[Samba] V4 - New Install - Missing Zone File
amitay at gmail.com
Tue Feb 28 18:27:46 MST 2012
On Wed, Feb 29, 2012 at 12:09 PM, Jeremy Davis <JDFire at cox.net> wrote:
> Hello Amitay,
> On 02/27/2012 11:37 PM, Amitay Isaacs wrote:
>> How was this samba4 instance provisioned? Did you use it upgradedns
>> script to upgrade the DNS provision? Or was it provisioned using
>> DLZ_BIND9 backend?
>> Can you try running dynamic update manually as follows and monitor named
>> $ kinitadministrator at bob-dc.com
>> $ nsupdate -g
>> > server dc1.bob-dc.com
>> > update add foo.bob-dc.com 3600 A 220.127.116.11
>> > show
>> > send
> Sorry for the delay in my reply.
> I am not sure what your asking on the provisioning questions. I provisioned
> using DLZ_BIND9 I think. I don't think I ever ran a upgradedns script.
> Below you will find the output to all the commands requested.
> [root at dc1 ~]# kinit administrator at BOB-DC.COM
> Password for administrator at BOB-DC.COM:
> Warning: Your password will expire in 35 days on Wed Apr 4 00:14:53 2012
> [root at dc1 ~]# nsupdate -g
>> server dc1.bob-dc.com
>> update add foo.bob-dc.com 3600 A 18.104.22.168
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
> ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; UPDATE SECTION:
> foo.bob-dc.com. 3600 IN A 22.214.171.124
> update failed: REFUSED
> Feb 28 18:03:34 dc1 named: samba_dlz: starting transaction on zone
> Feb 28 18:03:34 dc1 named: samba_dlz: spnego update failed
> Feb 28 18:03:34 dc1 named: client 192.168.30.1#41987: updating zone
> 'bob-dc.com/NONE': update failed: rejected by secure update (REFUSED)
> Feb 28 18:03:34 dc1 named: samba_dlz: cancelling transaction on zone
Have you set up the tkey-gssapi-keytab option in named.conf? And is it pointing
to the correct keytab file?
More information about the samba-technical