Internal dns server changed between RC2 & 4.1.0pre1-GIT-2c3a808

Rowland Penny repenny at
Mon Oct 15 13:48:03 MDT 2012

On 15/10/12 20:19, Kai Blin wrote:
> On 2012-10-15 19:21, Rowland Penny wrote:
>> It is one I found on the internet and altered to fit my needs, as I said
>> it works on RC2 but now will not work on pre1.
>> basically the script is run by dhcp from dhcpd.conf, it checks a
>> kerberos keytab then runs nsupdate to first delete the pc's nameserver
>> record (if there is one) then adds it into to the required zone. The
>> script then checks to see if the record now exists.
> Hm, I think we got rid of the DNS special user for RC1, but I seem to
> remember Jelmer added back the code that adds it to some of the upgrade
> scripts. Did you run any?

No I didn't, I just provisioned as normal, but there is a user at 
CN=dns-adserver,CN=Users,DC=home,DC=lan. Should I remover this user or 
can I just ignore it?

>>>> Everything is the same, only the version of Samba4 has changed
>>> Yes, we fixed
>> So, it now listens on all interfaces?
> Yes.
>>> What happens if you query records from outside of
>>> that update?
>> Do you mean as in:
>> host -t A linpad.home.lan
>> Host linpad.home.lan not found: 3(NXDOMAIN)
>> host -t PTR
>> has no PTR record
> And does it work for other hosts/addresses? Like the DC itself?
All the dns tests from the howto work as written. I added the reverse 
zone via samba-tool:
samba-tool dns zonecreate -U 

I then added the reverse record for the server:
samba-tool dns add 10 PTR 
adserver.home.lan -U Administrator

Both commands were supposedly successfully, but host -t PTR 
returns has no PTR record

I tried to add the reverse record again but:
samba-tool dns add 10 PTR 
adserver.home.lan -U Administrator

ERROR: Record already exists

So, as far as I can see, host says the record does not exist, but 
samba-tool says it does.

>>>    Are you using the correct Kerberos keys?
>> Ah, what would be the correct Kerberos keys?, I am using one that I
>> created for a user I also created, as I said it works on RC2
>>> A network capture might help.
>> This would be no problem if I only knew how to do this (hint hint) ;-)
> Cheers,
> Kai
Thanks, I will read the website and get a capture and post it later

Thanks again


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba-technical mailing list