Fwd: Error start bind9 samba4 BIND9_DLZ
d.dario76 at gmail.com
Tue Sep 24 16:11:53 CEST 2013
On Tue, 2013-09-24 at 08:10 -0300, Jacó Ramos wrote:
> When run :
> samba-upgradedns --dns-backend=BIND9_DLZ
> Cannot create AD based DNS for OS Level < 2003
> and now ?
> Jacó Ramos
> 2013/9/24 Rowland Penny <repenny241155 at gmail.com>
> On 24/09/13 11:38, Jacó Ramos wrote:
> Hi Dario,
> cp /usr/local/samba/private/sam.ldb /usr/local/samba/private/dns
> cp /usr/local/samba/private/sam.ldb.d /usr/local/samba/private/dns
> chmod 777 /usr/local/samba/private/dns/*
> and dns works fine!
> Jacó Ramos
> Hi, sorry but you have got it wrong, it needs to be hard
> linked, see here:
> and here:
could it be that your domain/forest level is < 2003?
try to run
# samba-tool domain level show
to see the domain/forest levels.
Did you provision the domain on samba AD DC or did you join it to an
BTW as Rowland said the private/dns content has to be hard linked and
not a simple copy. Samba updates it's private/sam.ldb and
private/sam.ldb.d/* files. Files on private/dns won't be updated that's
why they have to be links to the original ones.
A side note about permissions: it would be safer to restrict permissions
to bind/named so as stated in the wiki you can
# chown named:named /usr/local/samba/private/dns
# chgrp named /usr/local/samba/private/dns.keytab
# chmod g+r /usr/local/samba/private/dns.keytab
# chmod 775 /usr/local/samba/private/dns
More information about the samba-technical