[Samba] Samba4, bind9

csirt csirt at arcor.de
Mon May 30 02:52:25 MDT 2011


Hello,
i am testing samba4 for production readiness in our LAN. Host is
Ubuntu 10.04.02 LTS.
Samba version is 4.0.0alpha16-GIT-9c3e538, named is bind
9.7.0.dfsg.P1-1ubuntu0.1. I also tested it with self-compiled
bind-9.7.4b1. I used the Samba4/HOWTO
http://wiki.samba.org/index.php/Samba4/HOWTO
I smoothly joined my AD with a Win7 Client. I am able to add users and
group-policies with the MS AD-tools from the Win 7 client.

Following are my questions:
1. I do not see, neither the server "SAMBA4", nor its share [test] in
the network browse list, but i can connect to, and use it.
2. I get errors regarding dnsupdate in log.samba. Like this:

../source4/dsdb/dns/dns_update.c:252: Failed DNS update - NT_STATUS_IO_TIMEOUT
[2011/05/30 10:02:27,  0]
../source4/dsdb/dns/dns_update.c:252(dnsupdate_nameupdate_done)

When i start dnsupdate it tells the following:

./samba_dnsupdate --verbose
IPs: ['192.168.0.243']
Looking for DNS entry A mydomain.local 192.168.0.243 as mydomain.local.
Failed to find DNS entry A mydomain.local 192.168.0.243
Looking for DNS entry A samba4.mydomain.local 192.168.0.243 as
samba4.mydomain.local.
Failed to find DNS entry A samba4.mydomain.local 192.168.0.243
Looking for DNS entry CNAME
a637dd2c-5c63-4b6f-9332-19aade86c91d._msdcs.mydomain.local
samba4.mydomain.local as
a637dd2c-5c63-4b6f-9332-19aade86c91d._msdcs.mydomain.local.
Failed to find DNS entry CNAME
a637dd2c-5c63-4b6f-9332-19aade86c91d._msdcs.mydomain.local
samba4.mydomain.local
Looking for DNS entry SRV
_kerberos._tcp.default-first-site-name._sites.dc._msdcs.mydomain.local
samba4.mydomain.local 88 as
_kerberos._tcp.default-first-site-name._sites.dc._msdcs.mydomain.local.
Failed to find DNS entry SRV
_kerberos._tcp.default-first-site-name._sites.dc._msdcs.mydomain.local
samba4.mydomain.local 88
Looking for DNS entry SRV
_ldap._tcp.default-first-site-name._sites.dc._msdcs.mydomain.local
samba4.mydomain.local 389 as
_ldap._tcp.default-first-site-name._sites.dc._msdcs.mydomain.local.
Failed to find DNS entry SRV
_ldap._tcp.default-first-site-name._sites.dc._msdcs.mydomain.local
samba4.mydomain.local 389
Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.mydomain.local
samba4.mydomain.local 88 as _kerberos._tcp.dc._msdcs.mydomain.local.
Failed to find DNS entry SRV _kerberos._tcp.dc._msdcs.mydomain.local
samba4.mydomain.local 88
Looking for DNS entry SRV _ldap._tcp.dc._msdcs.mydomain.local
samba4.mydomain.local 389 as _ldap._tcp.dc._msdcs.mydomain.local.
Failed to find DNS entry SRV _ldap._tcp.dc._msdcs.mydomain.local
samba4.mydomain.local 389
Looking for DNS entry SRV
_ldap._tcp.d212fde4-fb7e-4d94-a6ef-b6a292f518cb.domains._msdcs.mydomain.local
samba4.mydomain.local 389 as
_ldap._tcp.d212fde4-fb7e-4d94-a6ef-b6a292f518cb.domains._msdcs.mydomain.local.
Failed to find DNS entry SRV
_ldap._tcp.d212fde4-fb7e-4d94-a6ef-b6a292f518cb.domains._msdcs.mydomain.local
samba4.mydomain.local 389
Looking for DNS entry SRV
_ldap._tcp.default-first-site-name._sites.gc._msdcs.mydomain.local
samba4.mydomain.local 3268 as
_ldap._tcp.default-first-site-name._sites.gc._msdcs.mydomain.local.


Strangely enough, when i ask with "host" i get correct answers. Like
mentioned in the howto .
Are these only some type of cosmetic errors, or will a run into serous
problems if i move further on?

regards


#smb.conf:
# Global parameters
[global]
        server role = domain controller
        workgroup = SAMDOM
        realm = mydomain.local
        netbios name = SAMBA4

[netlogon]
        path = /usr/local/samba/var/locks/sysvol/mydomain.local/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

[profiles]
        path = /usr/local/samba/var/profiles
        read only = no

[test]
        path = /tmp
        read only = no


#named.conf:
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
zone "0.168.192.in-addr.arpa" {
        type master;
        file "/var/lib/bind/192.168.0.rev";
        };


#named.conf.local:
include "/usr/local/samba/private/named.conf";


#private/named.conf:
zone "mydomain.local." IN {
        type master;
        update-policy {
                grant MYDOMAIN.LOCAL ms-self * A AAAA;
                grant SAMBA4$@MYDOMAIN.LOCAL wildcard * A AAAA SRV CNAME;
                grant Administrator at MYDONAIN.LOCAL wildcard * A AAAA SRV CNAME;
        };
        file "/usr/local/samba/private/dns/mydomain.local.zone";
        check-names ignore;
};


More information about the samba mailing list