[Samba] howto test ddns
shadrock uhuru
niyalevi at gmail.com
Fri Aug 1 23:02:57 MDT 2014
hi
please could we start all over again,
the nsupdate example i gave you was the output of two attempts at the
command mixed together,
i will also clarify some things along the way.
ashanti is the AD DC with a static address of 10.2.1.6.
testserver.tissisat.co.uk is a ficticous server to test the ddns update
with.
i have assumed that the server line in the nsupdate command is for the
dns server i.e. the AD DC
which seem to work once i had a ticket for the server.
i have included a portion of sssd startup output, if you need the full
startup i can send,
which shows that it still fails on ddns.
should i uncomment "# 10.2.1.6 ashanti.tissisat.co.uk
ashanti" in the host file?
> Anyway, just hoping that this is in the lab
the AD DC is for my personal use in my network
$ cat /etc/hostname
ashanti
$ cat /etc/hosts
#
# /etc/hosts: static lookup table for host names
#
#<ip-address> <hostname.domain.org> <hostname>
# 127.0.0.1 localhost.localdomain localhost ashanti
# 10.2.1.6 ashanti.tissisat.co.uk ashanti
127.0.0.1 localhost.localdomain localhost
# 127.0.1.1 ashanti.tissisat.co.uk ashanti
::1 localhost.localdomain localhost
$ hostname
ashanti
$ hostname -f
ashanti.tissisat.co.uk
$ hostname -s
ashanti
$ hostname -d
tissisat.co.uk
$ sudo klist -k
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
1 ashanti$@TISSISAT.CO.UK
1 ashanti$@TISSISAT.CO.UK
1 ashanti$@TISSISAT.CO.UK
$ cat /etc/sssd/sssd.conf
[sssd]
services = nss, pam
config_file_version = 2
domains = tissisat.co.uk
[nss]
filter_groups = root
filer_users = root
fallback_homedir = /home/%u
default_shell = /bin/bash
[pam]
[domain/tissisat.co.uk]
id_provider = ad
auth_provider = ad
access_provider = ad
ldap_id_mapping = False
ad_server= ashanti.tissisat.co.uk
ad_domain= tissisat.co.uk
ldap_schema = ad
override_homedir=/home/%u
cache_credentials = true
$ samba-tool dns zonelist ashanti
3 zone(s) found
pszZoneName : 1.2.10.in-addr.arpa
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.tissisat.co.uk
pszZoneName : tissisat.co.uk
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.tissisat.co.uk
pszZoneName : _msdcs.tissisat.co.uk
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT
DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.tissisat.co.uk
$ samba-tool dns zoneinfo ashanti tissisat.co.uk
pszZoneName : tissisat.co.uk
dwZoneType : DNS_ZONE_TYPE_PRIMARY
fReverse : FALSE
fAllowUpdate : DNS_ZONE_UPDATE_SECURE
fPaused : FALSE
fShutdown : FALSE
fAutoCreated : FALSE
fUseDatabase : TRUE
pszDataFile : None
aipMasters : []
fSecureSecondaries : DNS_ZONE_SECSECURE_NO_XFER
fNotifyLevel : DNS_ZONE_NOTIFY_LIST_ONLY
aipSecondaries : []
aipNotify : []
fUseWins : FALSE
fUseNbstat : FALSE
fAging : FALSE
dwNoRefreshInterval : 168
dwRefreshInterval : 168
dwAvailForScavengeTime : 0
aipScavengeServers : []
dwRpcStructureVersion : 0x2
