DNS issue with clean install of samba 4.5.12-Debian

classic Classic list List threaded Threaded
18 messages Options
Reply | Threaded
Open this post in threaded view
|

DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
I am working on building a test ADDC environment for my business.  I have
performed a clean install of Debian 9.2, after which I performed an install
of samba 4.5.12-Debian.

once samba was installed, I ran 'samba-tool domain provision --use-rfc2307
--interactive' and answered all the questions with appropriate answers.

everything seemed to install just fine.  When I try to join a windows 7
client to the domain, it fails with a timeout error.

I tested the DNS on the DC by running

host -t SRV _ldap._tcp.test.test
host -t SRV _kerberos._udp.test.test
host -t A dc1.test.test

all which returned appropriate responses.

When I try to run NSLOOKUP from the windows client against the DC, I get a
timeout error.

There are no IPtables running on the DC1, and both DC and the windows
client are on the same subnet with no firewall imbetween them.

Any help you can provide would be greatly appreciated!


--
*Taylor Hammerling* |  *IT Manager*
2800 Laura Lane | Middleton, WI 53562
*O *(608) 669-9070 *| C *(608) 512-7849
tcsbasys.com | ubiquistat.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On 12/8/2017 12:47 PM, Taylor Hammerling via samba wrote:

> I am working on building a test ADDC environment for my business.  I have
> performed a clean install of Debian 9.2, after which I performed an install
> of samba 4.5.12-Debian.
>
> once samba was installed, I ran 'samba-tool domain provision --use-rfc2307
> --interactive' and answered all the questions with appropriate answers.
>
> everything seemed to install just fine.  When I try to join a windows 7
> client to the domain, it fails with a timeout error.
>
> I tested the DNS on the DC by running
>
> host -t SRV _ldap._tcp.test.test
> host -t SRV _kerberos._udp.test.test
> host -t A dc1.test.test
>
> all which returned appropriate responses.
>
> When I try to run NSLOOKUP from the windows client against the DC, I get a
> timeout error.
>
> There are no IPtables running on the DC1, and both DC and the windows
> client are on the same subnet with no firewall imbetween them.
>
> Any help you can provide would be greatly appreciated!
>
>
Did you configure your Win client with the DC's IP for DNS?

--
--
James


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
In reply to this post by Samba - General mailing list
i suggest review my howto

its on github find my name, thctlo, goto samba4.

full ad and member howto and scripts to check things.


Greetz,
Louis
(mobile)

> Op 8 dec. 2017 om 18:49 heeft Taylor Hammerling via samba <[hidden email]> het volgende geschreven:
>
> I am working on building a test ADDC environment for my business.  I have
> performed a clean install of Debian 9.2, after which I performed an install
> of samba 4.5.12-Debian.
>
> once samba was installed, I ran 'samba-tool domain provision --use-rfc2307
> --interactive' and answered all the questions with appropriate answers.
>
> everything seemed to install just fine.  When I try to join a windows 7
> client to the domain, it fails with a timeout error.
>
> I tested the DNS on the DC by running
>
> host -t SRV _ldap._tcp.test.test
> host -t SRV _kerberos._udp.test.test
> host -t A dc1.test.test
>
> all which returned appropriate responses.
>
> When I try to run NSLOOKUP from the windows client against the DC, I get a
> timeout error.
>
> There are no IPtables running on the DC1, and both DC and the windows
> client are on the same subnet with no firewall imbetween them.
>
> Any help you can provide would be greatly appreciated!
>
>
> --
> *Taylor Hammerling* |  *IT Manager*
> 2800 Laura Lane | Middleton, WI 53562
> *O *(608) 669-9070 *| C *(608) 512-7849
> tcsbasys.com | ubiquistat.com
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
In reply to this post by Samba - General mailing list
yes, I did configure the win client with the DC's IP for DNS, sorry I
neglected to mention that.

On Fri, Dec 8, 2017 at 12:06 PM, lingpanda101 via samba <
[hidden email]> wrote:

> On 12/8/2017 12:47 PM, Taylor Hammerling via samba wrote:
>
>> I am working on building a test ADDC environment for my business.  I have
>> performed a clean install of Debian 9.2, after which I performed an
>> install
>> of samba 4.5.12-Debian.
>>
>> once samba was installed, I ran 'samba-tool domain provision --use-rfc2307
>> --interactive' and answered all the questions with appropriate answers.
>>
>> everything seemed to install just fine.  When I try to join a windows 7
>> client to the domain, it fails with a timeout error.
>>
>> I tested the DNS on the DC by running
>>
>> host -t SRV _ldap._tcp.test.test
>> host -t SRV _kerberos._udp.test.test
>> host -t A dc1.test.test
>>
>> all which returned appropriate responses.
>>
>> When I try to run NSLOOKUP from the windows client against the DC, I get a
>> timeout error.
>>
>> There are no IPtables running on the DC1, and both DC and the windows
>> client are on the same subnet with no firewall imbetween them.
>>
>> Any help you can provide would be greatly appreciated!
>>
>>
>> Did you configure your Win client with the DC's IP for DNS?
>
> --
> --
> James
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



--
*Taylor Hammerling* |  *IT Manager*
2800 Laura Lane | Middleton, WI 53562
*O *(608) 669-9070 *| C *(608) 512-7849
tcsbasys.com | ubiquistat.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
In reply to this post by Samba - General mailing list
Will do, thanks!

