DNS TSIG updates need to check ACLs

Rowland Penny repenny at f2s.com
Thu Sep 6 03:18:06 MDT 2012

On 06/09/12 09:59, Kai Blin wrote:
> On 2012-09-06 10:44, Rowland Penny wrote:
>> On 06/09/12 03:13, Andrew Bartlett wrote:
>>> Fortunately DNS updates are still denied by default,
>> Hi, is this why you get the following message whenever you join a client
>> to a samba4 server? and if so, how do you turn on DNS updates?
>> DNS Update for server1.home.lan failed: ERROR_DNS_INVALID_MESSAGE
>  From this error message I gather you are joining the client via net ads
> join. How did you provision on the server side? Did you specify
> --dns-backend?
> Cheers,
> Kai
Hi Kai,
Yes I am using 'net ads join' and no, I provisioned as per the samba 4 howto

  /usr/local/samba/sbin/provision \
    --realm=samdom.example.com --domain=SAMDOM \
    --adminpass=SOMEPASSWORD --server-role=dc

Should I be specifying the DNS backend? there is no mention of it in the 
howto, or if there is I missed it.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba-technical mailing list