On 10/05/2012 07:57 AM, Brett Rowley wrote:
Hi All,
First, off I'm a bit of a n00b w/Samba4 so I'll apologize ahead of
time if any of this seems obvious/trivial. I'm working with Samba RC1
tar build and trying to get DNS replication working. Right how I get
the following under
--snip--
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: fa253d86-3549-4208-ab29-a0d702ccdb02
Enabled : TRUE
Server DNS name : target.OwnerIQ.local
Server DN name : CN=NTDS
Settings,CN=TARGET,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Is it the result of repadmin ?
Can you send it in total ?
Can you do samba-tool drs showrepl on the samba server ?
I only have one server running W2k3 SP1. I have trolled Google and
read that both the internal DNS does not replicate some objects and
that dynamic updates are not fully functional.
The updates are fixed as for the non replication of some object I never
heard of it at least not on purpose.
But, even after reading a bunch of documents, it's not clear /how/I
fix that. I've read that the replication is not complete on a
additional DC and that it has to be done manually. Not sure if that
has anything to do with the "samba_upgradedns" command (which I ran,
it complained about not having a zone file in
/usr/local/samba/private/dns but all else seemed well).
So for the moment when a second samba DC joins an active directory
domain it didn't replicate the dns zones by default
I also ran "samba_dnsupdate --verbose" and while that seemed
alright, I did notice:
schema_fsmo_init: we are master[no] updates allowed[no]
Skipping PDC entry (SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN}
That's normal most probably the FSMO for PDC is on you windows DC.
Shouldn't updates allowed be yes if I added "allow dns updates = true"
no you should use allow dns updates = signed but it should be the
default now.
in smb.conf? One final note, I do have my resolv.conf pointing to my
Win2k3 as the first DNS server.
That shouldn't be too much of a problem.
My end goal is to replace the 2k3 server with Samba4 so, either way,
if internal DNS is not an option right now because it hasn't matured,
I'm tempted, based on what I've read, to try BIND to get around the
internal problems. I have that built with Bind 9.8.3 with the following:
./configure --prefix=/var/named --bindir=/usr/bin --sbindir=/usr/sbin
--sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include
--libdir=/usr/lib --libexecdir=/usr/libexe --sharedstatedir=/var/lib
--with-libtool --enable-threads --with-dlopen --with-gssapi
I would be willing to try the switch over but, while it's clear how to
switch the backend (--/dns/-/backend=/BIND_DLZ) when provisioning
Samba, how would I do this from a join perspective? Thanks in advance
for any help!
So I'm not too surprised that you run in such trouble for applications
partitions as we have some bugs in the way we mark application
partitions: 9200 & 9201
https://bugzilla.samba.org/show_bug.cgi?id=9201
https://bugzilla.samba.org/show_bug.cgi?id=9200
All of this should be resolvable hopefully.
Matthieu
--
Matthieu Patou
Samba Team
http://samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
