Samba4 dynamic DNS update issue

Chirana Gheorghita Eugeniu Theodor office at adaptcom.ro
Fri Nov 23 12:14:01 MST 2012 

Hmm ,
seems that no has any idea about my previous issue:
http://lists.samba.org/archive/samba-technical/2012-November/088999.html

Here is a new one not a unsolvable but a non standard fix:

I got the following error in named messages:
Nov 23 19:19:00 cerberus named[29639]: client 192.168.30.254#50842: update '
altavia.aviamotors.ro/IN' denied
Nov 23 19:47:22 cerberus named[29639]: client 192.168.30.254#53026: update '
altavia.aviamotors.ro/IN' denied
Nov 23 20:03:39 cerberus named[29639]: client 192.168.30.254#49221: update '
altavia.aviamotors.ro/IN' denied
Nov 23 20:11:11 cerberus named[29639]: client 192.168.30.254#50886: update '
altavia.aviamotors.ro/IN' denied
Nov 23 20:20:42 cerberus named[29639]: client 192.168.30.254#54307: update '
altavia.aviamotors.ro/IN' denied
Nov 23 20:32:41 cerberus named[29639]: client 192.168.30.254#49650: update '
altavia.aviamotors.ro/IN' denied
Nov 23 20:35:36 cerberus named[29639]: client 192.168.30.249#54725: update '
altavia.aviamotors.ro/IN' denied


I had to modify the
/named/chroot/samba/private/named.conf file so:

commented this line:
         * include "/samba/private/named.conf.update"

to ignore these:
/* this file is auto-generated - do not edit */
update-policy {
        grant ALTAVIA.AVIAMOTORS.RO ms-self * A AAAA;
        grant Administrator at ALTAVIA.AVIAMOTORS.RO wildcard * A AAAA SRV
CNAME;
        grant CERBERUS$@altavia.aviamotors.ro wildcard * A AAAA SRV CNAME;
};


and added this:
        allow-update {192.168.30.0/24;};

and now works:
Nov 23 20:57:45 cerberus named[16498]: client 192.168.30.249#60375:
updating zone 'altavia.aviamotors.ro/IN': deleting rrset at '
test.altavia.aviamotors.ro' A
Nov 23 20:57:45 cerberus named[16498]: client 192.168.30.249#60375:
updating zone 'altavia.aviamotors.ro/IN': adding an RR at '
test.altavia.aviamotors.ro' A

and:
[root at cerberus ~]# /named/bin/dig altavia.aviamotors.ro AXFR

; <<>> DiG 9.9.2 <<>> altavia.aviamotors.ro AXFR
;; global options: +cmd
altavia.aviamotors.ro.  604800  IN      SOA
cerberus.altavia.aviamotors.ro. hostmaster.altavia.aviamotors.ro.
2012111120 172800 14400 3628800 604800
altavia.aviamotors.ro.  604800  IN      NS
cerberus.altavia.aviamotors.ro.
altavia.aviamotors.ro.  604800  IN      A       192.168.30.250
_kerberos.altavia.aviamotors.ro. 604800 IN TXT  "ALTAVIA.AVIAMOTORS.RO"
948951cb-56b5-475d-b09d-892aff22cc01._msdcs.altavia.aviamotors.ro. 604800
IN CNAME cerberus.altavia.aviamotors.ro.
_kerberos._tcp.Default-First-Site-Name._sites.dc._
msdcs.altavia.aviamotors.ro. 604800 IN SRV 0 100 88
cerberus.altavia.aviamotors.ro.
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.altavia.aviamotors.ro.
604800 IN SRV 0 100 389 cerberus.altavia.aviamotors.ro.
_kerberos._tcp.dc._msdcs.altavia.aviamotors.ro. 604800 IN SRV 0 100 88
cerberus.altavia.aviamotors.ro.
_ldap._tcp.dc._msdcs.altavia.aviamotors.ro. 604800 IN SRV 0 100 389
cerberus.altavia.aviamotors.ro.
_ldap._tcp.f081c08a-0b32-4798-ab50-62d4750504b7.domains._
msdcs.altavia.aviamotors.ro. 604800 IN SRV 0 100 389
cerberus.altavia.aviamotors.ro.
gc._msdcs.altavia.aviamotors.ro. 604800 IN A    192.168.30.250
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.altavia.aviamotors.ro.
604800 IN SRV 0 100 3268 cerberus.altavia.aviamotors.ro.
_ldap._tcp.gc._msdcs.altavia.aviamotors.ro. 604800 IN SRV 0 100 3268
cerberus.altavia.aviamotors.ro.
_ldap._tcp.pdc._msdcs.altavia.aviamotors.ro. 604800 IN SRV 0 100 389
cerberus.altavia.aviamotors.ro.
_gc._tcp.Default-First-Site-Name._sites.altavia.aviamotors.ro. 604800 IN
SRV 0 100 3268 cerberus.altavia.aviamotors.ro.
_kerberos._tcp.Default-First-Site-Name._sites.altavia.aviamotors.ro. 604800
IN SRV 0 100 88 cerberus.altavia.aviamotors.ro.
_ldap._tcp.Default-First-Site-Name._sites.altavia.aviamotors.ro. 604800 IN
SRV 0 100 389 cerberus.altavia.aviamotors.ro.
_gc._tcp.altavia.aviamotors.ro. 604800 IN SRV   0 100 3268
cerberus.altavia.aviamotors.ro.
_kerberos._tcp.altavia.aviamotors.ro. 604800 IN SRV 0 100 88
cerberus.altavia.aviamotors.ro.
_kerberos-master._tcp.altavia.aviamotors.ro. 604800 IN SRV 0 100 88
cerberus.altavia.aviamotors.ro.
_kpasswd._tcp.altavia.aviamotors.ro. 604800 IN SRV 0 100 464
cerberus.altavia.aviamotors.ro.
_ldap._tcp.altavia.aviamotors.ro. 604800 IN SRV 0 100 389
cerberus.altavia.aviamotors.ro.
_kerberos._udp.altavia.aviamotors.ro. 604800 IN SRV 0 100 88
cerberus.altavia.aviamotors.ro.
_kerberos-master._udp.altavia.aviamotors.ro. 604800 IN SRV 0 100 88
cerberus.altavia.aviamotors.ro.
_kpasswd._udp.altavia.aviamotors.ro. 604800 IN SRV 0 100 464
cerberus.altavia.aviamotors.ro.
cerberus.altavia.aviamotors.ro. 604800 IN A     192.168.30.250
*test.altavia.aviamotors.ro. 1200 IN     A       192.168.30.249*
altavia.aviamotors.ro.  604800  IN      SOA
cerberus.altavia.aviamotors.ro. hostmaster.altavia.aviamotors.ro.
2012111120 172800 14400 3628800 604800
;; Query time: 0 msec
;; SERVER: 192.168.30.250#53(192.168.30.250)
;; WHEN: Fri Nov 23 21:13:06 2012
;; XFR size: 28 records (messages 1, bytes 1617)



Is this normal or is a bug/default configuration issue?

-- 
___________________________________________________
Cu stima/Best regards/Mit freundlichen Grüßen/最好的问候,

Chirana-Gheorghita Eugeniu-Theodor
Bucharest, Romania

e-mail : office at adaptcom.ro
mobile: 0743 698721
            0747 447675

More information about the samba-technical mailing list