Aw: Re: samba4 and bind9 - dynamic udpdates not working anymore

Rowland Penny repenny241155 at gmail.com
Sat Dec 27 03:08:12 MST 2014 

On 27/12/14 09:03, support at remsnet.de wrote:
> Dear Karl ,
>
> please post us your isc named.conf , smb.conf and  isc dhcpd.conf.
>
> isc dhcpd  require addional  the samba  exportkeytab stuff see at :
> https://wiki.archlinux.org/index.php/Samba_4_Active_Directory_Domain_Controller#DHCP
>
> To get the dyamic up update to work .
>
>
>> NOTE: I used bind9 on Debian Wheezy with backports enabled.
> Note to Roland :  on RPI Debian arm5 -7 many of the i386 / x86_64 backports hav´nt exist
>                    - this is at latest bind9.8/9.9/9.10 as well.
>
> To get an latest bind9 on RPI you have to build( patch+compile )  it allmost yourself.
>
>
> --
> Mit freundlichen Grüßen / Best Regards
>
> Horst Venzke ; PGP NET : 1024G/082F2E6D ;  http://www.remsnet.de
>
> Legal Notice: This transmittal and/or attachments may be privileged or confidential. It is intended solely for the addressee named above. Any review, dissemination, or copying is strictly prohibited. If you received this transmittal in error, please notify us immediately by reply and immediately delete this message and all its attachments. Thank you.
>
>
>> Gesendet: Freitag, 26. Dezember 2014 um 13:31 Uhr
>> Von: "Karl Haue" <karl.haue at gmail.com>
>> An: samba-technical at lists.samba.org
>> Betreff: Re: samba4 and bind9 - dynamic udpdates not working anymore
>>
>> Rowland Penny <repenny241155 <at> gmail.com> writes:
>>
>>> This is what is in mine:
>>>
>>> options {
>>>           directory "/var/cache/bind";
>>>           forwarders { 8.8.8.8; 8.8.4.4; };
>>>           dnssec-validation no;
>>>
>>>           auth-nxdomain no;    # conform to RFC1035
>>>           listen-on-v6 { any; };
>>>           tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
>>> };
>>>
>>> NOTE: I used bind9 on Debian Wheezy with backports enabled.
>>>
>>> Remove the forwarder line from smb.conf
>>>
>>> I Have been using Samba4 & Bind9 for 2 yrs now without major incident,
>>> but I also run a DHCP server on the AD DC, this is what works for me.
>>>
>> OK /usr/local/bind9/etc/named.conf.options is changed now, looks like your
>> proposal - only path to dns.keytab is /usr/local/samba/private.
>>
>> in smb.conf was no forwarder (not used anytime).
>>
>> bind and samba are restarted, but the same problem again.
>>
>> Every time I try a "ipconfig /registerdns) the log shows me the "access
>> denied" error.
>>
>> I use ISC DHCP Service on this raspberry, too.
>> But with a subdomain (non.ad.daheim.local), because I have the information,
>> dhcp daemon cannot write to DNS of samba (ad.daheim.local).
>>
>> Maybe it is a problem with my restored database files?
>>
>> I set the same rights and hardlinks again, but I do not know how to look
>> inside the files or check the files.
>>
>> Karl
>>
>>
>>
>>
> >

Hi, ok after trying to setup raspbian in qemu, I found that raspbian 
**ISN'T** as uptodate as I thought, it doesn't have an isc-dhcp-server 
package. I have a suspicion that you need isc-dhcp-server to run the 
update script. I will do a bit more investigation and get back to you.

Rowland

More information about the samba-technical mailing list