Dois Samba-4.3.4 atuando como controladores de domínio. Rede está OK, os clientes estão logados, o domínio funciona OK.
Mas no segundo DC estão os próximos erros de repetição no syslog:
Jan 23 15:39:57 aurora samba[7611]: [2017/01/23 15:39:57.605556, 0] ../source4/dsdb/dns/dns_update.c:295(dnsupdate_nameupdate_done)
Jan 23 15:39:57 aurora samba[7611]: ../source4/dsdb/dns/dns_update.c:295: Failed DNS update - NT_STATUS_TOO_MANY_OPENED_FILES
Primeiro DC (192.168.0.1) DC1: smb.conf:
[global]
workgroup = WG
realm = WG.LOCAL
netbios name = DC1
server role = active directory domain controller
idmap config WG:default = yes
idmap config * : backend = tdb
idmap config * : base_rid = 0
idmap config * : range = 300000-400000
idmap config WG:schema_mode = rfc2307
idmap_ldb:use rfc2307 = yes
syslog only = 1
log level =0 vfs:1
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = yes
#acl_xattr:ignore system acls = yes
nsupdate command = /usr/local/samba/sbin/samba_dnsupdate
[netlogon]
path = /usr/local/samba/var/locks/sysvol/wg.local/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
resolv.conf:
domain wg.local
search wg.local
nameserver 127.0.0.1
nameserver 192.168.0.1
hosts
192.168.0.1 dc1.wg.local localhost localhost.localdomain dc1
192.168.0.2 dc2.wg.local localhost localhost.localdomain dc2
========
Segundo DC (192.168.0.2) DC2:
smb.conf
[global]
workgroup = WG
realm = WG.LOCAL
netbios name = DC2
server role = active directory domain controller
idmap config WG:default = yes
idmap config * : backend = tdb
idmap config * : base_rid = 0
idmap config * : range = 300000-400000
idmap config WG:schema_mode = rfc2307
idmap_ldb:use rfc2307 = yes
syslog only = 1
log level = 1.
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = yes
allow dns updates = nonsecure and secure.
nsupdate command = /usr/local/samba/sbin/samba_dnsupdate
[netlogon]
path = /usr/local/samba/var/locks/sysvol/wg.local/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
resolv.conf
# Tried regular and capital letters - no matter...
domain WG.LOCAL
search WG.LOCAL
nameserver 192.168.0.1
nameserver 192.168.0.2
hosts
192.168.0.1 dc1.wg.local DC1
192.168.0.2 dc2.wg.local DC2
O que há de errado, por que as atualizações de DNS não podem ser feitas?