samba4 domain problem

Ricky Nance ricky.nance at gmail.com
Fri Apr 19 17:53:55 MDT 2013 

Sorry, but we will need a bit more information, first off, what does ls
-alh /var/lib/samba/private/named.conf.update look like? Next, which samba
version are you running (samba -V), and finally, can you please provide us
with the [global] section of your smb.conf? Again, sorry for asking, but
with what you have given us to go with, there are several possible answers.
Oh, and I just thought, which user does named run as? ( cat /etc/passwd |
grep "named\|bind" ).

Ricky


On Fri, Apr 19, 2013 at 5:54 PM, Keresztes Péter-Zoltán <zozo at z0z0.tk>wrote:

> Hello I have a problem with my domain dns.
> After I have started the samba when I try to start the named service I am
> getting the following error:
> [root at demo ~]# service named restart
> Stopping named:                                            [  OK  ]
> Starting named:
> Error in named configuration:
> /usr/share/samba/setup/named.conf:15: open:
> /var/lib/samba/private/named.conf.update: permission denied
>
> my /usr/share/samba/setup.named.conf look like this:
>
> # This file should be included in your main BIND configuration file
> #
> # For example with
> # include "${NAMED_CONF}";
>
> zone "${DNSDOMAIN}." IN {
>         type master;
>         file "${ZONE_FILE}";
>         /*
>          * the list of principals and what they can change is created
>          * dynamically by Samba, based on the membership of the domain
> controllers
>          * group. The provision just creates this file as an empty file.
>          */
>         #include "${NAMED_CONF_UPDATE}";
>         include "/var/lib/samba/private/named.conf.update";
>         /* we need to use check-names ignore so _msdcs A records can be
> created */
>         check-names ignore;
> };
>
> # The reverse zone configuration is optional.  The following example
> assumes a
> # subnet of 192.168.123.0/24:
>
> /*
> zone "123.168.192.in-addr.arpa" in {
>         type master;
>         file "123.168.192.in-addr.arpa.zone";
>         update-policy {
>                 grant ${REALM_WC} wildcard *.123.168.192.in-addr.arpa. PTR;
>         };
> };
> */
>
> # Note that the reverse zone file is not created during the provision
> process.
>
> # The most recent BIND versions (9.8 or later) support secure GSS-TSIG
> # updates.  If you are running an earlier version of BIND, or if you do
> not wish
> # to use secure GSS-TSIG updates, you may remove the update-policy
> sections in
> # both examples above.
>
> I would really appreciate some help.
>
> Regards,
> Peter

More information about the samba-technical mailing list