[Samba] samba dlz. bind9 nslookup is wrong
Patrik
alabard at gmail.com
Mon Aug 5 09:14:18 UTC 2019
I am not using flatfiles and i using BIND_DLZ it shows in my log and i do
not use flatfiles. BIND_DLZ only.
as you can see it is pure bind and it just generates a weird ip address
(192.168.81.120, 2001:470:1f1b:5b5:eeaa:a0ff:fe1b:4d84) this ip addresses
cannot be pinged, missing this client.
you can see in smb.conf i do not use dnsupdate either.
and it is rotating and sometimes giving the wrong ip address for windows
and linux. i am on debian buster.
*My bind settings is correct as well (i wanna use enp1s0f3):*
root at server:/# cat /etc/bind/named.conf.local
view "internal-enp1s0f3" {
match-clients { "internal-enp1s0f3"; };
match-recursive-only yes;
recursion yes;
allow-recursion { "internal-enp1s0f3"; };
notify yes;
allow-update { none; };
allow-query { any; };
allow-transfer { xfer; };
include "/etc/bind/named.conf.default-zones";
zone "patrikx3.com" {
type master;
file "/etc/bind/zones/enp1s0f3/patrikx3.com";
* include "/var/lib/samba/private/named.conf.update"; * };
zone "corifeus.com" {
type master;
file "/etc/bind/zones/enp1s0f3/corifeus.com";
};
zone "gitlist.tk" {
type master;
file "/etc/bind/zones/enp1s0f3/gitlist.tk";
};
zone "albafructus.eu" {
type master;
file "/etc/bind/zones/enp1s0f3/albafructus.eu";
};
zone "fruitinfo.hu" {
type master;
file "/etc/bind/zones/enp1s0f3/fruitinfo.hu";
};
zone "venyimgyumolcse.hu" {
type master;
file "/etc/bind/zones/enp1s0f3/venyimgyumolcse.hu";
};
* include "/var/lib/samba/private/named.conf";*};
view "internal-enp1s0f2" {
match-clients { "internal-enp1s0f2"; };
match-recursive-only yes;
recursion yes;
allow-recursion { "internal-enp1s0f2"; };
notify yes;
allow-update { none; };
allow-query { any; };
allow-transfer { xfer; };
include "/etc/bind/named.conf.default-zones";
zone "patrikx3.com" {
type master;
file "/etc/bind/zones/enp1s0f2/patrikx3.com";
};
zone "corifeus.com" {
type master;
file "/etc/bind/zones/enp1s0f2/corifeus.com";
};
zone "gitlist.tk" {
type master;
file "/etc/bind/zones/enp1s0f2/gitlist.tk";
};
zone "albafructus.eu" {
type master;
file "/etc/bind/zones/enp1s0f2/albafructus.eu";
};
zone "fruitinfo.hu" {
type master;
file "/etc/bind/zones/enp1s0f2/fruitinfo.hu";
};
zone "venyimgyumolcse.hu" {
type master;
file "/etc/bind/zones/enp1s0f2/venyimgyumolcse.hu";
};
};
view "external" {
match-clients { any; };
recursion no;
additional-from-auth no;
additional-from-cache no;
// allow-transfer { any; }; // temporarily allowed for debugging purposes
allow-transfer { none; };
// zone "namesystem.tk" IN {
// type master;
// file "/etc/bind/zones/external.namesystem.tk";
// };
};
*My samba looks like this:*
# Global parameters
[global]
*bind interfaces only = yes*# if this is turned on, always perfect
# interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
# interfaces = lo 192.168.78.20 2001:470:1f1b:5b3:21b:21ff:fea6:ce93
192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
# interfaces = lo 192.168.81.20 2001:470:1f1b:5b5:21b:21ff:fea6:ce92
# if all interfaces known, order is important, the last is the required
# interfaces = lo 192.168.78.20 192.168.81.20
# you can see it is should only allow on enp1s0f3 which is above
*interfaces = lo enp1s0f3*netbios name = SERVER
realm = P3X-DC.PATRIKX3.COM <http://p3x-dc.patrikx3.com/>
# server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd,
ntp_signd, kcc
workgroup = P3X-DC
allow insecure wide links = Yes
# before was working
unix extensions = no
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
comment =
# log level = 3
template shell = /bin/bash
template homedir = /home/%U
[netlogon]
path = /var/lib/samba/sysvol/p3x-dc.patrikx3.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[media]
path = /media
read only = no
guest ok = no
force group = media
writable = yes
[mounts]
path = /mnt
read only = no
guest ok = no
force group = mount
writable = yes
[router-logs]
path = /var/log-router
read only = yes
guest ok = yes
writable = no
browseable = yes
# valid users = router
force user = root
follow symlinks = yes
wide links = yes
*Patrik*
WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM
<https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36
20 342 8046
On Mon, Aug 5, 2019 at 11:10 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 05/08/2019 09:55, Patrik via samba wrote:
> > the dig is wrong as well, it adds an additional ip address, which i have
> > not request to use other interfaces:
> > root at server:/# dig p3x-dc.patrikx3.com
> >
> Patrik, I have told you what your problem is, refusing to accept that
> you have setup Bind9 incorrectly is no reason for opening a new thread.
>
> Just in case you missed it, or misunderstood it:
>
> You need to decide which network card you want to use with Samba and set
> up smb.conf accordingly.
>
> You need to stop use 'flatfiles' with Samba and use BIND_DLZ instead.
>
> As I said, once you accept your setup is incorrect, I am prepared to
> help you set it up correctly.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list