Re: [Samba] Samba4 - DnsAdmins group dissapeared

Le 15/11/2018 à 11:21, Rowland Penny via samba a écrit :
On Thu, 15 Nov 2018 10:20:41 +0100
Julien TEHERY via samba <samba@xxxxxxxxxxxxxxx> wrote:


I actually have 3 principal DCs

Samba version : 4.6.4 / Redhat7

All 3 DCs work with BIND9_DLZ as dns backend.
Today I added a new DC to my domain assignd to a site i previously
created with:

samba-tool domain join mydomain.lan DC -U administrator
--realm=MYDOMAIN.LAN -W mydomain --site=MYSITE*

*Then I tried to migrate the dns backend of this fresh new DC to bind
DLZ (as i did for every other DC before)
Why not just add '--dns-backend=BIND9_DLZ' to the join command and do
everything at once ?
You're completely right, I wasn't sure it was possible.

If i try an ldbsearch or an ldapsearch, i can't find any DnsAdmins
group, even on the main DC.

What's going wrong?
No real idea, but if you are sure the 'DnsAdmins' group doesn't exist,
try adding it with:

samba-tool group add DnsAdmins --description='DNS Administrators Group'
--group-type=Security --group-scope=Domain -U administrator

It will either create the group for you, or tell you if it does
exist ;-)

Well,  that's the scary point because it did create the group. That means something (i don't know) deleted it..
I'll let you know if happens again.

Thanks for your help!

