Re: [Samba] Samba 4 AD DC and BIND

I spent the better part of this morning playing around with samba-tool dns and also nsupdate -g. I was never able to add delegation records using this samba-tool dns. It always kept giving me errors about dns name not found. I was however fully successful at adding delegation records to samba

Re: [Samba] Samba 4 AD DC and BIND

On 03/20/2013 08:59 AM, Gerry Reno wrote: > On 03/20/2013 02:59 AM, Daniel Müller wrote: >> /usr/local/samba/bin/samba-tool dns query yourdnshost.your.domain >> your.domain @ ALL >> >> Ex: samba-tool dns query samba4.tplechler.kkh tlechler.kkh @ ALL >> Will do: >> Password for [administra...@tplec

Re: [Samba] Samba 4 AD DC and BIND

@lists.samba.org Betreff: Re: [Samba] Samba 4 AD DC and BIND On 03/20/2013 02:59 AM, Daniel Müller wrote: /usr/local/samba/bin/samba-tool dns query yourdnshost.your.domain your.domain @ ALL Ex: samba-tool dns query samba4.tplechler.kkh tlechler.kkh @ ALL Will do: Password for [administra

Re: [Samba] Samba 4 AD DC and BIND

An: 'Gerry Reno'; samba@lists.samba.org Betreff: Re: [Samba] Samba 4 AD DC and BIND It looks as if the script does not like reverse lookups!??? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 7207

Re: [Samba] Samba 4 AD DC and BIND

: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Gerry Reno Gesendet: Mittwoch, 20. März 2013 13:59 An: samba@lists.samba.org Betreff: Re: [Samba] Samba 4 AD

Re: [Samba] Samba 4 AD DC and BIND

On 03/20/2013 02:59 AM, Daniel Müller wrote: > /usr/local/samba/bin/samba-tool dns query yourdnshost.your.domain > your.domain @ ALL > > Ex: samba-tool dns query samba4.tplechler.kkh tlechler.kkh @ ALL > Will do: > Password for [administra...@tplechler.kkh]: > > > Greetings Daniel > > Hi Daniel,

Re: [Samba] Samba 4 AD DC and BIND

[mailto:samba-boun...@lists.samba.org] Im Auftrag von Gerry Reno Gesendet: Mittwoch, 20. März 2013 04:06 An: samba@lists.samba.org Betreff: Re: [Samba] Samba 4 AD DC and BIND On 03/19/2013 10:57 PM, Ricky Nance wrote: > Try first a kinit administrator, then enter the administrator > password

Re: [Samba] Samba 4 AD DC and BIND

What is the error message now? Ricky On Tue, Mar 19, 2013 at 10:06 PM, Gerry Reno wrote: > On 03/19/2013 10:57 PM, Ricky Nance wrote: > > Try first a kinit administrator, then enter the administrator password, > then /usr/local/samba/bin/samba-tool dns query > > COMPANY.company.com

Re: [Samba] Samba 4 AD DC and BIND

On 03/19/2013 10:57 PM, Ricky Nance wrote: > Try first a kinit administrator, then enter the administrator password, then > /usr/local/samba/bin/samba-tool dns query > COMPANY.company.com company.com > @ ALL (notice no -U this time, and > the for

Re: [Samba] Samba 4 AD DC and BIND

Try first a kinit administrator, then enter the administrator password, then /usr/local/samba/bin/samba-tool dns query COMPANY.company.com company.com @ ALL (notice no -U this time, and the format of host.realm instead of just host... I mistyped that in the last message) and see if it works, this w

Re: [Samba] Samba 4 AD DC and BIND

On 03/19/2013 09:00 PM, Ricky Nance wrote: > Try samba-tool dns query netbiosname company.com @ ALL > -Uadministrator%HIDDEN (where netbiosname > is generally the same as your computers hostname)... try to avoid using > 127.0.0.1 or localhost. Also that error is > often signs

