Re: [Samba] Recurrent DNS issues after DC loss
- Date: Wed, 6 Jun 2018 16:42:36 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Recurrent DNS issues after DC loss
On Wed, 6 Jun 2018 16:26:53 +0200
Ole Traupe via samba <samba@xxxxxxxxxxxxxxx> wrote:
> On 06.06.2018 16:02, Rowland Penny via samba wrote:
> > On your DC, set the AD DNS domain in the domain and the IP of your
> > DC in the nameserver parameter of the /etc/resolv.conf file. For
> > example:
> > domain samdom.example.com
> > nameserver 10.99.0.1
> So "domain" and not "search"? I had "search" set due to the result of
> some discussion on the list.
DOH! no it should be search and it now says so on the DC wikipage.
> >> I seem to remember having read here on the list, that it is no good
> >> idea to mix samba versions in a domain. If there is sound advice to
> >> do it anyways, I would be up for trying it. However, as I have
> >> written above, I messed up the uid/gid ranges. To my understanding,
> >> later versions of Samba (like 4.5) _require_ the ranges to comply
> >> to the defaults as denoted by the wiki.
> > There is nothing to stop you using different versions on DCs and you
> > can do the same with Unix domain members, unless you are using the
> > 'ad' backend and are NOT using Domain Users as the users Unix
> > primary group.
> Why and how would I _not_ do this?
Perhaps I should have been a little more precise, you shouldn't use
versions earlier than 4.6.0 with versions >= 4.6.0 on Unix domain
members, if you also set 'idmap config <DOMAIN> : unix_primary_group =
yes' on the >= 4.6.0 machines.
> However, I wasn't able to remove the DC itself from Sites and Service
> as well as from "Domain Controllers" in ADUC. I get "Windows cannot
> delete object [...] because: The specified module could not be found."
You may have to remove it with ldbdelete, try an ldbsearch on the DC
first, if you can find it, ldbdelete should be able to delete it.
To unsubscribe from this list go to the following URL and read the