[Samba] DDNS with Bind
Rowland Penny
rpenny at samba.org
Mon Dec 26 18:19:33 UTC 2016
On Mon, 26 Dec 2016 18:24:25 +0100
Stefan Kania via samba <samba at lists.samba.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello,
> I try to set up a ADDC with bind9 and dhcp-Server for dynamic
> DNS-updates. I followd the wiki:
> https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_wi
> th_BIND9
>
> My problem is, that the PTR Record will not be updated, because the
> script is using the wrong reverse-zone:
> - ---------------------
> Dez 26 17:30:05 addc-01 named[512]: client 192.168.56.200#60564/key
> dhcpduser\@EXAMPLE.NET: updating zone '168.192.IN-ADDR.ARPA/IN':
> update failed: not authoritative for update zone (NOTAUTH)
> Dez 26 17:30:05 addc-01 logger[989]: DHCP-DNS Update failed: 02
> Dez 26 17:30:05 addc-01 dhcpd[803]: execute:
> /etc/dhcp/bin/dhcp-dyndns.sh exit status 512
>
> - ---------------------
> The zonename should be "56.168.192.in-addr.arpa" so the "56" is
> missing. The forward-zone works.
>
> My reverse-zone is:
> - --------------------
> root at addc-01:~# samba-tool dns zonelist addc-01
> 3 zone(s) found
>
> pszZoneName : 56.168.192.in-addr.arpa
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED
> DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
> pszDpFqdn : DomainDnsZones.example.net
>
> - --------------------
> My dhcpd.conf is a copy from the wiki with my values:
> - -------------------
> subnet 192.168.56.0 netmask 255.255.255.0 {
> option subnet-mask 255.255.255.0;
> option broadcast-address 192.168.56.255;
> option time-offset 0;
> option routers 192.168.56.1;
> option domain-name "example.net";
> option domain-name-servers 192.168.56.200;
> option netbios-name-servers 192.168.56.200;
> option ntp-servers 192.168.0.200;
> pool {
> max-lease-time 1800; # 30 minutes
> range 192.168.56.210 192.168.56.229;
> }
> - -------------------
> So where do I have to set up the right reverse-zone?
This is strange, if you follow the script, you will find this:
ip=$2
later on there is this:
# Set PTR address
ptr=$(echo ${ip} | awk -F '.' '{print
$4"."$3"."$2"."$1".in-addr.arpa"}')
Finally the update of the reverse zone is done with this:
nsupdate -g ${NSUPDFLAGS} << UPDATE
server 127.0.0.1
realm ${REALM}
update delete ${ptr} 3600 PTR
update add ${ptr} 3600 PTR ${name}.${domain}
send
UPDATE
result2=$?
If you restart bind9, do you find lines like these in the syslog:
Dec 26 18:10:23 member1 named[6786]: samba_dlz: started for DN DC=samdom,DC=example,DC=com
Dec 26 18:10:23 member1 named[6786]: samba_dlz: starting configure
Dec 26 18:10:23 member1 named[6786]: samba_dlz: configured writeable zone '0.168.192.in-addr.arpa'
Dec 26 18:10:23 member1 named[6786]: samba_dlz: configured writeable zone 'samdom.example.com'
Dec 26 18:10:23 member1 named[6786]: samba_dlz: configured writeable
zone '_msdcs.samdom.example.com'
Can you post your named conf files ?
Rowland
More information about the samba
mailing list