I'm having the same issue for some time now ... (not sure when it started). I've going over and over these settings but cannot find waht is wrong (it used to work at some point).
My config is a follows (my apologies if it is a bit too long):
Zentyal 5.0 Development Edition
System
General - Hostname and Domanin
Hostname zentyal
Domain myname.mydomain.org
Network
Interfaces
eth0 DHCP External (WAN)
eth1 Static 192.168.122.1/23
wlan0 not set (I run on an old laptop)
DNS - Search Domain
Domain myname.mydomain.org
Objects
fixed_addresses (members set manually)
LAN Name 192.168.122.0-123.255
IP address 192.168.122.0-192.168.122.123.255
MAC address --
openVPN-eth1-192.168.122.0-23 <-- readonly
openVPN-wlan0-192.168.0.0-24 <-- readonly ? used to be the wlan0
Domain
[ modules Domain Controller and File Sharing not enabled ]
Settings
Server Role Domain Controller
Realm myname.mydomain.org
NetBIOS domain name myname
NetBIOS computer name (fixed to) zentyal
Server Description Zentyal Server
Enable Roaming Profiles unchecked
Drive letter H:
File Sharing
[ modules Domain Controller and File Sharing not enabled ]
Enabled | Share | Share | Comment | Guest | Acces control
| name | path | | access |
--------+--------+-------+---------+-----------+-------------------------------------
checked | aname1 | path1 | Comment | unchecked | Group: Domain Users - Read Only
| | | | | User: Me - Administrator
--------+--------+-------+---------+-----------+-------------------------------------
checked | aname2 | path2 | Comment | unchecked | Group: Domain Users - Read Only
| | | | |
--------+--------+-------+---------+-----------+-------------------------------------
DNS
Settings - Enable transparent DNS cache checked
Forwarders - none set
Domains *
domain | Domain IP | Hostnames | Name Servers | TXT records | Services | Dynamic
| Addresses | | | |
--------------------+---------------+-----------+---------------+-------------+----------+---------
myname.mydomain.org | 192.168.122.1 | manually |Hostname | kerberos related and |
| | set ** | [This domain] | set by Zentyal | yes
| | | [zentyal] *** | |
--------------------+---------------+-----------+---------------+-------------+----------+---------
* no Mail Exchange Servers
** e.g. zentyal 192.168.122.1
other 192.168.122.132
*** from list of manually set hostnames
DHCP
Interfaces
Enabled checked
Interface eth1
Configuration
[Tab] Common Options
Default gateway Zentyal
Search domain Zentyal domain - myname.mydomain.org
Primary nameserver local Zentyal DNS
Secondary nameserver not set
NTP server local Zentyal NTP
WINS server local Zentyal
[Tab] Dynamic DNS Options
Enabled checked
Dynamic Domain myname.mydomain.org
Static domain same as Dynamic Domain
[Tab] Advanced options
Lease times
Default leased time 1800 s
Maximumum leased time 7200 s
DHCP ranges (not set-able)
Interface IP address 192.168.122.1
Subnet 192.168.122.0/23
Available range 192.168.122.1 - 192.168.123.254
Ranges
Name From To
DHCP 192.168.122.16 192.168.122.127
Fixed addresses
Object Description
fixed_addresses fixed addresses Network objects
When I make a change, I save and either reboot or restart the DNS DHCP services from the Dashboard. For the client (other) I renew the dhcp lease before testing (but all to no avail).
I also have a external dynamic dns service that points to my external IP address: so from a host outside my local network:
[me@somewhere_else ~]$ dig myname.mydomain.org
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> myname.mydomain.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33578
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;myname.mydomain.org. IN A
;; ANSWER SECTION:
myname.mydomain.org. 17 IN A xxx.yyy.zzz.www [obfuscated]
;; Query time: 0 msec
;; SERVER: 172.16.150.1#53(172.16.150.1)
;; WHEN: Sat Mar 14 15:45:39 CET 2020
;; MSG SIZE rcvd: 62
inside my local network dhcpd set /etc/resolv.conf
[me@other~]$ cat /etc/resolv.conf
# Generated by NetworkManager
search myname.mydomain.org
nameserver 192.168.122.1
When asking for just the zentyal:
[me@other ~]$ dig zentyal
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> zentyal
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4632
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zentyal. IN A
;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020031400 1800 900 604800 86400
;; Query time: 197 msec
;; SERVER: 192.168.122.1#53(192.168.122.1)
;; WHEN: Sat Mar 14 15:38:18 CET 2020
;; MSG SIZE rcvd: 111
or when using the FQDN for zentyal:
[me@other ~]$ dig zentyal.myname.mydomain.org
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> zentyal.durodie.no-ip.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36324
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zentyal.durodie.no-ip.org. IN A
;; Query time: 1 msec
;; SERVER: 192.168.122.1#53(192.168.122.1)
;; WHEN: Sat Mar 14 15:42:45 CET 2020
;; MSG SIZE rcvd: 54
So no answer, external addresses work
[me@other ~]$ dig google.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26730
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 300 IN A 172.217.17.142
;; AUTHORITY SECTION:
google.com. 172525 IN NS ns4.google.com.
google.com. 172525 IN NS ns2.google.com.
google.com. 172525 IN NS ns1.google.com.
google.com. 172525 IN NS ns3.google.com.
;; ADDITIONAL SECTION:
ns1.google.com. 172502 IN A 216.239.32.10
ns1.google.com. 172502 IN AAAA 2001:4860:4802:32::a
ns2.google.com. 172502 IN A 216.239.34.10
ns2.google.com. 172502 IN AAAA 2001:4860:4802:34::a
ns3.google.com. 172502 IN A 216.239.36.10
ns3.google.com. 172502 IN AAAA 2001:4860:4802:36::a
ns4.google.com. 172502 IN A 216.239.38.10
ns4.google.com. 172502 IN AAAA 2001:4860:4802:38::a
;; Query time: 22 msec
;; SERVER: 192.168.122.1#53(192.168.122.1)
;; WHEN: Sat Mar 14 15:40:35 CET 2020
;; MSG SIZE rcvd: 303
There is also something I else that is really mysterious:
when I am connected with openvpn to somewhere_else (see above) I got the correct answer from somewhere_else's (local) dns server 172.16.150.1. BUT when I ask for
[me@other:~]$ dig @8.8.8.8 myname.mydomain.org
I do not get an answer. However when I do exactly the same somewhere_else I get the correct answer ...
I would appreciate if someone could explain this and point me in the correct direction.
Thanks.