[SOLVED] when testing DNS on making samba as AD

msoma · 01-01-2015, 09:18 AM

I got error during testing DNS, and at the same time whenever i restart my pc the creteria i insert on /etc/resolv.conf changed.

the error is:

host -t SRV _ldap._tcp.test.com
;; connection timed out; trying next origin
_ldap._tcp.test.com.test.com has no SRV record

please help me on this.

dijetlo · 01-01-2015, 04:38 PM

host -t (query DNS records of type) SRV (for) ldap_tcp.test.com ( the ldap server of record at test.com, according to DNS)
connection timed out (couldn't find it)
_ldap_tcp.test.com has no SRV record (there is no recorded/reachable ldap server for tcp.test.com according to the DNS SRV records).

msoma · 01-01-2015, 09:41 PM

i reallly want to know what should do make this server reacheable, i do get it the meaning thanks alot dijetlo, but please guide me through to make things work.

please again, help me guys on this.

thanks.

dijetlo · 01-02-2015, 03:17 AM

OK M, let's start with a known good response to your query.
When I run the command from any two of a variety of instances, I get the same output
"_ldap_tcp.test.com has no SRV record"
When you run it, you get
;; connection timed out; trying next origin
_ldap._tcp.test.com.test.com has no SRV record

The problem is you typed "test.com" twice. Try it again, typing it only once this time.
Is that the problem you wanted solved because the other problem (test.com does not expose it's LDAP SRV records to the internet~assuming they have LDAP SRV records) isn't so much a problem as a standard security practice. You'd have to access the domain over an exposed API or ipsec tunnel in order to access the internal DNS records, why would an external computer need access to Domain LDAP? It's not supposed to access anything over anything other than HTTP until it's joined AD (at which point it gets the internal DNS pointer to the server holding the LDAP record). So normally, the only records you expose are the ones the public will need to access your web interfaces and of course mail (MX).

msoma · 01-02-2015, 10:20 AM

i try type once though before i was typing just as i written once, but i attach a screenshot which shows clear what i face on this and which article i follow to configure this, but i skip step 5 and 6 because i had before the tarball file which is samba-4.1.14 when extracted.
i hope i have narrow down the the source of problem. Also you can see the error of time out connection went off, just after i connect internet, the thing now shows that there are no record at SRV as you get when you tried.

please review the attachment and especially the article which i follow by.

hope you answer me soon. am waiting i really need help.

thank you.

dijetlo · 01-03-2015, 06:48 AM

There is no help.
If you don't have access to a domain running ldap and kerberose services, you can't access the DNS records of those servers. They are not available to you.

msoma · 01-03-2015, 08:35 AM

[SOLVED]
Finaaly it works on testing the DNS,I recognize that whenever i test first error, was using the host name which doesnt exist on a system, secondly was connecting via UTP cable with the client while testing the DNS, but finally try to unplug and use the user already known in a system and the record of SRV appears.

thanks alot about this.