Samba 4.12 rc3: bind DNS say "named: client update denied"

Rowland penny rpenny at samba.org
Sat Mar 14 15:45:54 UTC 2020 

On 14/03/2020 15:23, Dario Lesca via samba-technical wrote:
> Il giorno sab, 14/03/2020 alle 14.15 +0000, Rowland penny via samba-
> technical ha scritto:
>
> Thanks Rowland, forgive me if I can't understand, but...
>
>> the Computers A record should be added the first  time Samba is
>> run.
> The A record is added into DNS zone only "first time Samba is run"
> or also whenever when I join a Computer to domain ?
Both ;-), the record should be added when you join a Samba DC, but if it 
isn't, then samba_dnsupdate should add it the first time Samba is run on 
a DC.
> I have restart Samba many times but none of the missing Computer name
> present into Samba Computer list are been added into DNS zone
>
> and then, how does it traslate Computer list into DNS, if the IP of
> computer in Computer list does not exist?
>
> This is my situation:
>
> [root at addc1 ~]# samba-tool computer list
> WIN10B$
> ADDC1$
> centos8$
> WIN10A$
>
> [root at addc1 ~]# samba-tool dns query \
>> addc1.fedora.loc fedora.loc @ ALL -Uadministrator
>   Name=, Records=3, Children=0
>      SOA: serial=7, refresh=900, retry=600, expire=86400, minttl=3600,
> ns=addc1.fedora.loc., email=hostmaster.fedora.loc. (flags=600000f0,
> serial=7, ttl=3600)
>      NS: addc1.fedora.loc. (flags=600000f0, serial=4, ttl=900)
>      A: 192.168.122.100 (flags=600000f0, serial=4, ttl=900)
>    Name=_msdcs, Records=0, Children=0
>    Name=_sites, Records=0, Children=1
>    Name=_tcp, Records=0, Children=4
>    Name=_udp, Records=0, Children=2
>    Name=addc1, Records=1, Children=0
>      A: 192.168.122.100 (flags=f0, serial=1, ttl=900)
>    Name=centos8, Records=1, Children=0
>      A: 192.168.122.11 (flags=f0, serial=2, ttl=900)
>    Name=DomainDnsZones, Records=0, Children=2
>    Name=ForestDnsZones, Records=0, Children=2
>    Name=test, Records=1, Children=0
>      A: 192.168.122.33 (flags=f0, serial=5, ttl=3600)
>
> Like you say, win10a and win10b are not present into DNS zone

Ahh, a Windows DC will not have samba_dnsupdate, you will probably have 
to create the records manually with samba-tool or ADUC

> What am I doing wrong
You are using the Fedora packages to provision a DC, it looks like you 
might just have found another reason not use them for a DC ;-)
> Many thanks for you patient.

Couple of answers to that ;-)

Either: 'yes doctor'

Or: I think you mean 'patience'

Rowland

More information about the samba-technical mailing list