Here is my current samba AD DC config, after removing the signing option:
# Global parameters [global] workgroup = SAMDOM realm = samdom.example.com netbios name = FILESERV2 server role = active directory domain controller server services = -dns
os level = 70
idmap_ldb:use rfc2307 = yes allow dns updates = nonsecure #dns forwarder = 192.168.6.3 load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes panic action = /usr/share/samba/panic-action %d
[netlogon] path = /var/lib/samba/sysvol/samdom.example.com/scripts read only = No
[sysvol] path = /var/lib/samba/sysvol read only = No
Very simple, as you can see. I use bind9.9 and samba_dlz, and DNS resolution has worked perfectly for over a year.
Here is my current samba AD DC config, after removing the signing option:
# Global parameters
[global]
workgroup = SAMDOM
realm = samdom.example.com
netbios name = FILESERV2
server role = active directory domain controller
server services = -dns
os level = 70
allow dns updates = nonsecure
#dns forwarder = 192.168.6.3
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
panic action = /usr/share/
[netlogon] samba/sysvol/ samdom. example. com/scripts
path = /var/lib/
read only = No
[sysvol] samba/sysvol
path = /var/lib/
read only = No
Very simple, as you can see. I use bind9.9 and samba_dlz, and DNS resolution has worked perfectly for over a year.