dwForwarderTimeout : 0
fForwarderSlave : 0
aipLocalMasters : []
dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.tissisat.co.uk
pwszZoneDn :
DC=tissisat.co.uk,CN=MicrosoftDNS,DC=DomainDnsZones,DC=tissisat,DC=co,DC=uk
dwLastSuccessfulSoaCheck : 0
dwLastSuccessfulXfr : 0
fQueuedForBackgroundLoad : FALSE
fBackgroundLoadInProgress : FALSE
fReadOnlyZone : FALSE
dwLastXfrAttempt : 0
dwLastXfrResult : 0
$ samba-tool dns serverinfo ashanti
dwVersion : 0xece0205
fBootMethod : DNS_BOOT_METHOD_DIRECTORY
fAdminConfigured : FALSE
fAllowUpdate : TRUE
fDsAvailable : TRUE
pszServerName : ASHANTI.tissisat.co.uk
pszDsContainer :
CN=MicrosoftDNS,DC=DomainDnsZones,DC=tissisat,DC=co,DC=uk
aipServerAddrs : ['10.2.1.6 (53)']
aipListenAddrs : ['10.2.1.6 (53)']
aipForwarders : []
dwLogLevel : 0
dwDebugLevel : 0
dwForwardTimeout : 3
dwRpcPrototol : 0x5
dwNameCheckFlag : DNS_ALLOW_MULTIBYTE_NAMES
cAddressAnswerLimit : 0
dwRecursionRetry : 3
dwRecursionTimeout : 8
dwMaxCacheTtl : 86400
dwDsPollingInterval : 180
dwScavengingInterval : 0
dwDefaultRefreshInterval : 168
dwDefaultNoRefreshInterval : 168
fAutoReverseZones : FALSE
fAutoCacheUpdate : FALSE
fRecurseAfterForwarding : FALSE
fForwardDelegations : TRUE
fNoRecursion : FALSE
fSecureResponses : FALSE
fRoundRobin : TRUE
fLocalNetPriority : FALSE
fBindSecondaries : FALSE
fWriteAuthorityNs : FALSE
fStrictFileParsing : FALSE
fLooseWildcarding : FALSE
fDefaultAgingState : FALSE
dwRpcStructureVersion : 0x2
aipLogFilter : []
pwszLogFilePath : None
pszDomainName : tissisat.co.uk
pszForestName : tissisat.co.uk
pszDomainDirectoryPartition : DC=DomainDnsZones,DC=tissisat,DC=co,DC=uk
pszForestDirectoryPartition : DC=ForestDnsZones,DC=tissisat,DC=co,DC=uk
dwLocalNetPriorityNetMask : 0xff
dwLastScavengeTime : 0
dwEventLogLevel : 4
dwLogFileMaxSize : 0
dwDsForestVersion : 2
dwDsDomainVersion : 2
dwDsDsaVersion : 4
fReadOnlyDC : FALSE
# kinit -k ashanti$
# nsupdate -g -D
setup_system()
reset_system()
user_interaction()
> server 10.2.1.6
do_next_command()
> realm TISSISAT.CO.UK
do_next_command()
> update delete testserver.tissisat.co.uk in A
do_next_command()
evaluate_update()
update_addordelete()
> update delete testserver.tissisat.co.uk in AAAA
do_next_command()
evaluate_update()
update_addordelete()
> update add testserver.tissisat.co.uk 3600 in A 10.2.1.50
do_next_command()
evaluate_update()
update_addordelete()
> send
do_next_command()
start_update()
recvsoa()
About to create rcvmsg
show_message()
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46101
;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;testserver.tissisat.co.uk. IN SOA
Out of recvsoa
recvsoa()
About to create rcvmsg
show_message()
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57630
;; flags: qr aa ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;tissisat.co.uk. IN SOA
;; ANSWER SECTION:
tissisat.co.uk. 3600 IN SOA ashanti.tissisat.co.uk.
hostmaster.tissisat.co.uk. 13 900 600 86400 0
Found zone name: tissisat.co.uk
The master is: ashanti.tissisat.co.uk
start_gssrequest
send_gssrequest
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7248
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;394905254.sig-ashanti.tissisat.co.uk. ANY TKEY
;; ADDITIONAL SECTION:
394905254.sig-ashanti.tissisat.co.uk. 0 ANY TKEY gss-tsig. 1406951079
1406951079 3 NOERROR 1337
YIIFNQYGKwYBBQUCoIIFKTCCBSWgDTALBgkqhkiG9xIBAgKiggUSBIIF
DmCCBQoGCSqGSIb3EgECAgEAboIE+TCCBPWgAwIBBaEDAgEOogcDBQAg
AAAAo4ID8GGCA+wwggPooAMCAQWhEBsOVElTU0lTQVQuQ08uVUuiKDAm
oAMCAQGhHzAdGwNETlMbFmFzaGFudGkudGlzc2lzYXQuY28udWujggOj
MIIDn6ADAgEXoQMCAQGiggORBIIDjRrQh9iYzuxJqaG5EdQq3L1w2k/U
SLaDdlP617Ug6JUQKYTovVNmDvEo9pPZ9oJ2vUzNwHAHwn+ULXu7bRFw
AhPxtbHM+tpH1G2XsaR/hu99u10EVs+gyu7CIG2glv8Z/rJBK9EHLD3/
cDK3WKTTlVh7XP8pCu+eW19FuEi8llX4W/iR27wI4h2Uj6i/vpndf4uf
9koJhala18VmK5aCr7ZPcaO1pe9E6zeyC7tS44N6XPpRnBZ1FR7o1QwZ
3W9icCtd+k3LjK0hpjonXI6E87vTXw3cqjYosTP5F301w5/iXWG8/D/l
rIqL75I6Rj8KzQMIO+N4W8g0H2m8YbzWxfafctaBgXN2iPpERixFWuDW
xRpJq35Ao2pIoDL+A29pveNTHqvjUmI8i3ZjMoCsZsYWluxIs4ivV9JQ
4BA+t8vcyhJrS/xe76L0rDdNA1tTjzqxM0o97P/Cb2J1/4gEt0ttWf5O
92Z5WwvXbMqW2kxcUVEvRsSTzHe2B0+du3NZHx8CbxR2ivfkYLGOunR4
Gx5ZiZ+r9WhOsF8zvl/pUp01CHmFj0bc2Y1d/qQV3aLsdueESzg+GiEA
WRQg7GvAdFLpK/lbWOLnqzGjULBqxTuWdHqD6SrQUcxLp7HQTzGJivUA
1f6u21xpHTogvLqceEay68g2xExbQ+8hjBfQRT/9WTLh7GDWbboLSP2S
avIcaAKyI4WZ7/CXu3L9JpufsX3C3qhyyKZCE50sqCHktOc/nPoZPY7p
45jXWcbLM2J/XHThkl34kYIb8lX2oVsvTKJVHym459BxzA5fPW9Ij6pV
KtXW97VdirC85YUVEqXWKKJlDLyRAawZ8ehNCfdkC+O7DVM5IWIngiQQ
5PzMTJSJF06iVzZSvZAhOMjHrt+8J4NBH0ao0reaEDq7cSFySXPyRjkj
vsOz59ORLaMtA+v01bAmRo4mgnN9A6/tUsCmet3khg91au3DB02Os5/9
tALWOahvL207WgialVlH5lBQ/gP2Ex0hZMqnkuyZ0pkrbuto7b9jEuph
4FvA1GEVhiWnzKGxa83sQgN9xZm3yH1lqAnGrhYgQGd6bQP27YtVuzPD
ymTPhXJRRS5B/bAXZzmeRq7p43GZihzYHVJ5A4SKXsAzEJcol/EkB75K
VIlXlIGApmxwLgBzZsnYEReQw0iixMSXNA62tb1UjUOytEdI6VUrOSD0
k6q28e3PAqSB6zCB6KADAgEXooHgBIHdrTTZitRcV7UsCvDl5zuDVvyB
ZG5XB8fcEZDH/pBKRHlhLWkl0G+sgdBwtRL0oQRMN8fo6r+gLslvEsuS
yZ4043uDywzDMNMgvsGm6Psqdo0Ksdp78H92iupN9TLM0A5btYrxtEEZ
lm7gzbGROYt5/AxsWWMqps3Zvj0a/caC9ijwcusum8/02vnv7xtBV/U1
TirestQNloTwGjyoN4akUwQeiIqCRHaRO7HFlICeBzdY5FarEx5LPdNU
73Re5ru8xk9IkPCvQ5vAe2LeoXAt9Gwj/Sj/X+NxD0qnd6M= 0
Out of recvsoa
recvgss()
recvgss creating rcvmsg
show_message()
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7248
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;394905254.sig-ashanti.tissisat.co.uk. ANY TKEY
;; ANSWER SECTION:
394905254.sig-ashanti.tissisat.co.uk. 0 ANY TKEY gss-tsig. 1406951079
1406951079 3 NOERROR 182
oYGzMIGwoAMKAQChCwYJKoZIhvcSAQICooGbBIGYYIGVBgkqhkiG9xIB
AgICAG+BhTCBgqADAgEFoQMCAQ+idjB0oAMCAReibQRrM1d9domzVkPg
0MbfKRGIvEiUE4xiuCfFYxLTIXjxCHNwmJF8rkjTkJX81McGgzsU8S3t
Hcd25uGtnUkfugmaIoJNSU6c5yf5m+3q05iRdaqGiWj+5VnhOwtOTuu/
MidkzQ3UeQE5G3cjYVc= 0
;; TSIG PSEUDOSECTION:
394905254.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1406951079
300 28 BAQF//////8AAAAAKxIK7kjLo8P0jKfr2q6iBg== 7248 NOERROR 0
send_update()
Sending update to 10.2.1.6#53
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 26172
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 3, ADDITIONAL: 1
;; UPDATE SECTION:
testserver.tissisat.co.uk. 0 ANY A
testserver.tissisat.co.uk. 0 ANY AAAA
testserver.tissisat.co.uk. 3600 IN A 10.2.1.50
;; TSIG PSEUDOSECTION:
394905254.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1406951079
300 28 BAQE//////8AAAAAAlr7IeB/cAWO/xOOLUaD/Q== 26172 NOERROR 0
Out of recvgss
update_completed()
; TSIG error with server: tsig verify failure
show_message()
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 26172
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 3, ADDITIONAL: 1
;; ZONE SECTION:
;tissisat.co.uk. IN SOA
;; UPDATE SECTION:
testserver.tissisat.co.uk. 0 ANY A
testserver.tissisat.co.uk. 0 ANY AAAA
testserver.tissisat.co.uk. 3600 IN A 10.2.1.50
;; TSIG PSEUDOSECTION:
394905254.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1406951080
300 28 BAQF//////8AAAAAKxIK793acE0CbzAW2johtQ== 26172 NOERROR 0
done_update()
reset_system()
user_interaction()
# sssd -i -d7
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[be_nsupdate_timer_schedule] (0x0200): Timer already scheduled
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[ad_dyndns_update_send] (0x0400): Performing update
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of
'ashanti' in DNS
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[resolv_gethostbyname_dns_parse] (0x1000): Parsing an A reply
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[resolv_gethostbyname_dns_query] (0x0100): Trying to resolve AAAA record
of 'ashanti' in DNS
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[request_watch_destructor] (0x0400): Deleting request watch
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[resolv_gethostbyname_next] (0x0200): No more address families to retry
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[resolv_gethostbyname_next] (0x0100): No more hosts databases to retry
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[nsupdate_msg_create_common] (0x0200): Creating update message for realm
[TISSISAT.CO.UK].
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[be_nsupdate_create_fwd_msg] (0x0400): -- Begin nsupdate message --
realm TISSISAT.CO.UK
update delete ashanti. in A
send
update delete ashanti. in AAAA
send
update add ashanti. 3600 in A 10.2.1.6
send
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[be_nsupdate_create_fwd_msg] (0x0400): -- End nsupdate message --
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_args]
(0x0200): nsupdate auth type: GSS-TSIG
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[nsupdate_child_stdin_done] (0x1000): Sending nsupdate data complete
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [ad_online_cb]
(0x0400): The AD provider is online
tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor
code may provide more information, Minor = Server not found in Kerberos
database.
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[child_sig_handler] (0x1000): Waiting for child [1581].
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[child_sig_handler] (0x0020): child [1581] failed with status [1].
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status
[256]
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_done]
(0x0040): nsupdate child execution failed [1432158228]: Dynamic DNS
update failed
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[sdap_dyndns_update_done] (0x0080): nsupdate failed, retrying with
server name
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[nsupdate_msg_create_common] (0x0200): Creating update message for
server [ashanti.tissisat.co.uk] and realm [TISSISAT.CO.UK]
.(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[be_nsupdate_create_fwd_msg] (0x0400): -- Begin nsupdate message --
server ashanti.tissisat.co.uk
realm TISSISAT.CO.UK
update delete ashanti. in A
send
update delete ashanti. in AAAA
send
update add ashanti. 3600 in A 10.2.1.6
send
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[be_nsupdate_create_fwd_msg] (0x0400): -- End nsupdate message --
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[write_pipe_handler] (0x0400): All data has been sent!
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[nsupdate_child_stdin_done] (0x1000): Sending nsupdate data complete
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_args]
(0x0200): nsupdate auth type: GSS-TSIG
could not find enclosing zone
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[child_sig_handler] (0x1000): Waiting for child [1585].
