[Samba] Dynamic dns updates fail for (most) xp, vista and win7 clients
Felix Mason
felixmason at oilmovements.com
Fri May 3 17:19:59 MDT 2013
My mistake. The time was not being synced due to the same permissions issue that was preventing dns updates.
The solution was to log on to each client as a domain admin and issue the following commands
net time /domain /set /y
ipconfig /registerdns
On one windows 7 clinet I had to do the folllowing:
1) Sync the time with the net time command
2) drop the machine off the network and rejoin it under a different name
3) register dns with the ipconfig command.
I have no idea why that one machine was difficult but other then that you were right it was a time issue.
-----Original message-----
From:Felix Mason <felixmason at oilmovements.com>
Sent:Sat 27-04-2013 11:49
Subject:RE: [Samba] Dynamic dns updates fail for (most) xp, vista and win7 clients
CC:samba at lists.samba.org;
To:?icro MEGAS <micromegas at mail333.com>;
Hi Lucas
Thanks, but the time is in sync on all clients and is updated on login by a login script. There's is no discrepancy in this regard between those clients that work and those that don't. :)
On Wed 24-04-2013 10:47:?icro MEGAS <micromegas at mail333.com> wrote
Check your time sync between clients and server. If the time is not in sync, it can result to Kerberos errors and therefore no updates.
Cheers,
Lucas
Втр 23 Апр 2013 22:36:48 +0400, Felix Mason <felixmason at oilmovements.com> написал:
Hi
Banging my head against a wall with this. Dynamic dns updates for windows clients are failing.
Log exceprt:
Apr 13 00:20:50 server named[30147]: samba_dlz: disallowing update of signer=newboywin7\$\@example.lan name=newboywin7.example.lan type=AAAA error=insufficient access rights
Apr 13 00:20:50 server named[30147]: client 192.168.12.205#61162: updating zone 'example.lan/NONE': update failed: rejected by secure update (REFUSED)
Apr 13 00:20:50 server named[30147]: samba_dlz: cancelling transaction on zone example.lan
Apr 13 00:20:50 server named[30147]: samba_dlz: starting transaction on zone example.lan
Apr 13 00:20:50 server named[30147]: client 192.168.12.205#62052: update 'example.lan/IN' denied
Apr 13 00:20:50 server named[30147]: samba_dlz: cancelling transaction on zone example.lan
Apr 13 00:20:50 server named[30147]: samba_dlz: starting transaction on zone example.lan
Apr 13 00:20:50 server named[30147]: samba_dlz: disallowing update of signer=newboywin7\$\@example.lan name=newboywin7.example.lan type=AAAA error=insufficient access rights
Apr 13 00:20:50 server named[30147]: client 192.168.12.205#64861: updating zone 'example.lan/NONE': update failed: rejected by secure update (REFUSED)
First two clients I got this problem with were winxp and win7. I did the following:
sudo samba_upgradedns --dns-backend=BIND9_DLZ
They started working. Since then I have the same problem and this doesn't resolve the issue.
Someone previously suggested this
ldbdel -H /opt/samba4/private/sam.ldb "DC=wxp1,DC=Kernevil.lan,CN=MicrosoftDNS,DC=Kernevil,DC=lan"
It doesn't work I don't find any entries for the affected workstations + they were not added to the domain with beta versions of samba.
I'm running Zentyal which is a version of ubuntu 12.4, samba package 4.0.4-zentyal1.
Have posted a question to there formum (with no success here) http://forum.zentyal.org/index.php/topic,14152.0.html <http://forum.zentyal.org/index.php/topic,14152.0.html>
Any help appreciated - this is infuriating.
cheers
sean
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list