While trying to create a new Samba AD domain on a Debian 11 (Bullseye, the recent stable release) the SRV record verification step shows rather odd results. Debian ships systemd service files. samba --version Version 4.13.5-Debian systemctl disable smbd nmbd winbind ; systemctl unmask samba-ad-dc ; systemctl enable samba-ad-dc Attempt to follow, with corrections for Debian specific paths. https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller systemctl stop samba-ad-dc rm -r /run/samba/*.?db /var/cache/samba/*.?db /var/lib/samba/*.?db /var/lib/samba/private/*.?db Can samba-tool purge every storage and configuration file samba uses, to make this distribution path customization friendly? samba-tool \ domain provision \ --use-rfc2307 \ --realm=AD.AN-EXAMPLE.ORG --domain=AD \ --server-role=dc --dns-backend=SAMBA_INTERNAL \ --option="interfaces=lo eth0" --option="bind interfaces only=yes" \ --adminpass=complexPassCanWeUseAPasswordFileOrFifoPlease_404 \ --host-ip=10.0.0.1 --host-ip6=fd00::1 2>&1 | tee /root/samba-tool-provision.txt ;\ systemctl start samba-ad-dc ;\ host -t SRV _ldap._tcp.ad.some-example.org ; host -t SRV _kerberos._udp.ad.some-example.org INFO 2021-11-13 07:44:02,606 pid:1262 /usr/lib/python3/dist-packages/samba/provision/__init__.py #489: Once the above files are installed, your Samba AD server will be ready to use INFO 2021-11-13 07:44:02,606 pid:1262 /usr/lib/python3/dist-packages/samba/provision/__init__.py #494: Server Role: active directory domain controller INFO 2021-11-13 07:44:02,606 pid:1262 /usr/lib/python3/dist-packages/samba/provision/__init__.py #495: Hostname: ad-ex1 INFO 2021-11-13 07:44:02,606 pid:1262 /usr/lib/python3/dist-packages/samba/provision/__init__.py #496: NetBIOS Domain: AD INFO 2021-11-13 07:44:02,606 pid:1262 /usr/lib/python3/dist-packages/samba/provision/__init__.py #497: DNS Domain: ad.an-example.org INFO 2021-11-13 07:44:02,607 pid:1262 /usr/lib/python3/dist-packages/samba/provision/__init__.py #498: DOMAIN SID: S-1-5-21-2172881671-1179165834-3163489631 The exact results have been replaced with synthetic re-creations that are similar to what I'm seeing with the real FQDN. The part before the DNS Domain is _exactly_ 15 characters long. Note the strange truncated repetition in the SRV records. _ldap._tcp.ad.an-example.org has SRV record 0 100 389 ad-ex1.ad.an-ex.ad.some-example.org. _kerberos._udp.ad.an-example.org has SRV record 0 100 88 ad-ex1.ad.an-ex.ad.some-example.org. If this is the result of user error please let me know where I've misunderstood the documentation (and hopefully someone can fix that). If this is a bug that was resolved in a newer version, I'll see how that compares to Debian packages in different versions and try to figure out a decision.
Mostly operator error, though Samba's setup script should really print the values it's using which would have clued me in on this. Debian, now with SystemD doesn't let you just update /etc/hostname and reboot. If you do that you get everything that does things the old way speaking correctly, but then something pings dbus or whatever and unexpected results happen. Now you have to update /etc/hostname (I think still) AND must also update an entirely obtuse configuration database parallel to the infrastructure that's existed for decades, even though the old stuff is still there and hasn't been replaced. root@ad-ex1:~# hostnamectl Static hostname: ad-ex1 Transient hostname: ad-ex1.ad.an-example.org Icon name: computer-vm Chassis: vm Machine ID: Boot ID: Virtualization: kvm Operating System: Debian GNU/Linux 11 (bullseye) Kernel: Linux 5.10.0-9-cloud-amd64 Architecture: x86-64 root@ad-ex1:~# hostnamectl set-hostname ad-ex1 root@ad-ex1:~# hostnamectl Static hostname: ad-ex1 Icon name: computer-vm Chassis: vm Machine ID: Boot ID: Virtualization: kvm Operating System: Debian GNU/Linux 11 (bullseye) Kernel: Linux 5.10.0-9-cloud-amd64 Architecture: x86-64 I happened to see the hostname in tmux while staring blankly at my screen tonight and went "wait, that's not right" at the quoted name.