DNS Error joining Samba 3.6.x to samba4 ADS

Kahle, Markus markus.kahle at brueckmann-gmbh.de
Thu Jul 26 01:51:21 MDT 2012


Hi, 

>> This means that the server was expecting there NOT to be a DNS entry 
>> for the machine yet, but it found one. Therefore the "prerequisite" 
>> was "not satisfied" and it refused to add the DNS entry. 

>Actually, the prereqs are set by the client. Just a minor nitpick, 
>though, Michael's advice on deleting the offending record is what I'd 
>suggest, too. 


I've searched and tried the whole day long yesterday, but I really can't find a suitable record to delete. 
There seems to be no record , but samba / DNS still complains about when joining the member server. 

Here a some logs and outputs: 

-------------------------------------------- 
[root at uw2]# samba-tool dns query uw2 ad.bel @ A -U Administrator 
Password for [BEL\Administrator]: 
Name=, Records=1, Children=0 
A: 10.0.0.2 (flags=600000f0, serial=1, ttl=900) 
Name=_msdcs, Records=0, Children=0 
Name=_sites, Records=0, Children=1 
Name=_tcp, Records=0, Children=4 
Name=_udp, Records=0, Children=2 
Name=DomainDnsZones, Records=0, Children=2 
Name=ForestDnsZones, Records=0, Children=2 
Name=smb4pc1, Records=0, Children=0 
Name=smb4pc2, Records=1, Children=0 
A: 10.0.1.234 (flags=f0, serial=6, ttl=1200) 
Name=uw2, Records=1, Children=0 
A: 10.0.0.2 (flags=f0, serial=1, ttl=900) 
-------------------------------------------- 

There are two entrys for the windows7 clients and one for the domain controller itself, but no Record for underword2 ?! 



Doing a search via phpldapadmin: 

BaseDN: DC=DomainDnsZones,DC=AD,DC=BEL 
SearchScope: Sub 
SearchFilter: objectClass=dnsNode 
Show Attributes: name 

Here is the output: 
-------------------------------------------- 
"DC=@,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","@" 
"DC=_gc._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_gc._tcp" 
"DC=_gc._tcp.Default-First-Site-Name._sites,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_gc._tcp.Default-First-Site-Name._sites" 
"DC=_kerberos._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kerberos._tcp" 
"DC=_kerberos._tcp.Default-First-Site-Name._sites,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kerberos._tcp.Default-First-Site-Name._sites" 
"DC=_kerberos._udp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kerberos._udp" 
"DC=_kpasswd._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kpasswd._tcp" 
"DC=_kpasswd._udp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kpasswd._udp" 
"DC=_ldap._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp" 
"DC=_ldap._tcp.Default-First-Site-Name._sites,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.Default-First-Site-Name._sites" 
"DC=_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones" 
"DC=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones" 
"DC=_ldap._tcp.DomainDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.DomainDnsZones" 
"DC=_ldap._tcp.ForestDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.ForestDnsZones" 
"DC=_msdcs,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_msdcs" 
"DC=DomainDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","DomainDnsZones" 
"DC=ForestDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","ForestDnsZones" 
"DC=smb4pc1,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","smb4pc1" 
"DC=smb4pc2,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","smb4pc2" 
"DC=uw2,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","uw2" 
"DC=@,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","@" 
"DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","a.root-servers.net" 
"DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","b.root-servers.net" 
"DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","c.root-servers.net" 
"DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","d.root-servers.net" 
"DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","e.root-servers.net" 
"DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","f.root-servers.net" 
"DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","g.root-servers.net" 
"DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","h.root-servers.net" 
"DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","i.root-servers.net" 
"DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","j.root-servers.net" 
"DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","k.root-servers.net" 
"DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","l.root-servers.net" 
"DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","m.root-servers.net" 
-------------------------------------------- 

Again the entries for "smb4pc1" and "smb4pc2" and the one for "uw2" , but no "underworld2" record! 

-------------------------------------------- 
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: starting transaction on zone ad.bel 
Jul 26 09:47:57 uw2 named[2430]: client 10.0.0.194#47892: updating zone 'ad.bel/NONE': update unsuccessful: underworld2.ad.bel/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET) 
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: cancelling transaction on zone ad.bel 
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: starting transaction on zone ad.bel 
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: spnego update failed 
Jul 26 09:47:57 uw2 named[2430]: client 10.0.0.194#47892: updating zone 'ad.bel/NONE': update failed: rejected by secure update (REFUSED) 
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: cancelling transaction on zone ad.bel 
-------------------------------------------- 

Problem still there, if I try again to join member server , same error occured. 
So what else can I do ? 


Thanks in advance, 


Markus 



More information about the samba-technical mailing list