[Samba] Samba 4.2.14 Group Policy (GPO) sync error
rme at bluemail.ch
rme at bluemail.ch
Tue Aug 9 21:50:00 UTC 2016
> You may find other left over records in
> DnsDomainZones/ForestDnsZones/GC.msdcs. On my test system where i create
> eth0:0 interfaces with different ip's on a regular basis i found alot of
> leftovers (seems they do not cause problems here).
I couldn't actually spot something strange. I also watched the query log
during gpupdate and didn't find anything special there.
On a Windows 7 Pro VM I installed (note, it's in the untrusted
10.0.2.0/24 network) I see the following BIND logs on connect:
09-Aug-2016 23:18:24.585 database: info: samba_dlz: committed
transaction on zone ad.cyberdyne.local
09-Aug-2016 23:18:24.654 database: info: samba_dlz: starting transaction
on zone ad.cyberdyne.local
09-Aug-2016 23:18:24.655 update-security: error: client 10.0.2.95#57343:
view internal: update 'ad.cyberdyne.local/IN' denied
09-Aug-2016 23:18:24.655 database: info: samba_dlz: cancelling
transaction on zone ad.cyberdyne.local
09-Aug-2016 23:18:24.656 database: info: samba_dlz: starting transaction
on zone ad.cyberdyne.local
09-Aug-2016 23:18:24.658 database: info: samba_dlz: allowing update of
signer=cyb64w7-test\$\@AD.CYBERDYNE.LOCAL
name=CYB64W7-TEST.ad.cyberdyne.local tcpaddr= type=AAAA
key=316-ms-7.3-7c5a71.894664bf-5e64-11e6-3d8b-080027eead7d/160/0
09-Aug-2016 23:18:24.660 database: info: samba_dlz: allowing update of
signer=cyb64w7-test\$\@AD.CYBERDYNE.LOCAL
name=CYB64W7-TEST.ad.cyberdyne.local tcpaddr= type=A
key=316-ms-7.3-7c5a71.894664bf-5e64-11e6-3d8b-080027eead7d/160/0
09-Aug-2016 23:18:24.662 database: info: samba_dlz: allowing update of
signer=cyb64w7-test\$\@AD.CYBERDYNE.LOCAL
name=CYB64W7-TEST.ad.cyberdyne.local tcpaddr= type=A
key=316-ms-7.3-7c5a71.894664bf-5e64-11e6-3d8b-080027eead7d/160/0
09-Aug-2016 23:18:24.662 update: info: client 10.0.2.95#63502/key
cyb64w7-test\$\@AD.CYBERDYNE.LOCAL: view internal: updating zone
'ad.cyberdyne.local/NONE': deleting rrset at
'CYB64W7-TEST.ad.cyberdyne.local' AAAA
09-Aug-2016 23:18:24.662 update: info: client 10.0.2.95#63502/key
cyb64w7-test\$\@AD.CYBERDYNE.LOCAL: view internal: updating zone
'ad.cyberdyne.local/NONE': deleting rrset at
'CYB64W7-TEST.ad.cyberdyne.local' A
09-Aug-2016 23:18:24.664 database: info: samba_dlz: subtracted rdataset
CYB64W7-TEST.ad.cyberdyne.local 'CYB64W7-TEST.ad.cyberdyne.local.
1200 IN A 10.0.2.95'
09-Aug-2016 23:18:24.665 update: info: client 10.0.2.95#63502/key
cyb64w7-test\$\@AD.CYBERDYNE.LOCAL: view internal: updating zone
'ad.cyberdyne.local/NONE': adding an RR at
'CYB64W7-TEST.ad.cyberdyne.local' A 10.0.2.95
09-Aug-2016 23:18:24.668 database: info: samba_dlz: added rdataset
CYB64W7-TEST.ad.cyberdyne.local 'CYB64W7-TEST.ad.cyberdyne.local.
1200 IN A10.0.2.95'
09-Aug-2016 23:18:24.677 database: info: samba_dlz: committed
transaction on zone ad.cyberdyne.local
Expect the line about update-security (line 3) it looks like the records
get updated properly. I am also able to forward- and reverse-lookup the
node.
I just did a complete Wireshark dump of a gpupdate process on my Windows
10 machine too. You can find it here:
<https://dl.dropboxusercontent.com/u/2015365/gpupdate.pcapng>
I also did an ipconfig /flushdns just before the capture.
Thank you
Rainer
More information about the samba
mailing list