On Fri, Dec 8, 2017 at 12:07 PM, L.P.H. van Belle via samba <
[hidden email]> wrote:

> i suggest review my howto
>
> its on github find my name, thctlo, goto samba4.
>
> full ad and member howto and scripts to check things.
>
>
> Greetz,
> Louis
> (mobile)
>
> > Op 8 dec. 2017 om 18:49 heeft Taylor Hammerling via samba <
> [hidden email]> het volgende geschreven:
> >
> > I am working on building a test ADDC environment for my business.  I have
> > performed a clean install of Debian 9.2, after which I performed an
> install
> > of samba 4.5.12-Debian.
> >
> > once samba was installed, I ran 'samba-tool domain provision
> --use-rfc2307
> > --interactive' and answered all the questions with appropriate answers.
> >
> > everything seemed to install just fine.  When I try to join a windows 7
> > client to the domain, it fails with a timeout error.
> >
> > I tested the DNS on the DC by running
> >
> > host -t SRV _ldap._tcp.test.test
> > host -t SRV _kerberos._udp.test.test
> > host -t A dc1.test.test
> >
> > all which returned appropriate responses.
> >
> > When I try to run NSLOOKUP from the windows client against the DC, I get
> a
> > timeout error.
> >
> > There are no IPtables running on the DC1, and both DC and the windows
> > client are on the same subnet with no firewall imbetween them.
> >
> > Any help you can provide would be greatly appreciated!
> >
> >
> > --
> > *Taylor Hammerling* |  *IT Manager*
> > 2800 Laura Lane | Middleton, WI 53562
> > *O *(608) 669-9070 *| C *(608) 512-7849
> > tcsbasys.com | ubiquistat.com
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



--
*Taylor Hammerling* |  *IT Manager*
2800 Laura Lane | Middleton, WI 53562
*O *(608) 669-9070 *| C *(608) 512-7849
tcsbasys.com | ubiquistat.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On Fri, 8 Dec 2017 12:27:30 -0600
Taylor Hammerling via samba <[hidden email]> wrote:

> Will do, thanks!
>

Specifically, go here:
https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh

Download and run the script and then look at the output, you can send
the output direct to me if needed and I will see if I can spot any
problems.

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:

> On Fri, 8 Dec 2017 12:27:30 -0600
> Taylor Hammerling via samba <[hidden email]> wrote:
>
>> Will do, thanks!
>>
> Specifically, go here:
> https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
>
> Download and run the script and then look at the output, you can send
> the output direct to me if needed and I will see if I can spot any
> problems.
>
> Rowland
>
>
Rowland,

     Decided to run your script for giggles and I receive a error

./samba-setup-checkup.sh: line 89: [: too many arguments


--
--
James


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On Fri, 8 Dec 2017 14:25:19 -0500
lingpanda101 via samba <[hidden email]> wrote:

> On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:
> > On Fri, 8 Dec 2017 12:27:30 -0600
> > Taylor Hammerling via samba <[hidden email]> wrote:
> >
> >> Will do, thanks!
> >>
> > Specifically, go here:
> > https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
> >
> > Download and run the script and then look at the output, you can
> > send the output direct to me if needed and I will see if I can spot
> > any problems.
> >
> > Rowland
> >
> >
> Rowland,
>
>      Decided to run your script for giggles and I receive a error
>
> ./samba-setup-checkup.sh: line 89: [: too many arguments
>
>

Funnily enough, so do I ;-)

it isn't my script, it is Louis's, but I had some input and it looks
like I will be having some more.

To be continued.......

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
Glad you guys replied, here is my output :D

root@dc1:~# ./samba-setup-checkup.sh
Check hostnames : Ok
./samba-setup-checkup.sh: line 89: [: too many arguments
Checking detected host ipnumbers from resolv.conf and default gateway
Ping gateway ip : 172.28.0.1 : Ok
ping nameserver1: 172.28.255.49 : Ok
ping nameserver2: 172.28.0.1 : Ok
Check ping google dns : 8.8.8.8 : Ok
root@dc1:~#


so, everything looks good except for the part that bombs out :D

On Fri, Dec 8, 2017 at 1:43 PM, Rowland Penny via samba <
[hidden email]> wrote:

> On Fri, 8 Dec 2017 14:25:19 -0500
> lingpanda101 via samba <[hidden email]> wrote:
>
> > On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:
> > > On Fri, 8 Dec 2017 12:27:30 -0600
> > > Taylor Hammerling via samba <[hidden email]> wrote:
> > >
> > >> Will do, thanks!
> > >>
> > > Specifically, go here:
> > > https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
> > >
> > > Download and run the script and then look at the output, you can
> > > send the output direct to me if needed and I will see if I can spot
> > > any problems.
> > >
> > > Rowland
> > >
> > >
> > Rowland,
> >
> >      Decided to run your script for giggles and I receive a error
> >
> > ./samba-setup-checkup.sh: line 89: [: too many arguments
> >
> >
>
> Funnily enough, so do I ;-)
>
> it isn't my script, it is Louis's, but I had some input and it looks
> like I will be having some more.
>
> To be continued.......
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



--
*Taylor Hammerling* |  *IT Manager*
2800 Laura Lane | Middleton, WI 53562
*O *(608) 669-9070 *| C *(608) 512-7849
tcsbasys.com | ubiquistat.com
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On 12/8/2017 2:54 PM, Taylor Hammerling via samba wrote:

> Glad you guys replied, here is my output :D
>
> root@dc1:~# ./samba-setup-checkup.sh
> Check hostnames : Ok
> ./samba-setup-checkup.sh: line 89: [: too many arguments
> Checking detected host ipnumbers from resolv.conf and default gateway
> Ping gateway ip : 172.28.0.1 : Ok
> ping nameserver1: 172.28.255.49 : Ok
> ping nameserver2: 172.28.0.1 : Ok
> Check ping google dns : 8.8.8.8 : Ok
> root@dc1:~#
>
>
> so, everything looks good except for the part that bombs out :D
>
> On Fri, Dec 8, 2017 at 1:43 PM, Rowland Penny via samba <
> [hidden email]> wrote:
>
>> On Fri, 8 Dec 2017 14:25:19 -0500
>> lingpanda101 via samba <[hidden email]> wrote:
>>
>>> On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:
>>>> On Fri, 8 Dec 2017 12:27:30 -0600
>>>> Taylor Hammerling via samba <[hidden email]> wrote:
>>>>
>>>>> Will do, thanks!
>>>>>
>>>> Specifically, go here:
>>>> https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
>>>>
>>>> Download and run the script and then look at the output, you can
>>>> send the output direct to me if needed and I will see if I can spot
>>>> any problems.
>>>>
>>>> Rowland
>>>>
>>>>
>>> Rowland,
>>>
>>>       Decided to run your script for giggles and I receive a error
>>>
>>> ./samba-setup-checkup.sh: line 89: [: too many arguments
>>>
>>>
>> Funnily enough, so do I ;-)
>>
>> it isn't my script, it is Louis's, but I had some input and it looks
>> like I will be having some more.
>>
>> To be continued.......
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>
Rowland,

     Ran again with updated script. Fixed initial error. I will preface
with my OS is Ubuntu 14.05.5 LTS. This script should still work, no?

