Re: [Samba] AD RODC not being used because of missing DNS entries?
- Date: Mon, 12 Nov 2018 14:59:16 +0100
- From: Julien Ropé via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] AD RODC not being used because of missing DNS entries?
----- Original Message -----
Sorry for replying too late, i did not notice until now that there was a follow up to the mail conversation.
Thank you for taking the time to answer - I appreciate.
The command I used first:
# samba-tool dns add DC1 ad.example.nl _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.example.nl SRV 'DC2.ad.example.nl 88 0 100'
is syntactically correct, but it inserts a wrong entry in the wrong zone.
It should be done, as in my second try after a Rowland pointed it out to me, like this:
# samba-tool dns add DC1 _msdcs.ad.example.nl _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.example.nl SRV 'DC2.ad.example.nl 389 0 100'
notice the different zone "_msdcs.ad.example.nl" . I had the same problem with the _ldap entry.
The first (wrong) command created a wrong entry that confused everything, and me in particular.
I don't think that (or know if) this has anything to do with your problem, but it did solve mine.
Yes, it helps : it probably explains some of the confusion while
Again, thanks for your time.
At this point, I have to say that my client is reverting his deployment
of Samba as a RODC - this issue on one side, and the authentication
limitation on the other (see another thread about password updates on
RODC) makes them cautious.
The release notes seems to show that this feature is ready, now it seems
there is still some roadblocks for end users in production environments.
Is there any assessment of missing features and/or blocking bugs for
samba as an RODC (apart from the two already mentioned)? Any roadmap
related to it?
I found the following TODO related to the RODC feature, but I don't
think it's up to date?
I'd like to collect as many details as possible to clarify expectations
with users, and maybe help close the gap by contributing documentation
and/or code where possible.
Message envoyé grâce à OBM, la Communication Libre par Linagora
To unsubscribe from this list go to the following URL and read the