Hello, I'm running a few tests here with two locations. site1: server-site1.gsg.local subnet 192.168.200.0/24 site2: server-site2.gsg.local subnet 192.168.190.0/24 both are connected via VPN. I migrated an samba3 domain at server-site1 it gets Default-First-Site-Name assigned. Then I joined the new samba4 domain withe server-site2. Both servers work and i can join and access them with clients at both locations. I created reverse zones for both subnets and added the required static entries. Then I created an new site (name site2) and two subnets with MS AD Site Management. I assigned subnet 192.168.200.0/24 to the site "Default-First-Site-Name" and subnet 192.168.190.0/24 to the site "site2". And moved server-site2 from Default-First-Site-Name to site2. Machines at site1 randomly picked server-site2 for logins. On site2 they always picked server-site2. So I deleted a few DNS records. _ldap._tcp.Default-First-Site-Name._sites.gsg.local SRV site2.gsg.local _kerberos._tcp.Default-First-Site-Name._sites.gsg.local SRV site2.gsg.local _gc._tcp.Default-First-Site-Name._sites.gsg.local SRV site2.gsg.local _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.gsg.local SRV site2.gsg.local And after an samba restart also _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site2.gsg.local _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site2.gsg.local Afterwards machines at site1 also chose server-site1 most of the time. Hope i can optimize the behaviour of logon server choosing abit more but it happened really seldom and it all ran virtualized with 1GB bandwidth for the VPN connection, which will be 1-2MBit once in production. As an last step i renamed the site "Default-First-Site-Name" into "site1". Restarted the samba services at both sites check replication. But there are still a few DNS entries left whom i deleted manual. _ldap._tcp.Default-First-Site-Name._sites.gsg.local SRV site1.gsg.local _kerberos._tcp.Default-First-Site-Name._sites.gsg.local SRV site1.gsg.local _gc._tcp.Default-First-Site-Name._sites.gsg.local SRV site1.gsg.local _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.gsg.local SRV site1.gsg.local _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site1.gsg.local _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.gsg.local SRV site1.gsg.local So there are no more (visible) entries left in Default-First-Site-Name._sites.gsg.local Default-First-Site-Name._sites.gc._msdcs.gsg.local Default-First-Site-Name._sites.dc._msdcs.gsg.local But the structure remains an can not be deleted. (things like _tcp.Default-First-Site-Name._sites.gsg.local). Things still seem to work at both sites but i'm curious if these leftovers can be completely removed.
After abit more testing i can describe the problem easier. if an server is moved into another site or a site gets renamed, the service SRV records whom point to the old server/site remain.
this issue seems to be fixed in 4.7rc4 (but still there in 4.6). samba_dnsupdate deletes old SRV records before creating new ones. After moving a server from a site to the other: [root@srvads.ad.tranq ~]# samba_dnsupdate --use-samba-tool Record deleted successfully Record deleted successfully Record deleted successfully Record deleted successfully Record deleted successfully Record deleted successfully Record deleted successfully Record deleted successfully Record added successfully Record added successfully Record added successfully Record added successfully Record added successfully Record added successfully Record added successfully Record added successfully Rebuilding cache at /usr/local/samba/private/dns_update_cache
This is fixed in current releases