Internal dns server changed between RC2 & 4.1.0pre1-GIT-2c3a808
Rowland Penny
repenny at f2s.com
Tue Oct 16 06:46:57 MDT 2012
On 15/10/12 23:54, Andrew Bartlett wrote:
> On Mon, 2012-10-15 at 21:56 +0200, Kai Blin wrote:
>> On 2012-10-15 21:48, Rowland Penny wrote:
>>> On 15/10/12 20:19, Kai Blin wrote:
>>>> On 2012-10-15 19:21, Rowland Penny wrote:
>>>>
>>>>> It is one I found on the internet and altered to fit my needs, as I said
>>>>> it works on RC2 but now will not work on pre1.
>>>>> basically the script is run by dhcp from dhcpd.conf, it checks a
>>>>> kerberos keytab then runs nsupdate to first delete the pc's nameserver
>>>>> record (if there is one) then adds it into to the required zone. The
>>>>> script then checks to see if the record now exists.
>>>> Hm, I think we got rid of the DNS special user for RC1, but I seem to
>>>> remember Jelmer added back the code that adds it to some of the upgrade
>>>> scripts. Did you run any?
>>> No I didn't, I just provisioned as normal, but there is a user at
>>> CN=dns-adserver,CN=Users,DC=home,DC=lan. Should I remover this user or
>>> can I just ignore it?
>> Ah, it's a new provision. That's relevant information. Try removing that
>> user. It's been causing trouble for me in the past.
> It's been lost in all the review discussion, but we actually do need to
> revert that patch, it was put in based on a misunderstanding.
>
> We also need to patch up the internal DNS server to cope with the
> dns-SERVER user (it's not difficult, just needs to be done, and avoids
> needing to run the upgrade script in one direction).
>
> Andrew Bartlett
As RC3 is out, I have installed and provisioned this instead, the dns
user is not created in this version, also my script now works again.
Something in 4.1.0pre1-GIT-2c3a808 is stopping nsupdate from adding
records to the internal nameserver. The script that I am using is
modified from one to update Microsoft's DNS server:
http://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/
The mods I did were mostly in checking whether the update had occurred.
I think that the internal nameserver in pre1 is not working the same as
the Microsoft one.
Thanks
Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba-technical
mailing list