DNS dynamic updates

Andris Lismanis andris at lismanis.co.uk
Fri Sep 10 07:19:34 MDT 2010 

Hi Maurizio,

What about the main bind config file. Which options have you use? I have
enabled permissions as per your email below but still get the same update
denied error.

Thanks,

Andris
On Fri, 10 Sep 2010 14:23:22 +0200, Maurizio Marini Gmail
<marini.maurizio at gmail.com> wrote:
> On Fri, Sep 10, 2010 at 12:35 PM, Andris Lismanis <andris at lismanis.co.uk>
> wrote:
>> hmm.. this does not fix the issue. Now I've got as far as named throwing
>> an
>> 'denied' error:
>>
>>  client xxx.xxx.xxx.xxx#1196: update 'somedomain.com/IN' denied
>>
>> I have chowned and chmoded all of the following in
>> '/usr/local/samba/private'
>>
>> /dns/somedomain.com.zone
>> named.conf
>> named.conf.update
>> dns.keytab
>> dns_update_list
>>
>> I have also setup KEYTAB_NAME option in /etc/sysconfig/named and copied
>> krb5.conf into /etc
>>
>> Can we compare your named.conf with mine and take it from there?
>>
>> Thanks,
>>
>> Andris
>>
>> On Fri, 10 Sep 2010 11:34:54 +0200, Maurizio Marini Gmail
>> <marini.maurizio at gmail.com> wrote:
>>> On Fri, Sep 10, 2010 at 10:32 AM, Matthieu Patou <mat at samba.org> wrote:
>>>>  Hi Andris,
>>>>
>>>> I put the samba technical list in copy because maybe more than once
>> wants
>>>> to
>>>> know about it.
>>>>
>>>>
>>>>
>>>>
>>>> On 10/09/2010 11:06, Andris Lismanis wrote:
>>>>>
>>>>> I have tried setting up Samba4 on few servers and has worked really
>> well
>>>>> apart from Dynamic updates. I have re-read the documentation on
>> official
>>>>> Samba4 wiki page but there is no clear instructions on how to
>>>>> configure
>>>>> bind9 so that it works in conjunction with Samba4. Can you please
>> update
>>>>> the documentation on how to set this up, including permissions etc.
>>>>>
>>>
>>> IMHO (very honest...;) )
>>> for my experience,
>>> chowning
>>> /usr/local/samba/private/named.conf
>>> to bind (debian) or named (redhat/centos)
>>> and chmodding 777 solves every issue
>>>
>>> -rwxrwxrwx  1 bind bind     1321 Aug 31 18:07 named.conf
>>> -rwxrwxrwx  1 bind bind      238 Aug 24 21:33 named.conf.update
>>>
>>> this way bind is able to do dnsupdate
>>>
>>>
>>> but chmod 77 is not a solution, is a way to say: permissions rights
does
>>> matter
>>>
>>> m.
>>
>> --
>> Andris Lismanis
>> Lismanis Limited
>>
>> mob: +44 (0) 7875442118
>> e-mail: andris at lismanis.co.uk
>>
>>
> Dear Andris
> 
> i detali all i did
> first of oll dns version
> bind-9.7.2rc1.tar.gz
> 
> then under private, dns dir must be cowned to bind (named for centos)
> 
> chown -R bind:bind  /usr/local/samba/private/dns
> 
> all file under dns at least 644 bind:bind
> 
> here it is:
> 
> 14:14:16 root at samba4: /usr/local/samba/private # ls -la dns
> total 24
> drwxrwxrwx 2 bind bind  4096 2010-08-31 22:20 .
> drwxr-sr-x 7 root staff 4096 2010-09-08 20:13 ..
> -rw-r--r-- 1 bind bind   484 2010-08-31 18:22
44.168.192.in-addr.arpa.zone
> -rw-r--r-- 1 bind bind   834 2010-08-31 18:15
> 44.168.192.in-addr.arpa.zone.jnl
> -rw-r--r-- 1 bind bind  1893 2010-08-31 18:22 costdom.cost.it.zone
> -rw-r--r-- 1 bind bind   762 2010-08-31 18:15 costdom.cost.it.zone.jnl

More information about the samba-technical mailing list