Web lists-archives.com

Re: [Samba] setting up a RODC

On Tue, 7 Aug 2018 17:44:37 +0200
Stefan Kania via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hi Andrej,
> then it works, but on a "normal" addc it works without "-U ".

This is  probably because you will be running the command from the RODC
on the RWDC.

> One more Question:
> When I do a "host -t srv _ldap._tcp.example.net" I only see my
> writeable DCs but not my RODC. 

There is a good reason for that, RODC's do not get that address.

>So I tested with:
> ------
> ldbsearch -H /var/lib/samba/private/sam.ldb '(invocationid=*)'
> --cross-ncs objectguid
> ------
> Found a objectguid for my RODC
> -------
> host -t CNAME ab4da5a2-2755-45b4-9d83-1dec1f869477._msdcs.example.net
> -------
> The CNAME is there
> Then I did a:
> --------
> samba_dnsupdate --verbose --all-names
> --------
> Still no entry for any of the srv-records on my rodc.

As I said above, only RWDC's get that srv-record.

> Adding Users for password-caching works.
> Next Question :-)
> Is there any way to see which users loaded with "samba-tool rodc
> preload <user> --server=addc01"

Not sure, but, from reading the code, it will print an error message
for every user that fails.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba