[Samba] Configure DHCP to update DNS records problem [FIXED]
Chris Nighswonger
samba-list at foundations.edu
Wed Aug 2 18:46:19 UTC 2023
In the off chance that someone else is in a position of forced usage of an older system, here is the solution that worked for me:
Change line 134 to read
KTYPE="--kerberos=yes"
I'm not a shell guru, but my guess is that something was choking on the space in "-k yes". Maybe due to age.
Thanks to Rowland for the script and for making me determined to make it work for my use-case.
Kind regards,
Chris
----- Original Message -----
From: "samba" <samba at lists.samba.org>
To: "samba" <samba at lists.samba.org>
Sent: Wednesday, August 2, 2023 12:14:58 PM
Subject: [Samba] Configure DHCP to update DNS records problem
Hello all,
After several days of working on this, I'm stuck. Hopefully someone can point out what I'm missing here.
I'm working with this script to dynamically update my Samba AD DC DNS:
https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records
Short of it:
The script does not update the DNS records due to samba-tool failing for some unknown reason.
Long of it:
1. As seen below, the script runs as the dhcpd user.
2. samba-tool executes fine using kerberos when su'ed as the dhcpd user.
3. However, the samba-tool calls inside the script fail.
Notes:
1. I've added a few additional logger lines for my own debugging sanity.
2. The DHCP server runs on a separate box from the AD DC server.
3. I'm using a user map entry to map the AD user 'dhcpduser' to the system user 'dhcpd'.
Version info:
root at S1:/etc/dhcp (master)# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.6 LTS
Release: 14.04
Codename: trusty
root at S1:/etc/dhcp (master)# samba-tool -V
4.3.11-Ubuntu
root at S1:/etc/dhcp (master)# /usr/sbin/dhcpd --version
isc-dhcpd-4.2.4
Relevant syslog entries:
Aug 2 10:22:53 S1 dhcpd: execute_statement argv[0] = /usr/local/bin/dhcp-dyndns.sh
Aug 2 10:22:53 S1 dhcpd: execute_statement argv[1] = add
Aug 2 10:22:53 S1 dhcpd: execute_statement argv[2] = 192.168.x.x
Aug 2 10:22:53 S1 dhcpd: execute_statement argv[3] = b8:41:a4:xx:xx:xx
Aug 2 10:22:53 S1 dhcpd: execute_statement argv[4] = iPhone
Aug 2 10:22:54 S1 logger: 02-08-23 10:22:54 [dyndns] : Running check for valid kerberos ticket
Aug 2 10:22:54 S1 logger: I am uid=105(dhcpd) gid=111(dhcpd) groups=111(dhcpd)
Aug 2 10:22:54 S1 logger: /usr/bin/samba-tool dns query dc1.foo.bar foo.bar iPhone A -k yes
Aug 2 10:22:55 S1 logger: Results: 0
Aug 2 10:22:55 S1 logger: A_REC:
Aug 2 10:22:55 S1 logger: 'A' record changed, updating record.
Aug 2 10:22:55 S1 logger: /usr/bin/samba-tool dns delete dc1.foo.bar foo.bar iPhone A -k yes
Aug 2 10:22:55 S1 logger: /usr/bin/samba-tool dns add dc1.foo.bar foo.bar iPhone A 192.168.x.x -k yes
Aug 2 10:22:56 S1 logger: /usr/bin/samba-tool dns zonelist dc1.foo.bar -k yes --reverse
Aug 2 10:22:56 S1 logger: ReverseZones:
Aug 2 10:22:57 S1 logger: No reverse zone found, not updating
Aug 2 10:22:57 S1 logger: RESULTS: 2:2:0:0
Aug 2 10:22:57 S1 logger: count: 1
Aug 2 10:22:57 S1 logger: DHCP-DNS add failed: 2:2:0:0
Aug 2 10:22:57 S1 dhcpd: execute: /usr/local/bin/dhcp-dyndns.sh exit status 256
root at S1:/etc/dhcp (master)# ps -ef | egrep -i samba-tool
dhcpd 13461 13460 0 10:21 ? 00:00:00 /usr/bin/python2.7 /usr/bin/samba-tool dns zonelist dc1.foo.bar -k yes --reverse
root at S1:/etc/dhcp (master)# su dhcpd
dhcpd at S1:/etc/dhcp$ id
uid=105(dhcpd) gid=111(dhcpd) groups=111(dhcpd)
dhcpd at S1:/etc/dhcp$ /usr/bin/python2.7 /usr/bin/samba-tool dns zonelist dc1.foo.bar -k yes --reverse
6 zone(s) found
pszZoneName : x.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.foo.bar
pszZoneName : x.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.foo.bar
pszZoneName : x.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.foo.bar
pszZoneName : x.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.foo.bar
pszZoneName : x.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.foo.bar
pszZoneName : x.168.192.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.foo.bar
dhcpd at S1:/etc/dhcp$ exit
Kind regards,
Chris
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list