Samba4 DNS dynamic updates denied
Mike Howard
mike at dewberryfields.co.uk
Sat Jun 25 07:32:46 MDT 2011
Hi All,
I currently use Bind9 and ISC dhcp servers on debian with dynamic
updates working fine.
I've just started running with Samba4, which looks great, but I'm having
trouble getting DNS dynamic updates woring. In fact, I've been pulling
my hair out!
First I built and installed a newer version of bind9 (bind-9.8.0-P2),
this works well and updates to my zones work without problem. I then
built, installed and provisioned samba4 (samba-4.0.0alpha15) using the
Samba4/HOWTO at wiki.samba.org. This went well, configuring and testing
DNS and Kerberos all succeeded as per the HOWTO.
However, DNS dynamic updates to the samba4 zone do not work. The
following error is reported;
25-Jun-2011 13:55:49.801 error: client 192.168.3.100#56429: update
'skmdom.mydom.co.uk/IN' denied
I've seen various reports of this but no solutions. I've tried various
combinations of provisioning but never have any success. On some
occasions, even worse than the above error is no error at all.
Anyway, in this incarnation I provisioned with;
./source4/setup/provision --realm=skmdom.mydom.co.uk --domain=SKMDOM
--adminpass='password' --server-role='domain controller'
--host-ip=192.168.3.2
I've added; tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
to my named.conf.options file and symlinked to /etc/krb5.keytab. I've
played with permissions giving user bind everything but still no joy.
I suspect that it is a 'key' issue but have no evidence to support that.
Anybody got any ideas?
Cheers,
Mike.
--
Michael Howard mike at dewberryfields dot co dot uk
Lancashire
England
More information about the samba-technical
mailing list