Web lists-archives.com

Re: [Samba] Permission issue




On Wed, 13 Feb 2019 09:11:43 +0000
Praveen Ghimire <PGhimire@xxxxxxxxxxxxxx> wrote:

> Hi Rowland,
> 
> Used the 2008R2 box as I already had done up a script a while ago.
> The problem I found is that I could update the DNS record on the
> Samba AD server using the script but not the Windows AD box. It came
> up with  permission denied. I checked the dns update setting and it
> was set to both secure and unsecure (in DNS and also in smb.conf). I
> was running the script as the Domain Administrator.

Try reading this:

https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_with_BIND9

> 
> The Server B I mentioned is not joined to the domain (Samba Nt4 or
> AD), it's just a standalone Ubuntu box with bind/dhcp and some other
> application. This part of the project doesn’t cover the DNS and DHCP
> migration from ServerB to the AD box. 

Then it shouldn't hold any AD dns records, though it could be used as a
forwarder by the AD DC's

> 
> Just a curiosity, how long before the classicupgrade, the clients
> starts seeing and joining the AD domain? I know there is no reverting
> back the changes once they do, if we gauge the time lapse, it might
> help us . The one way I have been testing is shutting down all
> windows VMs bar the Samba box and a Windows server. If I see some
> issues, then we just revert back the /var/lib/samba and etc files and
> stop the ad-dc service and restart the samba services, seems to work
> well , till now

If any of your existing clients 'see' the AD DC, that's it, they will
not connect to the old PDC again.

Rowland 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba