Peter Beck <[email protected]> quatschte am Thu, Feb 14, 2013 at 03:04:40AM +0100:
After lots of 'trial and error' I have done following scenario * setup samba4 as additional dc (samba internal dns) * added +dns to smb.conf server services, "dns recursive queries = yes" and "allow dns updates = true" * on the windows dc I've added a recursive zone for my network and the samba4-dc in the "nameservers"-tab of each zone. Replication changed to "All dns servers". (still not sure if this is needed with ad integrated zones ?) * replication with samba-tool/repadmin - no issues * samba-tool drs replicate s4dc w2k3dc dc=domaindnszones,dc..- no errors * samba-tool drs replicate s4dc w2k3dc dc=forestdnszones,dc..- no errors * samba_dnsupdate --verbose - no errors * dns was replicated completely now, including the entries inside the zones * transferring the fsmo roles to samba4 - no issues * disable global catalog for the windows dc * dcpromo demote the windows server I am still able to read the existing dns entries, but as soon as I try to update an existing entry or add an additional I get "the local security authority database contains an internal inconsistency" from Windows MMC-Snapin and samba-tool is reporting "uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR')" But adding additional zones and entries for them seems to work. It seems it's just dns related as adding groups and users is working fine. Any ideas ? If there is a "best practice to replace an existing dc" i would like to contribute that to the samba Wiki... Best Regards Peter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