I did notice I had a error in my resolv.conf. It had details pertaining
to another server. Must of mixed up my SSH window. Fixed and ran again
but threw an error with my /etc/krb.conf.conf file. Not really an error
but a change I knew I made to it.

dns_lookup_realm = true

I reverted the change just to satisfy the script, but it continues to
report the prior discrepancy I believe.

Incorrect '/etc/krb5.conf' file.
Expected:
[libdefaults]
         default_realm = DOMAIN.LOCAL
         dns_lookup_realm = false
         dns_lookup_kdc = true

Got:
[libdefaults]
         default_realm = DOMAIN.LOCAL
         dns_lookup_realm = false
         dns_lookup_kdc = true

Is their a cache I'm not aware of because these two look identical now?
I then get a legitimate error

ldb: unable to stat module /usr/lib/x86_64-linux-gnu/samba/ldb : No such
file or directory

I didn't have samba-dsdb-modules installed. It isn't necessary for a
proper install of Samba I believe but only for the purposes of this
script? I went and installed anyways, but I was greeted with another
error I don't know how to proceed.

ERROR(<type 'exceptions.AttributeError'>): uncaught exception -
'NoneType' object has no attribute 'canonical_str'
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line 175, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
415, in run
     forest_dn = samba.dn_from_dns_name(samdb.forest_dns_name())
   File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 655, in
forest_dns_name
     return forest_dn.canonical_str().split('/')[0]


Is this supposed to be a debian only script from Louis? If so my
apologizes for wasting your time.

--
James


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On Mon, 11 Dec 2017 08:51:01 -0500
lingpanda101 via samba <[hidden email]> wrote:

> On 12/8/2017 2:54 PM, Taylor Hammerling via samba wrote:
> > Glad you guys replied, here is my output :D
> >
> > root@dc1:~# ./samba-setup-checkup.sh
> > Check hostnames : Ok
> > ./samba-setup-checkup.sh: line 89: [: too many arguments
> > Checking detected host ipnumbers from resolv.conf and default
> > gateway Ping gateway ip : 172.28.0.1 : Ok
> > ping nameserver1: 172.28.255.49 : Ok
> > ping nameserver2: 172.28.0.1 : Ok
> > Check ping google dns : 8.8.8.8 : Ok
> > root@dc1:~#
> >
> >
> > so, everything looks good except for the part that bombs out :D
> >
> > On Fri, Dec 8, 2017 at 1:43 PM, Rowland Penny via samba <
> > [hidden email]> wrote:
> >
> >> On Fri, 8 Dec 2017 14:25:19 -0500
> >> lingpanda101 via samba <[hidden email]> wrote:
> >>
> >>> On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:
> >>>> On Fri, 8 Dec 2017 12:27:30 -0600
> >>>> Taylor Hammerling via samba <[hidden email]> wrote:
> >>>>
> >>>>> Will do, thanks!
> >>>>>
> >>>> Specifically, go here:
> >>>> https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
> >>>>
> >>>> Download and run the script and then look at the output, you can
> >>>> send the output direct to me if needed and I will see if I can
> >>>> spot any problems.
> >>>>
> >>>> Rowland
> >>>>
> >>>>
> >>> Rowland,
> >>>
> >>>       Decided to run your script for giggles and I receive a error
> >>>
> >>> ./samba-setup-checkup.sh: line 89: [: too many arguments
> >>>
> >>>
> >> Funnily enough, so do I ;-)
> >>
> >> it isn't my script, it is Louis's, but I had some input and it
> >> looks like I will be having some more.
> >>
> >> To be continued.......
> >>
> >> Rowland
> >>
> >> --
> >> To unsubscribe from this list go to the following URL and read the
> >> instructions:  https://lists.samba.org/mailman/options/samba
> >>
> >
> >
> Rowland,
>
>      Ran again with updated script. Fixed initial error. I will
> preface with my OS is Ubuntu 14.05.5 LTS. This script should still
> work, no?
>
> I did notice I had a error in my resolv.conf. It had details
> pertaining to another server. Must of mixed up my SSH window. Fixed
> and ran again but threw an error with my /etc/krb.conf.conf file. Not
> really an error but a change I knew I made to it.
>
> dns_lookup_realm = true
>
> I reverted the change just to satisfy the script, but it continues to
> report the prior discrepancy I believe.
>
> Incorrect '/etc/krb5.conf' file.
> Expected:
> [libdefaults]
>          default_realm = DOMAIN.LOCAL
>          dns_lookup_realm = false
>          dns_lookup_kdc = true
>
> Got:
> [libdefaults]
>          default_realm = DOMAIN.LOCAL
>          dns_lookup_realm = false
>          dns_lookup_kdc = true
>
> Is their a cache I'm not aware of because these two look identical
> now? I then get a legitimate error

No, there isn't a cache, it reads /etc/krb5.conf every time the script
is run. The two files do seem identical, but the script checks if the
file exists, checks how many lines (should be 4), is there a
'[libdefaults]' line, what REALM is being used, is 'lookup_realm' set
to 'false' and is 'lookup_kdc' set to 'true', the krb5.conf should only
be displayed if at least one of these is incorrect.

