[Samba] Samba 4, DHCP and Bind

Scott Whitten full772 at gmail.com
Mon Feb 25 15:44:42 MST 2013 

Hi All,

I'm trying to integrate Samba 4 DHCPD and Bind 9.9 into a complete solution.

I'm using the BIND/Samba 4 DLZ plugin.

DHCP by itself works and hands out IP addresses.

What I would like to have happen is the following:
- PC is joined to the Samba 4 domain (this works)
- PC gets an IP via DHCPD
- DHCP or the PC registers the IP in BIND

Network PC's should resolve cleanly when pinging pc01.office.local

My logs are full of messges aalong the lines of:
Feb 25 14:36:24 knottypine named[22655]: samba_dlz: starting transaction on
zone office.local
Feb 25 14:36:24 knottypine named[22655]: client 192.168.65.101#57781:
update 'office.local/IN' denied
Feb 25 14:36:24 knottypine named[22655]: samba_dlz: cancelling transaction
on zone office.local

Clearly I'm missing something but not sure what exactly.

Thanks for any suggestions you might have.

For reference... here are my various config files:
======================================================================
smb.conf
---
# Global parameters
[global]
        server role = active directory domain controller
        workgroup = OFFICE
        interfaces = eth0
        bind interfaces only = yes
        realm = office.local
        netbios name = KNOTTYPINE
        passdb backend = samba4
        idmap_ldb:use rfc2307 = yes
        allow dns updates = True

[netlogon]
        path = /usr/local/samba/var/locks/sysvol/office.local/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

[IPC$]
        path = /tmp
        read only = No

[Data]
    path = /u0/sambashares/data
    read only = no
======================================================================
ddns-update-style ad-hoc;
allow unknown-clients;

subnet 192.168.65.0 netmask 255.255.255.0 {

# --- default gateway
        option routers                  192.168.65.1;
        option subnet-mask              255.255.255.0;

        option domain-name              "office.local";
        option domain-name-servers      192.168.65.2;

        option netbios-name-servers     192.168.65.2;
        option netbios-node-type 2;

        default-lease-time 21600;
        max-lease-time 43200;
        allow unknown-clients;

        range 192.168.65.100 192.168.65.150;
}
======================================================================

//
// sample BIND configuration file
//
acl mynet {
        192.168.65.0/24;
        127.0.0.1;
};

options {
  listen-on { 127.0.0.1; 192.168.65.0/24; };
  allow-query { 192.168.65.0/24; localhost; };
  allow-recursion { 192.168.65.0/24; localhost; };
  tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
  forwarders {8.8.8.8;};
};

// Where the localhost hostname is defined
zone "localhost" IN {
  type master;
  file "/etc/namedb/zone.localhost";
  allow-update { none; };
};

// Where the 127.0.0.0 network is defined
zone "0.0.127.in-addr.arpa" IN {
  type master;
  file "/etc/namedb/revp.127.0.0";
  allow-update { none; };
};

zone "65.168.192.in-addr.arpa" {
        type master;
        file "/etc/namedb/192.168.65.0.rev";
        allow-query {
                mynet;
        };
        allow-transfer {
                mynet;
        };
        allow-update {
                mynet;
        };
};

include "/usr/local/samba/private/named.conf";

More information about the samba mailing list