samba_dlz refusing updates
Peter Clark
pclark at pclark.com
Wed Jul 11 04:00:18 MDT 2012
Hi,
Yep that seems to have done it. They were originally joined with an older
version of Samba 4 beta 3.
Thanks!
-----Original Message-----
From: Amitay Isaacs [mailto:amitay at gmail.com]
Sent: Tuesday, July 10, 2012 8:12 PM
To: Peter Clark
Cc: samba-technical at lists.samba.org
Subject: Re: samba_dlz refusing updates
Hi Peter,
On Wed, Jul 11, 2012 at 4:54 AM, Peter Clark <pclark at pclark.com> wrote:
> Hi,
>
> I've been googling for a while but I can't seem to find an answer.
>
> I'm running the latest git pull (Version 4.0.0beta4-GIT-3aa186f) and
> I'm getting errors with samba_dlz:
>
> Jul 10 14:46:10 c3po named[10669]: samba_dlz: disallowing update of
> signer=host\$\@domain name=host.domain.com type=AAAA
> error=insufficient access rights
This usually happens if the record was created manually or with older
version of samba which did not set the security descriptor on the DNS record
correctly.
> I'm not really sure where to start looking for the fix here, it worked
> until the July 3rd GIT pull.
>
> Any thoughts of where I missed an upgrade step?
>
I would suggest, you delete this DNS entry from AD database and it will be
created with correct security descriptor next time "host.domain.com" tries
to update the record using dynamic dns update.
ldbdel -H /path/to/sam.ldb
"DC=host,DC=domain.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=domain,DC=com"
Amitay.
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2195 / Virus Database: 2437/5124 - Release Date: 07/10/12
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2195 / Virus Database: 2437/5124 - Release Date: 07/10/12
More information about the samba-technical
mailing list