>
> ldb: unable to stat module /usr/lib/x86_64-linux-gnu/samba/ldb : No
> such file or directory
>
> I didn't have samba-dsdb-modules installed. It isn't necessary for a
> proper install of Samba I believe but only for the purposes of this
> script? I went and installed anyways, but I was greeted with another
> error I don't know how to proceed.

This must be coming from a 'samba-tool' command and the 'samba-tool'
commands should only be run a DC and you need ALL the samba packages.

> Is this supposed to be a debian only script from Louis? If so my
> apologizes for wasting your time.

Well, Louis wrote the original script for debian, but I use Devuan and
there is little in the script that relies on debian, mostly it is just
'what is this script running on' ;-)

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
Hai James,

Can you try this one for me. I corrected and uploaded my latest version.

https://raw.githubusercontent.com/thctlo/samba4/master/samba-setup-checkup.sh 

You can wget this one directly.
You should see ( my sample output )

sudo bash samba-setup-checkup.sh
Check hostnames : Ok
Checking detected host ipnumbers from resolv.conf and default gateway
Ping gateway ip : 192.168.1.1 : Ok
ping nameserver3: 8.8.8.8 : Ok
Check ping google dns : 8.8.8.8 : Ok
Checking file owner..
-rw-r--r-- root root     /etc/samba/smb.conf
Checking file owner..
-rw-r--r-- root root     /etc/samba/lmhosts
Checking file owner..
Missing file /etc/samba/smbpasswd
drwxr-xr-x root root     /usr/bin
drwxr-xr-x root root     /var/cache/samba
drwxr-xr-x root root     /usr/lib/x86_64-linux-gnu
drwxr-xr-x root root     /var/run/samba
drwxr-x--- root adm      /var/log/samba
drwxr-xr-x root root     /usr/lib/x86_64-linux-gnu/samba
drwxr-xr-x root root     /var/run/samba
drwxr-xr-x root root     /var/lib/samba/private
drwxr-xr-x root root     /usr/sbin
drwxr-xr-x root root     /var/lib/samba
DCS dc1.internal.example.com
dc2.internal.example.com
DC1 dc1.internal.example.com
DC2 dc2.internal.example.com
Samba AD DC info:             =  detected (command and where to look)
This server hostname          = dc1 (hostname -s and /etc/hosts and DNS server)
This server FQDN (hostname)   = dc1.internal.example.com (hostname -f and /etc/hosts and DNS server)
This server primary dnsdomain = internal.example.com (hostname -d and /etc/resolv.conf and DNS server)
This server IP address(ses)   = 192.168.1.211  Only one interface detected (hostname -i (-I) and /etc/networking/interfaces and DNS server
The DC with FSMO roles        = dc1 (samba-tool fsmo show)
The DC (with FSMO) Site name  = Default-First-Site-Name (samba-tool fsmo show)
The Default Naming Context    = DC=rotterdam,DC=bazuin,DC=nl (samba-tool fsmo show)
The Kerberos REALM name used  = internal.example.com    (kinit and /etc/krb5.conf and resolving)
The Ipadres of DC dc1.internal.example.com        = 192.168.1.1
The Ipadres of DC dc2.internal.example.com        = 192.168.1.2
SAMBA_SERVER_ROLE: active directory domain controller
SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver


And Beter again...  :-P

Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:[hidden email]] Namens
> Rowland Penny via samba
> Verzonden: maandag 11 december 2017 16:20
> Aan: [hidden email]
> Onderwerp: Re: [Samba] DNS issue with clean install of samba
> 4.5.12-Debian
>
> On Mon, 11 Dec 2017 08:51:01 -0500
> lingpanda101 via samba <[hidden email]> wrote:
>
> > On 12/8/2017 2:54 PM, Taylor Hammerling via samba wrote:
> > > Glad you guys replied, here is my output :D
> > >
> > > root@dc1:~# ./samba-setup-checkup.sh
> > > Check hostnames : Ok
> > > ./samba-setup-checkup.sh: line 89: [: too many arguments
> > > Checking detected host ipnumbers from resolv.conf and default
> > > gateway Ping gateway ip : 172.28.0.1 : Ok
> > > ping nameserver1: 172.28.255.49 : Ok
> > > ping nameserver2: 172.28.0.1 : Ok
> > > Check ping google dns : 8.8.8.8 : Ok
> > > root@dc1:~#
> > >
> > >
> > > so, everything looks good except for the part that bombs out :D
> > >
> > > On Fri, Dec 8, 2017 at 1:43 PM, Rowland Penny via samba <
> > > [hidden email]> wrote:
> > >
> > >> On Fri, 8 Dec 2017 14:25:19 -0500
> > >> lingpanda101 via samba <[hidden email]> wrote:
> > >>
> > >>> On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:
> > >>>> On Fri, 8 Dec 2017 12:27:30 -0600
> > >>>> Taylor Hammerling via samba <[hidden email]> wrote:
> > >>>>
> > >>>>> Will do, thanks!
> > >>>>>
> > >>>> Specifically, go here:
> > >>>>
> https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
> > >>>>
> > >>>> Download and run the script and then look at the
> output, you can
> > >>>> send the output direct to me if needed and I will see if I can
> > >>>> spot any problems.
> > >>>>
> > >>>> Rowland
> > >>>>
> > >>>>
> > >>> Rowland,
> > >>>
> > >>>       Decided to run your script for giggles and I
> receive a error
> > >>>
> > >>> ./samba-setup-checkup.sh: line 89: [: too many arguments
> > >>>
> > >>>
> > >> Funnily enough, so do I ;-)
> > >>
> > >> it isn't my script, it is Louis's, but I had some input and it
> > >> looks like I will be having some more.
> > >>
> > >> To be continued.......
> > >>
> > >> Rowland
> > >>
> > >> --
> > >> To unsubscribe from this list go to the following URL
> and read the
> > >> instructions:  https://lists.samba.org/mailman/options/samba
> > >>
> > >
> > >
> > Rowland,
> >
> >      Ran again with updated script. Fixed initial error. I will
> > preface with my OS is Ubuntu 14.05.5 LTS. This script should still
> > work, no?
> >
> > I did notice I had a error in my resolv.conf. It had details
> > pertaining to another server. Must of mixed up my SSH window. Fixed
> > and ran again but threw an error with my /etc/krb.conf.conf
> file. Not
> > really an error but a change I knew I made to it.
> >
> > dns_lookup_realm = true
> >
> > I reverted the change just to satisfy the script, but it
> continues to
> > report the prior discrepancy I believe.
> >
> > Incorrect '/etc/krb5.conf' file.
> > Expected:
> > [libdefaults]
> >          default_realm = DOMAIN.LOCAL
> >          dns_lookup_realm = false
> >          dns_lookup_kdc = true
> >
> > Got:
> > [libdefaults]
> >          default_realm = DOMAIN.LOCAL
> >          dns_lookup_realm = false
> >          dns_lookup_kdc = true
> >
> > Is their a cache I'm not aware of because these two look identical
> > now? I then get a legitimate error
>
> No, there isn't a cache, it reads /etc/krb5.conf every time the script
> is run. The two files do seem identical, but the script checks if the
> file exists, checks how many lines (should be 4), is there a
> '[libdefaults]' line, what REALM is being used, is 'lookup_realm' set
> to 'false' and is 'lookup_kdc' set to 'true', the krb5.conf
> should only
> be displayed if at least one of these is incorrect.
>
> >
> > ldb: unable to stat module /usr/lib/x86_64-linux-gnu/samba/ldb : No
> > such file or directory
> >
> > I didn't have samba-dsdb-modules installed. It isn't
> necessary for a
> > proper install of Samba I believe but only for the purposes of this
> > script? I went and installed anyways, but I was greeted
> with another
> > error I don't know how to proceed.
>
> This must be coming from a 'samba-tool' command and the 'samba-tool'
> commands should only be run a DC and you need ALL the samba packages.
>
> > Is this supposed to be a debian only script from Louis? If so my
> > apologizes for wasting your time.
>
> Well, Louis wrote the original script for debian, but I use Devuan and
> there is little in the script that relies on debian, mostly it is just
> 'what is this script running on' ;-)
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On 12/11/2017 11:03 AM, L.P.H. van Belle via samba wrote:

> Hai James,
>
> Can you try this one for me. I corrected and uploaded my latest version.
>
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-setup-checkup.sh
>
> You can wget this one directly.
> You should see ( my sample output )
>
> sudo bash samba-setup-checkup.sh
> Check hostnames : Ok
> Checking detected host ipnumbers from resolv.conf and default gateway
> Ping gateway ip : 192.168.1.1 : Ok
> ping nameserver3: 8.8.8.8 : Ok
> Check ping google dns : 8.8.8.8 : Ok
> Checking file owner..
> -rw-r--r-- root root     /etc/samba/smb.conf
> Checking file owner..
> -rw-r--r-- root root     /etc/samba/lmhosts
> Checking file owner..
> Missing file /etc/samba/smbpasswd
> drwxr-xr-x root root     /usr/bin
> drwxr-xr-x root root     /var/cache/samba
> drwxr-xr-x root root     /usr/lib/x86_64-linux-gnu
> drwxr-xr-x root root     /var/run/samba
> drwxr-x--- root adm      /var/log/samba
> drwxr-xr-x root root     /usr/lib/x86_64-linux-gnu/samba
> drwxr-xr-x root root     /var/run/samba
> drwxr-xr-x root root     /var/lib/samba/private
> drwxr-xr-x root root     /usr/sbin
> drwxr-xr-x root root     /var/lib/samba
> DCS dc1.internal.example.com
> dc2.internal.example.com
> DC1 dc1.internal.example.com
> DC2 dc2.internal.example.com
> Samba AD DC info:             =  detected (command and where to look)
> This server hostname          = dc1 (hostname -s and /etc/hosts and DNS server)
> This server FQDN (hostname)   = dc1.internal.example.com (hostname -f and /etc/hosts and DNS server)
> This server primary dnsdomain = internal.example.com (hostname -d and /etc/resolv.conf and DNS server)
> This server IP address(ses)   = 192.168.1.211  Only one interface detected (hostname -i (-I) and /etc/networking/interfaces and DNS server
> The DC with FSMO roles        = dc1 (samba-tool fsmo show)
> The DC (with FSMO) Site name  = Default-First-Site-Name (samba-tool fsmo show)
> The Default Naming Context    = DC=rotterdam,DC=bazuin,DC=nl (samba-tool fsmo show)
> The Kerberos REALM name used  = internal.example.com    (kinit and /etc/krb5.conf and resolving)
> The Ipadres of DC dc1.internal.example.com        = 192.168.1.1
> The Ipadres of DC dc2.internal.example.com        = 192.168.1.2
> SAMBA_SERVER_ROLE: active directory domain controller
> SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
> SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver
>
>
> And Beter again...  :-P
>
> Greetz,
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:[hidden email]] Namens
>> Rowland Penny via samba
>> Verzonden: maandag 11 december 2017 16:20
>> Aan: [hidden email]
>> Onderwerp: Re: [Samba] DNS issue with clean install of samba
>> 4.5.12-Debian
>>
>> On Mon, 11 Dec 2017 08:51:01 -0500
>> lingpanda101 via samba <[hidden email]> wrote:
>>
>>> On 12/8/2017 2:54 PM, Taylor Hammerling via samba wrote:
>>>> Glad you guys replied, here is my output :D
>>>>
>>>> root@dc1:~# ./samba-setup-checkup.sh
>>>> Check hostnames : Ok
>>>> ./samba-setup-checkup.sh: line 89: [: too many arguments
>>>> Checking detected host ipnumbers from resolv.conf and default
>>>> gateway Ping gateway ip : 172.28.0.1 : Ok
>>>> ping nameserver1: 172.28.255.49 : Ok
>>>> ping nameserver2: 172.28.0.1 : Ok
>>>> Check ping google dns : 8.8.8.8 : Ok
>>>> root@dc1:~#
>>>>
>>>>
>>>> so, everything looks good except for the part that bombs out :D
>>>>
>>>> On Fri, Dec 8, 2017 at 1:43 PM, Rowland Penny via samba <
>>>> [hidden email]> wrote:
>>>>
>>>>> On Fri, 8 Dec 2017 14:25:19 -0500
>>>>> lingpanda101 via samba <[hidden email]> wrote:
>>>>>
>>>>>> On 12/8/2017 1:50 PM, Rowland Penny via samba wrote:
>>>>>>> On Fri, 8 Dec 2017 12:27:30 -0600
>>>>>>> Taylor Hammerling via samba <[hidden email]> wrote:
>>>>>>>
>>>>>>>> Will do, thanks!
>>>>>>>>
>>>>>>> Specifically, go here:
>>>>>>>
>> https://github.com/thctlo/samba4/blob/master/samba-setup-checkup.sh
>>>>>>> Download and run the script and then look at the
>> output, you can
>>>>>>> send the output direct to me if needed and I will see if I can
>>>>>>> spot any problems.
>>>>>>>
>>>>>>> Rowland
>>>>>>>
>>>>>>>
>>>>>> Rowland,
>>>>>>
>>>>>>        Decided to run your script for giggles and I
>> receive a error
>>>>>> ./samba-setup-checkup.sh: line 89: [: too many arguments
>>>>>>
>>>>>>
>>>>> Funnily enough, so do I ;-)
>>>>>
>>>>> it isn't my script, it is Louis's, but I had some input and it
>>>>> looks like I will be having some more.
>>>>>
>>>>> To be continued.......
>>>>>
>>>>> Rowland
>>>>>
>>>>> --
>>>>> To unsubscribe from this list go to the following URL
>> and read the
>>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>>
>>>>
>>> Rowland,
>>>
>>>       Ran again with updated script. Fixed initial error. I will
>>> preface with my OS is Ubuntu 14.05.5 LTS. This script should still
>>> work, no?
>>>
>>> I did notice I had a error in my resolv.conf. It had details
>>> pertaining to another server. Must of mixed up my SSH window. Fixed
>>> and ran again but threw an error with my /etc/krb.conf.conf
>> file. Not
>>> really an error but a change I knew I made to it.
>>>
>>> dns_lookup_realm = true
>>>
>>> I reverted the change just to satisfy the script, but it
>> continues to
>>> report the prior discrepancy I believe.
>>>
>>> Incorrect '/etc/krb5.conf' file.
>>> Expected:
>>> [libdefaults]
>>>           default_realm = DOMAIN.LOCAL
>>>           dns_lookup_realm = false
>>>           dns_lookup_kdc = true
>>>
>>> Got:
>>> [libdefaults]
>>>           default_realm = DOMAIN.LOCAL
>>>           dns_lookup_realm = false
>>>           dns_lookup_kdc = true
>>>
>>> Is their a cache I'm not aware of because these two look identical
>>> now? I then get a legitimate error
>> No, there isn't a cache, it reads /etc/krb5.conf every time the script
>> is run. The two files do seem identical, but the script checks if the
>> file exists, checks how many lines (should be 4), is there a
>> '[libdefaults]' line, what REALM is being used, is 'lookup_realm' set
>> to 'false' and is 'lookup_kdc' set to 'true', the krb5.conf
>> should only
>> be displayed if at least one of these is incorrect.
>>
>>> ldb: unable to stat module /usr/lib/x86_64-linux-gnu/samba/ldb : No
>>> such file or directory
>>>
>>> I didn't have samba-dsdb-modules installed. It isn't
>> necessary for a
>>> proper install of Samba I believe but only for the purposes of this
>>> script? I went and installed anyways, but I was greeted
>> with another
>>> error I don't know how to proceed.
>> This must be coming from a 'samba-tool' command and the 'samba-tool'
>> commands should only be run a DC and you need ALL the samba packages.
>>
>>> Is this supposed to be a debian only script from Louis? If so my
>>> apologizes for wasting your time.
>> Well, Louis wrote the original script for debian, but I use Devuan and
>> there is little in the script that relies on debian, mostly it is just
>> 'what is this script running on' ;-)
>>
>> Rowland
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>
Louis,

