HDDtormentor
Dabbler
- Joined
- Jun 28, 2023
- Messages
- 11
Hi,
I have an Samba 4 AD DC with the internal DNS which seems to work fine so far.
First I joined my TrueNAS, which worked fine. I could access the AD users and groups to create ACEs.
But after some time, it seems to have some problems, as opening the TrueNAS -> Credentials -> Directory Services settings page tells "Active Directory and LDAP are disabled".
Hence, I looked into the documentation and literally the first step fails:
If I understand correctly, I am querying the DNS for . which doesn't deliver a answer. Every other query for entries in my DNS server does.
As googling "." is a kind of senseless endeavour (and yes, I also tried "dns dig dot"), I hoped to get a pointer what my setup is missing.
I read up about NS records and added one for the subdomain hill.eremite.cc, which is my AD domain. But to no avail.
To my understanding, the AD DC internal DNS ns1.hill.eremite.cc should forward the query about "." to the dns forwareder (which is my firtzbox) which should forward it to the CC DNS which should forward it to my AWS Route53 DNS where the zone eremite.cc is hosted.
Only queries for hill.eremite.cc should be answered by my internal ns1.hill.eremite.cc
Am I onto something, or am I barking up the wrong tree?
I have an Samba 4 AD DC with the internal DNS which seems to work fine so far.
First I joined my TrueNAS, which worked fine. I could access the AD users and groups to create ACEs.
But after some time, it seems to have some problems, as opening the TrueNAS -> Credentials -> Directory Services settings page tells "Active Directory and LDAP are disabled".
Hence, I looked into the documentation and literally the first step fails:
Code:
root@tnas-01[/var/log]# dig ; <<>> DiG 9.16.27-Debian <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 55539 ;; flags: qr rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 823f008936a8f29d (echoed) ;; QUESTION SECTION: ;. IN NS ;; Query time: 0 msec ;; SERVER: 10.116.0.20#53(10.116.0.20) ;; WHEN: Fri Jan 12 15:26:58 CET 2024 ;; MSG SIZE rcvd: 40 root@tnas-01[/var/log]#
If I understand correctly, I am querying the DNS for . which doesn't deliver a answer. Every other query for entries in my DNS server does.
As googling "." is a kind of senseless endeavour (and yes, I also tried "dns dig dot"), I hoped to get a pointer what my setup is missing.
I read up about NS records and added one for the subdomain hill.eremite.cc, which is my AD domain. But to no avail.
To my understanding, the AD DC internal DNS ns1.hill.eremite.cc should forward the query about "." to the dns forwareder (which is my firtzbox) which should forward it to the CC DNS which should forward it to my AWS Route53 DNS where the zone eremite.cc is hosted.
Only queries for hill.eremite.cc should be answered by my internal ns1.hill.eremite.cc
Am I onto something, or am I barking up the wrong tree?