Re: [Samba] Samba 4 AD DC and BIND

Try samba-tool dns query netbiosname company.com @ ALL -Uadministrator%HIDDEN (where netbiosname is generally the same as your computers hostname)... try to avoid using 127.0.0.1 or localhost. Also that error is often signs of DNS server not running, so doublecheck that with netstat -anp | grep 53

Re: [Samba] Samba 4 AD DC and BIND

On 03/19/2013 08:38 PM, Ricky Nance wrote: > I seen this error recently myself, and haven't yet investigated whats going > on for sure, but I suspect its the way > dns_connect is parsing everything (I seen it with the | or >) ... try with > -Uadministrator%password (replacing > password to be the

Re: [Samba] Samba 4 AD DC and BIND

I seen this error recently myself, and haven't yet investigated whats going on for sure, but I suspect its the way dns_connect is parsing everything (I seen it with the | or >) ... try with -Uadministrator%password (replacing password to be the administrator password you use) and report back please

Re: [Samba] Samba 4 AD DC and BIND

I have Samba 4 AD DC running with BIND9_DLZ. I am trying to use samba-tool to administer dns but I keep getting this error: # /usr/local/samba/bin/samba-tool dns query 127.0.0.1 company.com www.company.com ALL Password for [COMPANY\root]: Failed to bind to uuid 50abc2a4-574d-40b3-9d6

Re: [Samba] Samba 4 AD DC and BIND

On Sun, Mar 17, 2013 at 5:14 PM, Michael Leone wrote: > On Sun, Mar 17, 2013 at 5:10 PM, Thomas Simmons wrote: > > Ideally you should not use the same domain name for your AD domain. > > Microsoft used to use "domain.local" for a default configuration, but > this > > can cause problems with certa

Re: [Samba] Samba 4 AD DC and BIND

On 03/17/2013 05:10 PM, Thomas Simmons wrote: > Ideally you should not use the same domain name for your AD domain. Microsoft > used to use "domain.local" for a default > configuration, but this can cause problems with certain external services > (Exchange/Office365 for example) and it also > con

Re: [Samba] Samba 4 AD DC and BIND

On Sun, Mar 17, 2013 at 5:10 PM, Thomas Simmons wrote: > Ideally you should not use the same domain name for your AD domain. > Microsoft used to use "domain.local" for a default configuration, but this > can cause problems with certain external services (Exchange/Office365 for > example) and it al

Re: [Samba] Samba 4 AD DC and BIND

Ideally you should not use the same domain name for your AD domain. Microsoft used to use "domain.local" for a default configuration, but this can cause problems with certain external services (Exchange/Office365 for example) and it also conflicts with some "local" Apple services if you have Macs o

Re: [Samba] Samba 4 AD DC and BIND

When you setup Samba 4 AD DC using BIND9_DLZ and your domain has external servers (eg: www,mail) at external providers this means that the ISP and the internal network nameservers will both have SOA record for the domain. /etc/resolv.conf looks like this: domain company.com nameserver 1

Re: [Samba] Samba 4 AD DC and BIND

On 03/13/2013 01:39 PM, Gregory Sloop wrote: >>> If you are doing that, >>> then I suggest you find a different way to operate - the AD DC is the >>> security heart of the network, and should be more protected than that. > GR> My AD DC is not directly connected to the internet. It is > GR> behi

Re: [Samba] Samba 4 AD DC and BIND

>> If you are doing that, >> then I suggest you find a different way to operate - the AD DC is the >> security heart of the network, and should be more protected than that. GR> My AD DC is not directly connected to the internet. It is GR> behind an internet gateway router which has 53 open an

Re: [Samba] Samba 4 AD DC and BIND

On 03/13/2013 12:53 AM, Andrew Bartlett wrote: > On Mon, 2013-03-11 at 19:16 -0400, Gerry Reno wrote: >> Since I am using views, where should I include the provision-generated >> named.conf? >> >> Just in the local network view? > Why are you using views? > > My understanding is that these are nor