     Still receiving this error.

./samba-setup-checkup.sh: line 87: [: too many arguments

I then get this error

Checking file owner..
Missing file /usr/local/samba/private/smbpasswd

Followed by this error

drwxr-xr-x root root     /usr/local/samba/var/locks
ERROR(<type 'exceptions.AttributeError'>): uncaught exception -
'NoneType' object has no attribute 'canonical_str'

   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line 175, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
415, in run
     forest_dn = samba.dn_from_dns_name(samdb.forest_dns_name())
   File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 655, in
forest_dns_name
     return forest_dn.canonical_str().split('/')[0]


Everything else completes as normal.



--
--
James


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
In reply to this post by Samba - General mailing list
Hai Mike,

I post it to the list so everybody can learn from it.

> Why you use "hostname -i" ?
man hostname wil tell.. But i'll try to explain it a bit.
Read the Description, its also about how the hostnames are resolved within the systemfuntions.
Like gethostname and gethostbyname

> root@ad51:~# hostname -i
> 127.0.0.1
> root@ad51:~# hostname -I
> 172.16.214.151

Hostname -i , works only if the hostname can be resolved.
Hostname -I , Displays all network addresses of the host. ( but not 127.0.0.1 )
Now remembering that.

Imo, hostname -i and hostname -I should imo not resolve to localhost/127.0.0.1/::1
If thats the case then your resolving might be faulty.

What is localhost.
localhost = 127.0.0.1
localhost = ::1
Localhost.localdomain = 127.0.0.1
ip6-localhost ip6-loopback = ::1

Last, but this one should be in the DNS zone.
localhost.primary.domain.tld = 127.0.0.1

The following.
/etc/hostname contains name of the machine, as known to applications that run locally.

/etc/hosts and DNS associate names with IP?addresses.
And myname may be mapped to whichever IP?address the machine can access itself, but mapping it to 127.0.0.1 is unæsthetic.
Not /etc/hosts, but /bin/hostname serves another function with -f because /etc/hosts can override the common sense.


Now per example.

A good /etc/hosts = (empty)  but then you must have a dns server running.
A minimal /etc/hosts only has :
127.0.0.1       localhost
::1    localhost ip6-localhost ip6-loopback

And as extra with dhcp (optional)
127.0.1.1       hostname hostname.localdomain
Or
127.0.0.1       localhost hostname hostname.localdomain ( not recommended )

Or bit more.
192.168.0.1 computername.internal.domain.tld
1.2.3.4 computername.domain.tld

Basicly any FQDN must be resolvable where it is used.

Now a practical use, like a webserver.
Lets say you have this in /etc/hosts
127.0.0.1       localhost
::1    localhost ip6-localhost ip6-loopback
192.168.0.1 computername.internal.domain.tld
1.2.3.4 computername.domain.tld

In this case i setup a minimal of 4 ! Virtual hosts.
vhost1: localhost with the ipv6 aliases and ip numbers.
Vhost2: computername.internal.domain.tld and no alias to ipnumbers, optional alias to hostname, but the resolv.conf must me correct also with the primary domain.
Vhost3: computername.domain.tld and no alias to ipnumbers.
Vhost4: 1.2.3.4 as catch all for scriptkiddies that scan ipnumbers, with a page saying use hostnames.
Optional
Vhost5: 192.168.0.1 as catch all for in lan side or add the ip to vhost2.

With such a setup you can split everything there you want to access it, and you can setup you server much more secure with some basic steps.
But thats how i see it, there might be better ways, but this works very good for me.

I hope this helps a bit.

Greetz,

Louis



> -----Oorspronkelijk bericht-----
> Van: Mike Lykov [mailto:[hidden email]]
> Verzonden: vrijdag 15 december 2017 8:47
> Aan: L.P.H. van Belle
> Onderwerp: Re: [Samba] DNS issue with clean install of samba
> 4.5.12-Debian
>
> 11.12.2017 20:03, L.P.H. van Belle via samba ??????????:
> > Hai James,
> >
> > Can you try this one for me. I corrected and uploaded my
> latest version.
> >
> >
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-s
etup-checkup.sh

> >
> > You can wget this one directly.
> > You should see ( my sample output )
>
> Why you use "hostname -i" ?
>
> " Display the network address(es) of the host name. Note that
> this works
> only if the host name can be resolved. Avoid using this option; use
> hostname -I instead. "
>
>      HOST_IP1="$(hostname -i)"
>      HOST_IP2="$(hostname -I)"
>      if [ $HOST_IP1 = $HOST_IP2 ]; then
> ....
>
> With one interface  (+default lo interface) It is writing about
> echo "TODO, not finished"
>          echo "Detected multiple ipnumbers"
>
> beacuse
>
> root@ad51:~# hostname -i
> 127.0.0.1
> root@ad51:~# hostname -I
> 172.16.214.151
>
> --
> Administrator
>
>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On Fri, 15 Dec 2017 09:58:03 +0100
"L.P.H. van Belle via samba" <[hidden email]> wrote:

> Hai Mike,
>
> I post it to the list so everybody can learn from it.
>
> > Why you use "hostname -i" ?
> man hostname wil tell.. But i'll try to explain it a bit.
> Read the Description, its also about how the hostnames are resolved
> within the systemfuntions. Like gethostname and gethostbyname
>
> > root@ad51:~# hostname -i
> > 127.0.0.1
> > root@ad51:~# hostname -I
> > 172.16.214.151
>
> Hostname -i , works only if the hostname can be resolved.
> Hostname -I , Displays all network addresses of the host. ( but not
> 127.0.0.1 ) Now remembering that.
>
> Imo, hostname -i and hostname -I should imo not resolve to
> localhost/127.0.0.1/::1 If thats the case then your resolving might
> be faulty.
>
> What is localhost.
> localhost = 127.0.0.1
> localhost = ::1
> Localhost.localdomain = 127.0.0.1

There is no such thing as 'localdomain', this is something that
somebody came up with, my suggestion is to not use it.

> ip6-localhost ip6-loopback = ::1
>
> Last, but this one should be in the DNS zone.
> localhost.primary.domain.tld = 127.0.0.1

No it shouldn't. localhost has its own zone, as does 127.0.0.0
(reverse), see /etc/bind/named.conf.default-zones

>
> The following.
> /etc/hostname contains name of the machine, as known to applications
> that run locally.
>
> /etc/hosts and DNS associate names with IP?addresses.
> And myname may be mapped to whichever IP?address the machine can
> access itself, but mapping it to 127.0.0.1 is unæsthetic.
> Not /etc/hosts, but /bin/hostname serves another function with -f
> because /etc/hosts can override the common sense.

/etc/hosts is the old way of doing things (and I mean really old), all
that should be in /etc/hosts is 127.0.0.1 and the computers ipaddress
and what they point to, anything else should be found from dns.

>
>
> Now per example.
>
> A good /etc/hosts = (empty)  but then you must have a dns server
> running. A minimal /etc/hosts only has :
> 127.0.0.1       localhost
> ::1    localhost ip6-localhost ip6-loopback
>
> And as extra with dhcp (optional)
> 127.0.1.1       hostname hostname.localdomain

Nope, this just causes problems, if you have '127.0.1.1' in /etc/hosts,
I would remove it.

> Or
> 127.0.0.1       localhost hostname hostname.localdomain ( not
> recommended )

As in don't use it ;-)

>
> Or bit more.
> 192.168.0.1 computername.internal.domain.tld
> 1.2.3.4 computername.domain.tld
>
> Basicly any FQDN must be resolvable where it is used.

True, but it should just be the computers own info.

