [Samba] Update samba and Debian




On Sat, 09 Dec 2017 18:01:44 +0000
sandy.napoles@xxxxxxxxxxxxxx wrote:

> 9 de diciembre de 2017 12:57, "Rowland Penny via samba"
> <samba@xxxxxxxxxxxxxxx> escribió:
> 
> > On Sat, 09 Dec 2017 17:06:21 +0000
> > Sandy via samba <samba@xxxxxxxxxxxxxxx> wrote:
> > 
> >> Hello list, I want to make a new domain with the following
> >> features, using debian 9 with samba 4.7.3, at the beginning
> >> everything went well, but I have a doubt when in the configuration
> >> it is requested what type of server to choose, I would like to use
> >> the option NONE , then install a bind and configure it myself, all
> >> that is fine, but I have a doubt, when I run the
> >> command ./samba_update --verbose, I get the following ....... I
> >> would like to know what I have wrong or what's wrong with that
> >> output, I'll only show a part, I'd like to know if that output is
> >> correct and the error it gives to what should be need cache add: A
> >> ccmg7.eccmg.cupet.cu x.x.x.x Looking for DNS entry A
> >> ccmg7.eccmg.cupet.cu 172.18.68.7 as ccmg7.eccmg.cupet.cu. need
> >> cache add: A eccmg.cupet.cu 172.18.68.7 Looking for DNS entry A
> >> eccmg.cupet.cu 172.18.68.7 as eccmg.cupet.cu. need cache add: SRV
> >> _ldap._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS
> >> entry SRV _ldap._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as
> >> _ldap._tcp.eccmg.cupet.cu. Checking 0 100 389
> >> ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.eccmg.cupet.cu
> >> ccmg7.eccmg.cupet.cu 389 need cache add: SRV
> >> _ldap._tcp.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389
> >> 
> >> 1 DNS updates and 0 DNS deletes needed
> >> Traceback (most recent call last):
> >> File "./samba_dnsupdate", line 863, in
> >> creds = get_credentials(lp)
> >> File "./samba_dnsupdate", line 204, in get_credentials
> >> raise e
> >> samba.NTSTATUSError: (-1073741811, 'An invalid parameter was passed
> >> to a service or function.')
> > 
> > I take it you mean you used '--dns-backend=NONE' with the provision
> > command or you ran the provision command interactively and enter
> > 'NONE' when prompted for the dns server.
> > 
> > Which ever you did, it was a BAD idea.
> > If you want to use Bind9 as the dns server instead of the internal
> > dns server, install bind9 before the provision and use
> > '--dns-backend=BIND9_DLZ' with the provision command or, if you run
> > the provision interactively, enter 'BIND9_DLZ' when prompted for
> > the dns server.
> > Do not under any circumstances use 'BIND9_FLATFILE', it doesn't
> > work, just as using 'NONE' doesn't work.
> > 
> > Rowland
> > 
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> 
> 
> 1- samba-tool domain provision --use-rfc2307 --interactive
> 2- Realm [SAMDOM.EXAMPLE.COM]: SAMDOM.EXAMPLE.COM
> 3- Domain [SAMDOM]: SAMDOM
> 4- Server Role (dc, member, standalone) [dc]: dc
> 5- DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> [SAMBA_INTERNAL]: NONE

Do not use 'NONE', if you do, you will not get the dns info in AD.

install Bind9 before you provision the domain, then when prompted:

DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
[SAMBA_INTERNAL]:

Enter 'BIND9_DLZ'

You can, if you wish, configure Bind9 before the provision, but do not
start it or add any AD dns zones to the named conf files.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba