[Samba] samba-tool dns zoneoptions --mark-old-records-static
Sam R
sr42354 at gmail.com
Thu Nov 9 09:59:38 UTC 2023
Hello Rowland,
This command return an error : ( with real names hiden)
ldbsearch -H ldap://s**** -P -b
"DC=a*****.i****,CN=MicrosoftDNS,DC=DomainDNSZones,DC=a******,DC=i****" -s
sub '(&(objectClass=dnsNode)(!(dNSTombstoned=TRUE)))' dnsRecord name
search error - LDAP error 32 LDAP_NO_SUCH_OBJECT - <acl_read: Error
retrieving instanceType for base. at
../../source4/dsdb/samdb/ldb_modules/acl_read.c:967> <>
Samuel
Le mer. 8 nov. 2023 à 17:59, Rowland Penny via samba <samba at lists.samba.org>
a écrit :
> On Wed, 8 Nov 2023 17:41:04 +0100
> Sam R via samba <samba at lists.samba.org> wrote:
>
> > In short, I have my dns records in :
> > CN=MicrosoftDNS,DC=ForestDnsZones,DC=ariane,DC=intra
>
> That is your forest dns
>
> >
> > and I have root dns in :
> > CN=MicrosoftDNS,DC=DomainDnsZones,DC=ariane,DC=intra
>
> That is your domain dns
>
> >
> > but I don't have a "MicrosoftDNS" entry in DC=ariane,DC=intra
>
> But I never asked to to search there, I asked you to search in this
> base:
>
> DC=example.com,CN=MicrosoftDNS,DC=DomainDNSZones,DC=example,DC=com
>
> The first part is your dns forward zone and from what you posted above,
> it should be 'DC=ariane.intra'
>
> The last part is baseDN and again, it should be 'DC=ariane,DC=imtra'
>
> So if you run the ldbsearch command I posted, with your dns data and it
> returns the records, then as you have basically run the search that the
> 'samba-tool dns zoneoptions' command runs (and fails), then it looks
> like a permissions problem.
> Run (as root) 'kinit Administrator'
> Then run your 'samba-tool dns zoneoptions' command again, but add
> '--use-kerberos=required' and see if that works.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list