Re: [Samba] Samba 4 AD DC and BIND

On Mon, 2013-03-11 at 19:16 -0400, Gerry Reno wrote: > Since I am using views, where should I include the provision-generated > named.conf? > > Just in the local network view? Why are you using views? My understanding is that these are normally used when external clients and internal clients ma

Re: [Samba] Samba 4 AD DC and BIND

On 03/11/2013 08:50 PM, Ricky Nance wrote: > I am not 100% sure, but anywhere in the named.conf config should be > sufficient, DLZ is Dynamically Loadable Zones, so > samba ends up being its own zone as far as I know. > > Ricky > > > On Mon, Mar 11, 2013 at 7:43 PM, Gerry Reno

Re: [Samba] Samba 4 AD DC and BIND

I am not 100% sure, but anywhere in the named.conf config should be sufficient, DLZ is Dynamically Loadable Zones, so samba ends up being its own zone as far as I know. Ricky On Mon, Mar 11, 2013 at 7:43 PM, Gerry Reno wrote: > On 03/11/2013 08:27 PM, Ricky Nance wrote: > > Sorry I don't under

Re: [Samba] Samba 4 AD DC and BIND

On 03/11/2013 08:27 PM, Ricky Nance wrote: > Sorry I don't understand what you mean by views... the provision generated > named.conf should be inserted into your > /etc/named/named.conf (again this varies on different distros) as an include > directive, it is not meant to be a full > named.conf.

Re: [Samba] Samba 4 AD DC and BIND

Sorry I don't understand what you mean by views... the provision generated named.conf should be inserted into your /etc/named/named.conf (again this varies on different distros) as an include directive, it is not meant to be a full named.conf. Ricky On Mon, Mar 11, 2013 at 6:16 PM, Gerry Reno w

Re: [Samba] Samba 4 AD DC and BIND

Since I am using views, where should I include the provision-generated named.conf? Just in the local network view? -Gerry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba 4 AD DC and BIND

On 11/03/13 16:30, Gerry Reno wrote: When I ran the provision I selected BIND9_DLZ. The provision did not prompt me for a DNS forwarder IP. So after the provision finished I entered the DNS forwarder IP manually into smb.conf. Should the provision have prompted for the DNS forwarder IP? Hi,

Re: [Samba] Samba 4 AD DC and BIND

On 03/11/2013 12:53 PM, Ricky Nance wrote: > With the BIND9_DLZ backend, bind actually handles the forwarding, so you will > need to set that up in your named conf, > something like the following: > > options { > forwarders { 192.249.249.1; 192.249.249.3; }; > }; > > Although, some distros break a

Re: [Samba] Samba 4 AD DC and BIND

With the BIND9_DLZ backend, bind actually handles the forwarding, so you will need to set that up in your named conf, something like the following: options { forwarders { 192.249.249.1; 192.249.249.3; }; }; Although, some distros break apart the named stuff, so you may need to find information sp

Re: [Samba] Samba 4 AD DC and BIND

When I ran the provision I selected BIND9_DLZ. The provision did not prompt me for a DNS forwarder IP. So after the provision finished I entered the DNS forwarder IP manually into smb.conf. Should the provision have prompted for the DNS forwarder IP? -- To unsubscribe from this list go to th

Re: [Samba] Samba 4 AD DC and BIND

ernet: www.tropenklinik.de > --- > -Ursprüngliche Nachricht- > Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im > Auftrag von Gerry Reno > Gesendet: Sonntag, 10. März 2013 14:14 > An: samba@lists.sam

Re: [Samba] Samba 4 AD DC and BIND

Im Auftrag von Gerry Reno Gesendet: Sonntag, 10. März 2013 14:14 An: samba@lists.samba.org Betreff: [Samba] Samba 4 AD DC and BIND When setting up Samba 4 AD DC to use BIND DNS is it possible to use BIND located on a separate server? Or do you need to run BIND on the same machine as Samba 4 AD DC?

[Samba] Samba 4 AD DC and BIND

When setting up Samba 4 AD DC to use BIND DNS is it possible to use BIND located on a separate server? Or do you need to run BIND on the same machine as Samba 4 AD DC? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/s