DNS Error joining Samba 3.6.x to samba4 ADS
Kahle, Markus
markus.kahle at brueckmann-gmbh.de
Thu Jul 26 01:51:21 MDT 2012
Hi,
>> This means that the server was expecting there NOT to be a DNS entry
>> for the machine yet, but it found one. Therefore the "prerequisite"
>> was "not satisfied" and it refused to add the DNS entry.
>Actually, the prereqs are set by the client. Just a minor nitpick,
>though, Michael's advice on deleting the offending record is what I'd
>suggest, too.
I've searched and tried the whole day long yesterday, but I really can't find a suitable record to delete.
There seems to be no record , but samba / DNS still complains about when joining the member server.
Here a some logs and outputs:
--------------------------------------------
[root at uw2]# samba-tool dns query uw2 ad.bel @ A -U Administrator
Password for [BEL\Administrator]:
Name=, Records=1, Children=0
A: 10.0.0.2 (flags=600000f0, serial=1, ttl=900)
Name=_msdcs, Records=0, Children=0
Name=_sites, Records=0, Children=1
Name=_tcp, Records=0, Children=4
Name=_udp, Records=0, Children=2
Name=DomainDnsZones, Records=0, Children=2
Name=ForestDnsZones, Records=0, Children=2
Name=smb4pc1, Records=0, Children=0
Name=smb4pc2, Records=1, Children=0
A: 10.0.1.234 (flags=f0, serial=6, ttl=1200)
Name=uw2, Records=1, Children=0
A: 10.0.0.2 (flags=f0, serial=1, ttl=900)
--------------------------------------------
There are two entrys for the windows7 clients and one for the domain controller itself, but no Record for underword2 ?!
Doing a search via phpldapadmin:
BaseDN: DC=DomainDnsZones,DC=AD,DC=BEL
SearchScope: Sub
SearchFilter: objectClass=dnsNode
Show Attributes: name
Here is the output:
--------------------------------------------
"DC=@,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","@"
"DC=_gc._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_gc._tcp"
"DC=_gc._tcp.Default-First-Site-Name._sites,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_gc._tcp.Default-First-Site-Name._sites"
"DC=_kerberos._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kerberos._tcp"
"DC=_kerberos._tcp.Default-First-Site-Name._sites,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kerberos._tcp.Default-First-Site-Name._sites"
"DC=_kerberos._udp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kerberos._udp"
"DC=_kpasswd._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kpasswd._tcp"
"DC=_kpasswd._udp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_kpasswd._udp"
"DC=_ldap._tcp,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp"
"DC=_ldap._tcp.Default-First-Site-Name._sites,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.Default-First-Site-Name._sites"
"DC=_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones"
"DC=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones"
"DC=_ldap._tcp.DomainDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.DomainDnsZones"
"DC=_ldap._tcp.ForestDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_ldap._tcp.ForestDnsZones"
"DC=_msdcs,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","_msdcs"
"DC=DomainDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","DomainDnsZones"
"DC=ForestDnsZones,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","ForestDnsZones"
"DC=smb4pc1,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","smb4pc1"
"DC=smb4pc2,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","smb4pc2"
"DC=uw2,DC=ad.bel,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","uw2"
"DC=@,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","@"
"DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","a.root-servers.net"
"DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","b.root-servers.net"
"DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","c.root-servers.net"
"DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","d.root-servers.net"
"DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","e.root-servers.net"
"DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","f.root-servers.net"
"DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","g.root-servers.net"
"DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","h.root-servers.net"
"DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","i.root-servers.net"
"DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","j.root-servers.net"
"DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","k.root-servers.net"
"DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","l.root-servers.net"
"DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=bel","m.root-servers.net"
--------------------------------------------
Again the entries for "smb4pc1" and "smb4pc2" and the one for "uw2" , but no "underworld2" record!
--------------------------------------------
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: starting transaction on zone ad.bel
Jul 26 09:47:57 uw2 named[2430]: client 10.0.0.194#47892: updating zone 'ad.bel/NONE': update unsuccessful: underworld2.ad.bel/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: cancelling transaction on zone ad.bel
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: starting transaction on zone ad.bel
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: spnego update failed
Jul 26 09:47:57 uw2 named[2430]: client 10.0.0.194#47892: updating zone 'ad.bel/NONE': update failed: rejected by secure update (REFUSED)
Jul 26 09:47:57 uw2 named[2430]: samba_dlz: cancelling transaction on zone ad.bel
--------------------------------------------
Problem still there, if I try again to join member server , same error occured.
So what else can I do ?
Thanks in advance,
Markus
More information about the samba-technical
mailing list