[Samba] samba 4 named. dlz_bind9.so not found

steve steve at steve-ss.com
Mon Dec 5 01:09:21 MST 2011 

Hi Marcel

re: host -t A samba.hh3.site

I think I've understood it now.

I took that line from the samba wiki: 'In the following examples we will 
assume your DNS domain name is 'samdom.example.com' and your short (also 
known as NT4) domain name is 'samdom'. We will assume that your Samba 
servers hostname is samba.'

In my case, my dns domain name is hh3.site, short NT4 name is HH1 and my 
samba servers hostname is hh3.

so in my case I think that line should have been:

  host -t A hh3.hh3.site
hh3.hh3.site has address 192.168.1.3

which works of course. (Duh. Sunday is usually an non working day for me!)

Using your samba only method also works:

samba-tool  dns query 192.168.1.3 hh3.site hh3 A -U administrator
Password for [HH1\administrator]:
   Name=, Records=1, Children=0
     A: 192.168.1.3 (flags=f0, serial=1, ttl=900)

I can now logon and create folders using smbclient. But I can't create 
new fils nor folders using konq or dolphin. Samba 4 does not ask me for 
a username nor password and tells me 'access denied' when trying. I have 
this open on another thread.

The other thing I can't figure out is how a linux client would use the 
AD user information to be able to authenticate.

Thanks for your patience.
Steve.





On 04/12/11 20:44, Marcel Ritter wrote:
> Hi Steve,
>
> as 2 of the 3 queries did succeed, are you sure the hostname
> of your dc was correctly detected during provision?
>
> Does "hostname -f" return "samba.hh3.site"?
>
> You may also try samba-tool / ldbsearch to get info about
> the DNS entries stored by samba.
> (Please replace 192.168.1.6 with the IP of your samba4 dc.)
>
> The following command will try to do a dns lookup using
> samba only (no bind) for "samba.hh3.site":
>
> /opt/samba4/bin/samba-tool  dns query 192.168.1.6 hh3.site samba A -U Administrator%password
>
> You may also try to list entries via ldbsearch (change path to your sam.ldb.d):
>
> /opt/samba4/bin/ldbsearch  -H /opt/samba4/var/lib/samba/private/sam.ldb.d/DC\=DOMAINDNSZONES\,DC\=HH3\,DC\=SITE.ldb -b dc=domaindnszones,dc=hh3,dc=site name
>
>
> Hope this helps,
>     Marcel
>
> ________________________________________
> Von: samba-bounces at lists.samba.org [samba-bounces at lists.samba.org]" im Auftrag von"steve [steve at steve-ss.com]
> Gesendet: Sonntag, 4. Dezember 2011 17:17
> Bis: samba at lists.samba.org
> Betreff: Re: [Samba] samba 4 named. dlz_bind9.so not found
>
> On 04/12/11 14:19, Marcel Ritter wrote:
>> Hi Steve,
>>
>> it's quite likely, that bind running in chroot is the cause of
>> the problem. You can easily test it by disabling chroot for
>> named on SuSE systems by editing /etc/sysconfig/named
>>
>> NAMED_RUN_CHROOTED="no"
>>
>> If the problem is still there, try running named using strace,
>> and have a look at all stat()/open() calls concerning dlz_bind9.so.
>>
>> This should give some hints about missing files/permissions and
>> may help to narrow down the problem.
>>
>> Bye,
>>      Marcel
>>
> Hi Marcel
>
> Progress.
>
> Removing the jail worked and named starts. It's getting better. Now I
> have this:
>
> hh3:/home/steve # host -t SRV _ldap._tcp.hh3.site.
> _ldap._tcp.hh3.site has SRV record 0 100 389 hh3.hh3.site.
> hh3:/home/steve # host -t SRV _kerberos._udp.hh3.site.
> _kerberos._udp.hh3.site has SRV record 0 100 88 hh3.hh3.site.
> hh3:/home/steve # host -t A samba.hh3.site
> Host samba.hh3.site not found: 3(NXDOMAIN)
>
> 2 successes and a 1 failure.
>
> (hh3.site is the fqdn)
>
> The logs give this:
>
> Dec  4 17:04:27 hh3 named[3383]: couldn't add command channel ::1#953:
> address not available
> Dec  4 17:04:27 hh3 named[3383]: zone 0.0.127.in-addr.arpa/IN: loaded
> serial 42
> Dec  4 17:04:27 hh3 named[3383]: zone
> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN:
> loaded serial 42
> Dec  4 17:04:27 hh3 named[3383]: zone localhost/IN: loaded serial 42
> Dec  4 17:04:27 hh3 named[3383]: managed-keys-zone ./IN: loading from
> master file managed-keys.bind failed: file not found
> Dec  4 17:04:27 hh3 named[3383]: managed-keys-zone ./IN: loaded serial 0
> Dec  4 17:04:27 hh3 named[3356]: Starting name server BIND ..done
> Dec  4 17:04:27 hh3 named[3383]: running
>
> Am trying hard to keep calm! I asked about the managed-keys-zone on the
> openSUSE list a few days ago, but nothing.
> Any ideas where to turn next?
> Cheers
> Steve
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list