[Samba] howto test ddns

Rowland Penny rowlandpenny at googlemail.com
Fri Aug 1 13:30:33 MDT 2014


On 01/08/14 19:11, shadrock uhuru wrote:
> Hi Steve
>
> nsupdate -g -D
> setup_system()
> reset_system()
> user_interaction()
>> server 10.2.1.6
> do_next_command()
>> realm TISSISAT.CO.UK
> do_next_command()
>> update delete ashanti. in A
> do_next_command()
> evaluate_update()
> update_addordelete()
>> update delete ashanti. in AAAA
> do_next_command()
> evaluate_update()
> update_addordelete()
>> update add testserver. 3600 in A 10.2.1.50
> do_next_command()
> evaluate_update()
> update_addordelete()
>> send
> do_next_command()
> start_update()
> recvsoa()
> About to create rcvmsg
> show_message()
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  52577
> ;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;testserver.            IN    SOA
>
> Out of recvsoa
> recvsoa()
> About to create rcvmsg
> show_message()
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  45464
> ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;.                IN    SOA
>
> could not find enclosing zone

you do not seem to be adding the domain name to the above commands and 
you are deleting one name & adding a different one. This seems to be 
leading nsupdate to not know which zone to update.

>
>
> this is my hosts file, ashanti is the AD
>
> #
> # /etc/hosts: static lookup table for host names
> #
>
> #<ip-address>   <hostname.domain.org>   <hostname>
> # 127.0.0.1     localhost.localdomain   localhost ashanti
> # 10.2.1.6      ashanti.tissisat.co.uk  ashanti
> 127.0.0.1       localhost.localdomain   localhost
> 127.0.1.1       ashanti.tissisat.co.uk  ashanti
> ::1             localhost.localdomain   localhost
>
> # End of file

This seems to show that your  AD DC is getting its ipaddress via DHCP, 
this is not a good idea and I would suggest that you cease this at once, 
your AD DC needs to be a DNS server, I cannot see how it can do this if 
it gets its ip via DHCP.

Rowland


> shadrock
>
>
>>> / Hi everyone
>> />/ my sssd log shows the nsupdate command failing,
>> />/ how do i test ddns separately from sssd to see if the problem is in sssd
>> />/ or samba.
>> />/ shadrock
>> />/
>> /Hi
>> use:
>> nsupdate -g
>> DNS has to be absolutely, and utterly perfect.
>> HTH,
>> Steve
>>
>> BTW, do you really want 127.0.0.1 in DNS?
>>
>>> /
>> />/
>> />/ /etc/sssd/sssd.conf
>> />/ -------------------------------------------------
>> />/
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [be_nsupdate_timer_schedule] (0x0200): Timer already scheduled
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [ad_dyndns_update_send] (0x0400): Performing update
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of
>> />/ 'ashanti' in DNS
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [resolv_gethostbyname_dns_parse] (0x1000): Parsing an A reply
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [request_watch_destructor] (0x0400): Deleting request watch
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve AAAA record
>> />/ of 'ashanti' in DNS
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [request_watch_destructor] (0x0400): Deleting request watch
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [resolv_gethostbyname_next] (0x0200): No more address families to retry
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [resolv_gethostbyname_next] (0x0100): No more hosts databases to retry
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [nsupdate_msg_create_common] (0x0200): Creating update message for realm
>> />/ [TISSISAT.CO.UK].
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [be_nsupdate_create_fwd_msg] (0x0400):  -- Begin nsupdate message --
>> />/ realm TISSISAT.CO.UK
>> />/ update delete ashanti. in A
>> />/ send
>> />/ update delete ashanti. in AAAA
>> />/ send
>> />/ update add ashanti. 3600 in A 127.0.0.1
>> />/ send
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [be_nsupdate_create_fwd_msg] (0x0400):  -- End nsupdate message --
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [write_pipe_handler] (0x0400): All data has been sent!
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [nsupdate_child_stdin_done] (0x1000): Sending nsupdate data complete
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_args]
>> />/ (0x0200): nsupdate auth type: GSS-TSIG
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]] [ad_online_cb]
>> />/ (0x0400): The AD provider is online
>> />/ tkey query failed: GSSAPI error: Major = Unspecified GSS failure.  Minor
>> />/ code may provide more information, Minor = Server not found in Kerberos
>> />/ database.
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [child_sig_handler] (0x1000): Waiting for child [654].
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [child_sig_handler] (0x0020): child [654] failed with status [1].
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status
>> />/ [256]
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_done]
>> />/ (0x0040): nsupdate child execution failed [1432158228]: Dynamic DNS
>> />/ update failed
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [sdap_dyndns_update_done] (0x0080): nsupdate failed, retrying with
>> />/ server name
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [nsupdate_msg_create_common] (0x0200): Creating update message for
>> />/ server [ashanti.tissisat.co.uk] and realm [TISSISAT.CO.UK]
>> />/ .(Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [be_nsupdate_create_fwd_msg] (0x0400):  -- Begin nsupdate message --
>> />/ server ashanti.tissisat.co.uk
>> />/ realm TISSISAT.CO.UK
>> />/ update delete ashanti. in A
>> />/ send
>> />/ update delete ashanti. in AAAA
>> />/ send
>> />/ update add ashanti. 3600 in A 127.0.0.1
>> />/ send
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [be_nsupdate_create_fwd_msg] (0x0400):  -- End nsupdate message --
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [write_pipe_handler] (0x0400): All data has been sent!
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [nsupdate_child_stdin_done] (0x1000): Sending nsupdate data complete
>> />/ (Fri Aug  1 12:18:30 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_args]
>> />/ (0x0200): nsupdate auth type: GSS-TSIG
>> />/ (Fri Aug  1 12:18:32 2014) [sssd] [services_startup_timeout] (0x0400):
>> />/ Handling timeout
>> />/ (Fri Aug  1 12:18:37 2014) [sssd] [service_send_ping] (0x0100): Pinging
>> />/ tissisat.co.uk
>> />/ (Fri Aug  1 12:18:37 2014) [sssd] [service_send_ping] (0x0100): Pinging nss
>> />/ (Fri Aug  1 12:18:37 2014) [sssd] [ping_check] (0x0100): Service
>> />/ tissisat.co.uk replied to ping
>> />/ (Fri Aug  1 12:18:37 2014) [sssd] [ping_check] (0x0100): Service nss
>> />/ replied to ping
>> />/ (Fri Aug  1 12:18:37 2014) [sssd[be[tissisat.co.uk]]] [be_ptask_execute]
>> />/ (0x0400): Task [Cleanup of tissisat.co.uk]: executing task, timeout
>> />/ 10800 seconds
>> />/ (Fri Aug  1 12:18:37 2014) [sssd[be[tissisat.co.uk]]] [be_ptask_done]
>> />/ (0x0400): Task [Cleanup of tissisat.co.uk]: finished successfully
>> />/ (Fri Aug  1 12:18:37 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [be_ptask_schedule] (0x0400): Task [Cleanup of tissisat.co.uk]:
>> />/ scheduling task 10800 seconds from last execution time [1406902717]
>> />/ (Fri Aug  1 12:18:38 2014) [sssd] [service_send_ping] (0x0100): Pinging pam
>> />/ (Fri Aug  1 12:18:38 2014) [sssd] [ping_check] (0x0100): Service pam
>> />/ replied to ping
>> />/ (Fri Aug  1 12:18:45 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [nsupdate_child_timeout] (0x0020): Timeout reached for dynamic DNS update
>> />/ (Fri Aug  1 12:18:45 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_done]
>> />/ (0x0040): nsupdate child execution failed [1432158229]: Dynamic DNS
>> />/ update timed out
>> />/ (Fri Aug  1 12:18:45 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [ad_dyndns_sdap_update_done] (0x0040): Dynamic DNS update failed
>> />/ [1432158229]: Dynamic DNS update timed out
>> />/ (Fri Aug  1 12:18:45 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [ad_dyndns_nsupdate_done] (0x0040): Updating DNS entry failed
>> />/ [1432158229]: Dynamic DNS update timed out
>> />/ (Fri Aug  1 12:18:45 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [child_sig_handler] (0x1000): Waiting for child [658].
>> />/ (Fri Aug  1 12:18:45 2014) [sssd[be[tissisat.co.uk]]]
>> />/ [child_sig_handler] (0x0020): child [658] was terminated by signal [9].
>> />/
>> />/
>> />/ -------------------------------------------------------------/



More information about the samba mailing list