Samba 4.12 rc3: bind DNS say "named: client update denied"
Rowland penny
rpenny at samba.org
Sun Feb 23 12:29:03 UTC 2020
On 23/02/2020 10:31, Dario Lesca via samba-technical wrote:
> Hi, I'm doing some tests samba DC 4.12.rc3 MIT Kerberos + Bind DNS +
> Dhcpd script on Fedora 32 beta.
I wouldn't suggest using this in production, MIT on an AD DC is still
experimental.
> All work fine except this issue:
>
> The dhcp for a workstation "win10a.fedora.loc" NOT joined to domain
> work great, name and reverse are added to Samba Bind DNS.
>
> But after this join, some time (10/15 minutes) into syslog I get this
> error:
>
> named[718]: client @0x7f128c3e5eb0 192.168.122.103#54566: update
> 'fedora.loc/IN' denied
> But despite this, everything works well
First, there is no point in asking Fedora about this, the dhcp script is
supplied by Samba (or to be more precise, by myself).
Secondly, it looks like your clients are trying to update their own
records in AD, which they cannot, because they do not belong to them, so
stop your clients trying to do this..
Thirdly, this is the wrong place to ask, you should have asked on the
samba mailing list.
Rowland
More information about the samba-technical
mailing list