I will report here...
And here it comes for approach #1: only re-install zentyal-samba. This is a long post, just to document whats happening. It boils down to the question in the last line...
apt-get --purge remove zentyal-samba
No additional manual cleanup done.
<reboot> should not be necessary, but...
Re-Install File Sharing and Domain Services 3.0.6 via web interface. Activate module.
Zone file
/etc/bind/db.neo.lan is gone!
dig SRV _kerberos._tcp.neo.lan # works correctly!
;; ANSWER SECTION:
_kerberos._tcp.neo.lan. 900 IN SRV 0 100 88 zen.neo.lan.
Testing DNS module: add one host entry with one IP address. Save.
Works (without wrongly re-creating that zone file)
<reboot> just for testing (I did reboot three days ago. Maybe the problem rised then.)
No problem.
Windows 7: leave domain/reboot/join:
missing SRV record _ldap._tcp.dc._msdcs.neo.lan.
The error message is human readable but not exactly correct. The entry is there but it has the same problem as _kerberos had: it points to the wrong instance:
dig SRV _ldap._tcp.dc._msdcs.neo.lan
_ldap._tcp.dc._msdcs.neo.lan. 900 IN SRV 0 100 389 zen.neo.lan.
Trying:
Disabling User and Groups (disables File Sharing and User Area). Save.
/etc/init.d/zentyal restart
Enable modules. Save.
No change regarding 389//390
Conclusion: the problem with _kerberos has been solved by re-installing zentyal-samba. The same problem with _ldap is not. My workaround by adding that record manually (I did that only because the zone file was present!) is not possible anymore and would not be the correct solution anyway.
A look into my backups shows that the obviously not-to-be-present zone file was just created 3 days ago. Before that point in time it was not present. This host is up and running (but idling) for 6 weeks now. Unfortunately I am absolutely not sure what I did that day. The only service I want this box for is Samba. Only dependencies are installed, no other Zentyal services. But I
did install some additional packages outside Zentyal (zabbix-agent, munin, ubuntu-zfs...).
I hesitate to purge/re-install zentyal-dns because I would lose all my (actually only few, but...) users.
Is there another way to trigger re-initialization of those SRV records?Best regards
Edited/added the next day:
~# apt-get --purge remove zentyal-dns # removes zentyal-dns* zentyal-samba* zentyal-usercorner* zentyal-users*
<reboot>
Install "File Sharing and Domain Services" via web frontend
DNS:
Add Domain "neo.lan".
Domain IP Addresses and one Host entry are generated automatically. No manual extension necessary.
Add Forwarders.
Activate module / Save changes.
This creates a file /etc/bind/db.neo.lan which existence is questionable. The file is empty except one single host A record for the Zentyal box itself. But Samba is not activated yet...
Users and Groups
Try to re-create groups - FAILES "Group already exist" error. Seems that "apt-get --purge" did not do a good job?
Activate module
All Users and all Groups are visible now. Learned lesson: turn on the module before using it ;-)
File sharing
Activate module
Save changes
The zone file /etc/bind/db.neo.lan is gone again.
root@zen:~# dig SRV _kerberos._tcp.neo.lan | grep -A1 ANSWER\ SECTION
;; ANSWER SECTION:
_kerberos._tcp.neo.lan. 900 IN SRV 0 100 88 zen.neo.lan.
root@zen:~# dig SRV _ldap._tcp.dc._msdcs.neo.lan | grep -A1 ANSWER\ SECTION
;; ANSWER SECTION:
_ldap._tcp.dc._msdcs.neo.lan. 900 IN SRV 0 100 389 zen.neo.lan.
So this did not solve the problem.
Why not?
Edited/added after another some hours of trial and error:
It works! - I can join a Windows 7 client.
Unfortunately I am not sure what happened. Basically all I did since yesterday is another reboot of the Zentyal box and the Windows 7 client.