>
> Now a practical use, like a webserver.
> Lets say you have this in /etc/hosts
> 127.0.0.1       localhost
> ::1    localhost ip6-localhost ip6-loopback
> 192.168.0.1 computername.internal.domain.tld
> 1.2.3.4 computername.domain.tld

Ah, now this is different, here you are associating another IP with the
computers FQDN, but wouldn't you be better doing this with a CNAME ?

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
See the following.

https://tools.ietf.org/html/rfc6761 
Read 6.3


And
https://tools.ietf.org/html/rfc1537 
Snap: Note that all domains that contain hosts should have a "localhost" A record in them.


Thats what i follow as close as possible.


Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:[hidden email]] Namens
> Rowland Penny via samba
> Verzonden: vrijdag 15 december 2017 11:03
> Aan: [hidden email]
> Onderwerp: Re: [Samba] DNS issue with clean install of samba
> 4.5.12-Debian
>
> On Fri, 15 Dec 2017 09:58:03 +0100
> "L.P.H. van Belle via samba" <[hidden email]> wrote:
>
> > Hai Mike,
> >
> > I post it to the list so everybody can learn from it.
> >
> > > Why you use "hostname -i" ?
> > man hostname wil tell.. But i'll try to explain it a bit.
> > Read the Description, its also about how the hostnames are resolved
> > within the systemfuntions. Like gethostname and gethostbyname
> >
> > > root@ad51:~# hostname -i
> > > 127.0.0.1
> > > root@ad51:~# hostname -I
> > > 172.16.214.151
> >
> > Hostname -i , works only if the hostname can be resolved.
> > Hostname -I , Displays all network addresses of the host. ( but not
> > 127.0.0.1 ) Now remembering that.
> >
> > Imo, hostname -i and hostname -I should imo not resolve to
> > localhost/127.0.0.1/::1 If thats the case then your resolving might
> > be faulty.
> >
> > What is localhost.
> > localhost = 127.0.0.1
> > localhost = ::1
> > Localhost.localdomain = 127.0.0.1
>
> There is no such thing as 'localdomain', this is something that
> somebody came up with, my suggestion is to not use it.
>
> > ip6-localhost ip6-loopback = ::1
> >
> > Last, but this one should be in the DNS zone.
> > localhost.primary.domain.tld = 127.0.0.1
>
> No it shouldn't. localhost has its own zone, as does 127.0.0.0
> (reverse), see /etc/bind/named.conf.default-zones
>
> >
> > The following.
> > /etc/hostname contains name of the machine, as known to applications
> > that run locally.
> >
> > /etc/hosts and DNS associate names with IP?addresses.
> > And myname may be mapped to whichever IP?address the machine can
> > access itself, but mapping it to 127.0.0.1 is unæsthetic.
> > Not /etc/hosts, but /bin/hostname serves another function with -f
> > because /etc/hosts can override the common sense.
>
> /etc/hosts is the old way of doing things (and I mean really old), all
> that should be in /etc/hosts is 127.0.0.1 and the computers ipaddress
> and what they point to, anything else should be found from dns.
>
> >
> >
> > Now per example.
> >
> > A good /etc/hosts = (empty)  but then you must have a dns server
> > running. A minimal /etc/hosts only has :
> > 127.0.0.1       localhost
> > ::1    localhost ip6-localhost ip6-loopback
> >
> > And as extra with dhcp (optional)
> > 127.0.1.1       hostname hostname.localdomain
>
> Nope, this just causes problems, if you have '127.0.1.1' in
> /etc/hosts,
> I would remove it.
>
> > Or
> > 127.0.0.1       localhost hostname hostname.localdomain ( not
> > recommended )
>
> As in don't use it ;-)
>
> >
> > Or bit more.
> > 192.168.0.1 computername.internal.domain.tld
> > 1.2.3.4 computername.domain.tld
> >
> > Basicly any FQDN must be resolvable where it is used.
>
> True, but it should just be the computers own info.
>
> >
> > Now a practical use, like a webserver.
> > Lets say you have this in /etc/hosts
> > 127.0.0.1       localhost
> > ::1    localhost ip6-localhost ip6-loopback
> > 192.168.0.1 computername.internal.domain.tld
> > 1.2.3.4 computername.domain.tld
>
> Ah, now this is different, here you are associating another
> IP with the
> computers FQDN, but wouldn't you be better doing this with a CNAME ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
On Fri, 15 Dec 2017 11:22:06 +0100
"L.P.H. van Belle via samba" <[hidden email]> wrote:

> See the following.
>
> https://tools.ietf.org/html/rfc6761 
> Read 6.3
>
>
> And
> https://tools.ietf.org/html/rfc1537 
> Snap: Note that all domains that contain hosts should have a
> "localhost" A record in them.
>
>
> Thats what i follow as close as possible.
>
>

All of which confirms what I said, just use '127.0.0.1 localhost'
in /etc/hosts along with the computers 'ipaddress fqdn shorthostname'

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: DNS issue with clean install of samba 4.5.12-Debian

Samba - General mailing list
In reply to this post by Samba - General mailing list
15.12.2017 14:02, Rowland Penny via samba пишет:

>> /etc/hosts and DNS associate names with IP?addresses.
>> And myname may be mapped to whichever IP?address the machine can
>> access itself, but mapping it to 127.0.0.1 is unæsthetic.
>> Not /etc/hosts, but /bin/hostname serves another function with -f
>> because /etc/hosts can override the common sense.
>
> /etc/hosts is the old way of doing things (and I mean really old), all
> that should be in /etc/hosts is 127.0.0.1 and the computers ipaddress
> and what they point to, anything else should be found from dns.

I think so too, no need to write own  server name/address in /etc/hosts
by hand if I have (and with AD DC I always have) a domain name server
where that name resolved.

By default after install (debian 9) I have only 127.0.0.1 in /etc/hosts,
but check script counts it as error (-i & -I are different)

Anyway I use some external dns before setup AD DC and switch to DC's own
server after install, no need to modify /etc/hosts from default
"localhost", as far as I think.

--
Mike

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba