Web lists-archives.com

[Samba] Setup a Samba AD DC as an additional DC




I had my zones set for Domain Replication.  After your post I set them for Forest Replication.  I have not had a chance to see if that made a difference.  I did not know Samba cared if it were one vs. the other.

-Barry Adkins

From: andrew@xxxxxxxxxxx [mailto:andrew@xxxxxxxxxxx] On Behalf Of Andrew Ruscica
Sent: Wednesday, December 5, 2018 9:17 PM
To: Barry D. Adkins <Barry@xxxxxxxxx>
Cc: samba@xxxxxxxxxxxxxxx
Subject: Re: [Samba] Setup a Samba AD DC as an additional DC

On Wed, Dec 5, 2018 at 1:24 PM Barry D. Adkins <Barry@xxxxxxxxx<mailto:Barry@xxxxxxxxx>> wrote:

If only this would have been my problem, yet the _msdcs.my.domain zone is in Windows DNS.  Strange we are getting the same error.


_msdcs.my.domain zone is in Windows DNS

Being 'in' DNS is not the same as it existing as it's own dns zone.  Up until my change today, the subdomain _msdcs existed as a subdomain under 'my.domain'.

To double check, show your output from the following command, adapted for your windows dns server name:

# samba-tool dns zonelist SERVER1 -U administrator

one of the zones returned needs to look like this:

  pszZoneName                 : _msdcs.my.domain
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
  pszDpFqdn                   : ForestDnsZones.my.domain


Regarding your error with the machine account, I didn't get that, but if it were me I'd clear the contents of /var/lib/samba/private (or whatever path for your installation) before attempting the next join.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba