I was able to get the DomainDnsZone and ForestDnsZone replicated to the second machine. I ran the samba_upgradedns script and it created the private/dns dir and populated it with with the ldbs. Bind starts fine with the dlopen. However, bind fails to resolve anything. Trying to do a zone transfer (via `dig`) from the second machine fails- looking at the log, it says the zone has no SOA. However, running `samba-tool dns query smb2 cngtest.local cngtest.local SOA` returns:
Name=, Records=0, Children=0 Name=_msdcs, Records=0, Children=0 Name=_sites, Records=0, Children=1 Name=_tcp, Records=0, Children=4 Name=_udp, Records=0, Children=2 Name=DomainDnsZones, Records=0, Children=2 Name=ForestDnsZones, Records=0, Children=2 Name=smb1, Records=0, Children=0 Name=tester, Records=0, Children=0 If i try to resolve a single host (via `dig`) returns SERVFAIL. I've tried restarting both bind and samba. It didn't help. On Wed, May 30, 2012 at 7:10 PM, Amitay Isaacs <[email protected]> wrote: > Hi Ryan, > > On Thu, May 31, 2012 at 5:52 AM, Ryan Whelan <[email protected]> wrote: > > How do I do about setting up a second samba DC as a DNS server? I have 2 > > DCs in the domain (setup via the How-to on the wiki) > > > > If I try to follow the steps I used for the first controller on the > second, > > bind won't start because /usr/local/samba/private/dns hasn't been created > > or populated. (I'm using the dlz backend). Searching the wiki has > provided > > nothing. How to I create the needed ldb zone files? Do i just copy them > > from the first machine? > > It's slightly more involved. First you have to make sure that DNS > partitions are getting replicated between two DCs. If the DNS > partitions are not replicated correctly you won't be able to run DNS > server on secondary DC. Next step is to use samba_upgradedns script to > "fix" the provision on secondary DC and to create the files required > by DLZ backend. > > The main issue reported by few users is that the replication fails at > times and I have not yet been able to figure out the root cause of > this. So if you notice issues with replication, let me know. > > Amitay > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
