Samba 4.12 rc3: bind DNS say "named: client update denied"

Dario Lesca d.lesca at solinos.it
Sat Mar 14 23:28:43 UTC 2020 

Il giorno sab, 14/03/2020 alle 17.42 +0000, Rowland penny via samba-
technical ha scritto:
> > The Windows are the client.
> > Why you say "a Windows DC" ? what does it mean?
> 
> Just what it says, a DC running on Windows.
> 
In my case, there is none Windows Domain Controller here.
The DC is a Samba DC 4.12.0.

Windows are clients (win10a and win10b), and when I join it to samba
DC, record A is not added to DNS zone.

Now I know this should happen, and if it doesn't and my configuration
is right, it's a bug.

> > Yes I have do that initially.
> > But now the record it's gone, I have remove it and I have un-join and
> > re-join the win10a pc and join the new win10b
> I am a bit confused here, is it the Samba DC's dns records that are not 
> getting created, or is it the Windows client records ?

The Samba DC's DNS records is OK, it is already entered in the DNS.

It is the Windows clients records which is not insert into DNS when
client are join to domain.

> > > You are using the Fedora packages to provision a DC,
> > Yes I use the Fedora packages for test it.
> Thanks for testing them, but be aware that there are major problems with 
> the Fedora packages, that is why they are marked experimental.
> > > it looks like you might just have found another reason not use them
> > > for a DC ;-)
> > No eventually, if so, I have found another reason to fill a bug on
> > RedHat Bugzilla.
> Possibly, but it is Samba's code and if it is a bug, you should report 
> it to Samba, not Red Hat.
Ok, if this is a bug, I will do so, see below 

> > Since you tell me it should do it, this is a bug
> I am not entirely sure it is a bug, it may be, but further testing is 
> required.

The Technical details reported in this tread by Alexander Bokovoy (both
updateacl and ssutable are NULL) shows why the record insertion fails.

Can this be considered a bug and explain what happens and why the
insert fails?

If yes I will fill the bugs.
if no, in the next few days I will do it all over again, without using
the dhcp script for adding dns names, and see if the name will be added
to the DNS zone when joining the PCs

Many thanks

-- 
Dario Lesca
(inviato dal mio Linux Fedora 31 Workstation)

More information about the samba-technical mailing list