Web lists-archives.com

Re: [Samba] Recurrent DNS issues after DC loss

On 06.06.2018 16:02, Rowland Penny via samba wrote:

On your DC, set the AD DNS domain in the domain and the IP of your DC in the nameserver parameter of the /etc/resolv.conf file. For example:

domain samdom.example.com

So "domain" and not "search"? I had "search" set due to the result of some discussion on the list.

I seem to remember having read here on the list, that it is no good
idea to mix samba versions in a domain. If there is sound advice to
do it anyways, I would be up for trying it. However, as I have
written above, I messed up the uid/gid ranges. To my understanding,
later versions of Samba (like 4.5) _require_ the ranges to comply to
the defaults as denoted by the wiki.
There is nothing to stop you using different versions on DCs and you
can do the same with Unix domain members, unless you are using the 'ad'
backend  and are NOT using Domain Users as the users Unix primary group.

Why and how would I _not_ do this?

It is however, best practise to use the same major version, just to get
similar capabilities on all machines.

I will do that. I am using RSAT. Would I eradicate the complete site
associated with the dead DC? Or which containers/objects in
If the DC was the only one at a site and you have no other computers at
that site, then yes you can delete the site.

No, there are other computers at the site, Windows clients and Linux members.

I was able to remove the NTDS "connection" entry from Sites and Services.

However, I wasn't able to remove the DC itself from Sites and Service as well as from "Domain Controllers" in ADUC. I get "Windows cannot delete object [...] because: The specified module could not be found."


Thanks a lot, Rowland!


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba