Web lists-archives.com

Re: [Samba] Update samba and Debian




On Sat, 09 Dec 2017 18:46:39 +0000
sandy.napoles@xxxxxxxxxxxxxx wrote:

> 9 de diciembre de 2017 13:34, "Rowland Penny via samba"
> <samba@xxxxxxxxxxxxxxx> escribió:
> 
> > On Sat, 09 Dec 2017 18:01:44 +0000
> > sandy.napoles@xxxxxxxxxxxxxx wrote:
> > 
> >> 9 de diciembre de 2017 12:57, "Rowland Penny via samba"
> >> <samba@xxxxxxxxxxxxxxx> escribió:
> >> 
> >> On Sat, 09 Dec 2017 17:06:21 +0000
> >> Sandy via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >> 
> >> Hello list, I want to make a new domain with the following
> >> features, using debian 9 with samba 4.7.3, at the beginning
> >> everything went well, but I have a doubt when in the configuration
> >> it is requested what type of server to choose, I would like to use
> >> the option NONE , then install a bind and configure it myself, all
> >> that is fine, but I have a doubt, when I run the
> >> command ./samba_update --verbose, I get the following ....... I
> >> would like to know what I have wrong or what's wrong with that
> >> output, I'll only show a part, I'd like to know if that output is
> >> correct and the error it gives to what should be need cache add: A
> >> ccmg7.eccmg.cupet.cu x.x.x.x Looking for DNS entry A
> >> ccmg7.eccmg.cupet.cu 172.18.68.7 as ccmg7.eccmg.cupet.cu. need
> >> cache add: A eccmg.cupet.cu 172.18.68.7 Looking for DNS entry A
> >> eccmg.cupet.cu 172.18.68.7 as eccmg.cupet.cu. need cache add: SRV
> >> _ldap._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 Looking for DNS
> >> entry SRV _ldap._tcp.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389 as
> >> _ldap._tcp.eccmg.cupet.cu. Checking 0 100 389
> >> ccmg7.eccmg.cupet.cu. against SRV _ldap._tcp.eccmg.cupet.cu
> >> ccmg7.eccmg.cupet.cu 389 need cache add: SRV
> >> _ldap._tcp.dc._msdcs.eccmg.cupet.cu ccmg7.eccmg.cupet.cu 389
> >> 
> >> 1 DNS updates and 0 DNS deletes needed
> >> Traceback (most recent call last):
> >> File "./samba_dnsupdate", line 863, in
> >> creds = get_credentials(lp)
> >> File "./samba_dnsupdate", line 204, in get_credentials
> >> raise e
> >> samba.NTSTATUSError: (-1073741811, 'An invalid parameter was passed
> >> to a service or function.')
> >> 
> >> I take it you mean you used '--dns-backend=NONE' with the provision
> >> command or you ran the provision command interactively and enter
> >> 'NONE' when prompted for the dns server.
> >> 
> >> Which ever you did, it was a BAD idea.
> >> If you want to use Bind9 as the dns server instead of the internal
> >> dns server, install bind9 before the provision and use
> >> '--dns-backend=BIND9_DLZ' with the provision command or, if you run
> >> the provision interactively, enter 'BIND9_DLZ' when prompted for
> >> the dns server.
> >> Do not under any circumstances use 'BIND9_FLATFILE', it doesn't
> >> work, just as using 'NONE' doesn't work.
> >> 
> >> Rowland
> >> 
> >> --
> >> To unsubscribe from this list go to the following URL and read the
> >> instructions: https://lists.samba.org/mailman/options/samba
> >> 
> >> 1- samba-tool domain provision --use-rfc2307 --interactive
> >> 2- Realm [SAMDOM.EXAMPLE.COM]: SAMDOM.EXAMPLE.COM
> >> 3- Domain [SAMDOM]: SAMDOM
> >> 4- Server Role (dc, member, standalone) [dc]: dc
> >> 5- DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> >> [SAMBA_INTERNAL]: NONE
> > 
> > Do not use 'NONE', if you do, you will not get the dns info in AD.
> > 
> > install Bind9 before you provision the domain, then when prompted:
> > 
> > DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)
> > [SAMBA_INTERNAL]:
> > 
> > Enter 'BIND9_DLZ'
> > 
> > You can, if you wish, configure Bind9 before the provision, but do
> > not start it or add any AD dns zones to the named conf files.
> > 
> > Rowland
> > 
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> 
> 
> thanks, I'll do what you tell me, but I need to clarify something,
> have 1- install bind 9, aptitude install bind9
> by default he creates configuration files like named.conf.option and
> named.conf.local that I used to configure them, he also creates files
> in / var / cache / bind where the zones are declared direct and
> inverza you tell me that those files leave them blank 2- I promote my
> samba 4 as you tell me the doubt is after promoting I have to
> configure the files ????? if from any pc I do an nslookup and it
> solves me the zones ???
> 
> look what my configuration files have
> 
> 
> $ORIGIN .
> $TTL 604800     ; 1 week
> eccmg.cupet.cu          IN SOA  eccmg.cupet.cu.
> sandynapoles@xxxxxxxxxxxxxx. ( 1110093    ; serial
>                                 604800     ; refresh (1 week)
>                                 86400      ; retry (1 day)
>                                 2419200    ; expire (4 weeks)
>                                 604800     ; minimum (1 week)
>                                 )
> 
>                         NS      ccmg7.eccmg.cupet.cu.
>                                 A   172.18.68.7
> ccmg7.eccmg.cupet.cu.   IN      A   172.18.68.7
> 
> ;================RECORDS PERTENECIENTES AL DC OVER
> SMABA4=====================================================================
> 8b812222-b390-493d-bfc7-a97dbb0a023b._msdcs.eccmg.cupet.cu.
> 900     IN CNAME
> ccmg7.eccmg.cupet.cu. ;=============================================================================================================================

I think you need to go and read this Samba wikipage:
https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba