Internal dns server changed between RC2 & 4.1.0pre1-GIT-2c3a808

Rowland Penny repenny at f2s.com
Mon Oct 15 11:21:05 MDT 2012 

On 15/10/12 17:37, Kai Blin wrote:
> On 2012-10-15 18:07, Rowland Penny wrote:
>
> Hi Rowland,
>
>> Hello, I set Samba 4 RC2 to update the internal nameserver via dhcp
>> using a script, this works ok. I have compiled and installed
>> 4.1.0pre1-GIT-2c3a808 and dhcp updating the nameserver no longer works!
> I need more details here. How did the script work?

It is one I found on the internet and altered to fit my needs, as I said 
it works on RC2 but now will not work on pre1.
basically the script is run by dhcp from dhcpd.conf, it checks a 
kerberos keytab then runs nsupdate to first delete the pc's nameserver 
record (if there is one) then adds it into to the required zone. The 
script then checks to see if the record now exists.

>
>> Everything is the same, only the version of Samba4 has changed
> Yes, we fixed https://bugzilla.samba.org/show_bug.cgi?id=9183
So, it now listens on all interfaces?

>
>> If I run netstat -nlp | grep LISTEN | grep 53 on RC2 I get:
>>
>> tcp        0      0 192.168.0.5:53          0.0.0.0:* LISTEN      810/samba
>> tcp6       0      0 fe80::e2cb:4eff:fe06:53 :::* LISTEN      810/samba
>>
>> But on 4.1.0pre1-GIT-2c3a808 I get:
>>
>> tcp        0      0 0.0.0.0:53              0.0.0.0:* LISTEN
>> 22350/samba
>> tcp6       0      0 :::53                   :::* LISTEN      22350/samba
>>
>> If I run the script manually: /usr/local/sbin/dhcp-dyndns.sh add
>> 192.168.0.171 LinPad
>> I get:
>> root at adserver:~# dns_tkey_negotiategss: TKEY is unacceptable
>> specified zone '0.168.192.in-addr.arpa' does not exist (NXDOMAIN)
>> dhcpd: DDNS: adding records for 192.168.0.171 <LinPad.home.lan> FAILED:
>> status 10
>>
>> Why is the TKEY suddenly unacceptable? and why is it saying the reverse
>> zone does not exist when it does, as I created it and samba-tool lists it?.
> What happens if you query records from 0.168.192.in-addr.arpa outside of
> that update?
Do you mean as in:
host -t A linpad.home.lan
Host linpad.home.lan not found: 3(NXDOMAIN)

host -t PTR 192.168.0.171
171.0.168.192.in-addr.arpa has no PTR record

>   Are you using the correct Kerberos keys?
Ah, what would be the correct Kerberos keys?, I am using one that I 
created for a user I also created, as I said it works on RC2
>
> A network capture might help.
This would be no problem if I only knew how to do this (hint hint) ;-)

> Cheers,
> Kai
>
Thanks for any help you can give

Rowland

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba-technical mailing list