[prev in list] [next in list] [prev in thread] [next in thread] 

List:       samba
Subject:    Re: [Samba] Horrible BIND9_DLZ DNS breakage after DC replaced and samba-tool domain demote --remove-
From:       Rowland Penny via samba <samba () lists ! samba ! org>
Date:       2016-08-28 20:57:41
Message-ID: 20160828215741.13c0caf6 () devstation ! samdom ! example ! com
[Download RAW message or body]

On Sun, 28 Aug 2016 21:37:57 +0100
Alex Crow via samba <samba@lists.samba.org> wrote:

> Thanks Rowland, just got back from holidays to see this.
> 
> It's great to have a solution but I don't think these "secret
> incantations" should really be required. Do you agree with this
> sentiment?
> 
> Cheers
> 
> Alex
> 

To a certain extent, yes.

The basics of it is, when you do the join, the new DC has to find
the old DC, but when you first start the new DC, it uses its own
kerberos key to update it own records in AD and so has to connect to
itself. Well that is how it appears to me.

when you provision the first DC, all its records are created during the
provision, I wonder if this could also be done when a new DC is
joined ?

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
[prev in list] [next in list] [prev in thread] [next in thread]