Samba 4.10.x and Bind9 DLZ dynamic updates
L. van Belle
belle at samba.org
Thu Apr 18 12:13:52 UTC 2019
Hai Marcel,
For the error your having, look here :
https://kiko.ghost.io/things-i-wish-id-known-about-nsupdate-and-dynamic-dns-
updates/
Just read it.
Then try adding this to smb.conf on the Samba DC:
dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool
Does it work, no, set this in named.conf.options ( at the bottem outside the
global parameters )
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc-key;};
};
And if you on ubuntu, why not try my packages, these work fine.
wget -O - http://apt.van-belle.nl/louis-van-belle.gpg-key.asc | apt-key add
-
echo "# AptVanBelle repo for samba." | sudo tee
/etc/apt/sources.list.d/van-belle.list
echo "deb http://apt.van-belle.nl/debian bionic-samba410 main contrib
non-free" | sudo tee -a /etc/apt/sources.list.d/van-belle.list
apt update
apt install samba winbind ntp bind9 acl attr
Then configure it, when it then still not working.
Run :
https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-i
nfo.sh
And mail me the output, then i'll have a good look at it.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba-technical
> [mailto:samba-technical-bounces at lists.samba.org] Namens
> Marcel via samba-technical
> Verzonden: donderdag 18 april 2019 11:43
> Aan: samba-technical at lists.samba.org
> Onderwerp: Re: Samba 4.10.x and Bind9 DLZ dynamic updates
>
> Hi David,
>
> thanks for your suggestion. I just re-compiled my Ubuntu
> 18.04 bind9 package as suggested, however the problem
> still remains after updating the bind packages.
>
> Marcel
>
>
> April 18, 2019 7:59 AM, "David Rivera via samba-technical"
> <samba-technical at lists.samba.org> wrote:
>
> > Hi Marcel,
> >
> > I believe I ran into this same issue when upgrading from
> Samba 4.8.0 to
> > 4.9.5+. I had to follow the instructions in the link below
> to rebuild bind
> > from the source RPM, removing --disable-isc-spnego from the
> SPEC file.
> > You'll need to download the right package and follow the correct
> > instructions for your distribution.
> >
> >
> https://wiki.samba.org/index.php/Using_BIND_DLZ_backend_with_s
> ecured_/_signed_DNS_updates#RHEL_.2F_C
> > NTOS_.2F_FC_.2B_clones_-_ReBuild_Distributed_ISC_Bind_RPM
> >
> > David
> >
> > On Wed, Apr 17, 2019 at 9:19 AM Marcel via samba-technical <
> > samba-technical at lists.samba.org> wrote:
> >
> >> Hi there,
> >>
> >> since upgrading to Samba 4.10.x I can no longer do dynamic
> >> DNS updates using bind 9.11 (with samba dlz).
> >>
> >> I'm not 100% sure wether this is a 4.10 issue, or related
> to changes
> >> in my build environment. However I can no longer do GSSAPI based
> >> ("nsupdate -g") DNS updates on my setup (NOTAUTH error).
> >>
> >> I already tried several fixes (samba_dnsupgrade etc.) to
> get rid of this
> >> issue - no luck so far
> >>
> >> Kerberos based updates using "samba-tool dns" work btw - with the
> >> same user.
> >>
> >> I just wanted to ask if someone is using 4.10.x with bind9
> dlz backend
> >> and is still able to use this kind of DNS updates.
> >>
> >> Any help / hint is welcome.
> >>
> >> Best regards,
> >> Marcel
>
>
More information about the samba-technical
mailing list