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[child_sig_handler] (0x0020): child [1585] failed with status [1].
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status
[256]
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_done]
(0x0040): nsupdate child execution failed [1432158228]: Dynamic DNS
update failed
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[ad_dyndns_sdap_update_done] (0x0040): Dynamic DNS update failed
[1432158228]: Dynamic DNS update failed
(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
[ad_dyndns_nsupdate_done] (0x0040): Updating DNS entry failed
[1432158228]: Dynamic DNS update failed
shadrock
> On Fri, 2014-08-01 at 22:45 +0100, Rowland Penny wrote:
> >/ On 01/08/14 22:10, steve wrote:
> />/ > On Fri, 2014-08-01 at 19:11 +0100, shadrock uhuru wrote:
> />/ >> Hi Steve
> />/ >>
> />/ >> nsupdate -g -D
> />/ >> setup_system()
> />/ >> reset_system()
> />/ >> user_interaction()
> />/ >>> server 10.2.1.6
> />/ >> do_next_command()
> />/ >>> realm TISSISAT.CO.UK
> />/ >> do_next_command()
> />/ >>> update delete ashanti. in A
> />/ >> do_next_command()
> />/ >> evaluate_update()
> />/ >> update_addordelete()
> />/ >>> update delete ashanti. in AAAA
> />/ >> do_next_command()
> />/ >> evaluate_update()
> />/ >> update_addordelete()
> />/ >>> update add testserver. 3600 in A 10.2.1.50
> />/ >> do_next_command()
> />/ >> evaluate_update()
> />/ >> update_addordelete()
> />/ >>> send
> />/ >> do_next_command()
> />/ >> start_update()
> />/ >> recvsoa()
> />/ >> About to create rcvmsg
> />/ >> show_message()
> />/ >> Reply from SOA query:
> />/ >> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52577
> />/ >> ;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> />/ >> ;; QUESTION SECTION:
> />/ >> ;testserver. IN SOA
> />/ >>
> />/ >> Out of recvsoa
> />/ >> recvsoa()
> />/ >> About to create rcvmsg
> />/ >> show_message()
> />/ >> Reply from SOA query:
> />/ >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45464
> />/ >> ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> />/ >> ;; QUESTION SECTION:
> />/ >> ;. IN SOA
> />/ >>
> />/ >> could not find enclosing zone
> />/ >>
> />/ >>
> />/ >> this is my hosts file, ashanti is the AD
> />/ >>
> />/ >> #
> />/ >> # /etc/hosts: static lookup table for host names
> />/ >> #
> />/ >>
> />/ >> #<ip-address> <hostname.domain.org> <hostname>
> />/ >> # 127.0.0.1 localhost.localdomain localhost ashanti
> />/ >> # 10.2.1.6 ashanti.tissisat.co.uk ashanti
> />/ >> 127.0.0.1 localhost.localdomain localhost
> />/ >> 127.0.1.1 ashanti.tissisat.co.uk ashanti
> />/ >> ::1 localhost.localdomain localhost
> />/ > Hi
> />/ > comment the 127.0.1.1 entry then look at your hostname as follows:
> />/ > What do the following give us?
> />/ > hostname
> />/ > hostname -f
> />/ > hostname -s
> />/ > hostname -d
> />/ >
> />/ > What does klist -k give and please post sssd.conf
> />/ >
> />/ > Before you send the update, add the domain to the record. Don't worry
> />/ > about the AAAA. For now, let's get the A working.
> />/ > HTH
> />/ > Steve
> />/ >
> />/ Hi Steve, getting the A record working should be easy, I think that the
> />/ OP is trying to get sssd to update the ipaddress of the AD DC !
> />/
> />/ He initially posted (in the log extract):
> />/
> />/ [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record
> />/ of 'ashanti' in DNS
> />/
> />/ He then posted:
> />/
> />/ nsupdate -g -D
> />/ setup_system()
> />/ reset_system()
> />/ user_interaction()
> />/ server 10.2.1.6
> />/
> />/
> />/ And a bit lower down:
> />/
> />/ this is my hosts file, ashanti is the AD
> />/
> />/ # 10.2.1.6 ashanti.tissisat.co.uk ashanti
> />/
> />/ So, unless I am greatly mistaken, the OP is trying to update the record
> />/ for the AD DC, something he shouldn't be doing, he needs to get dns info
> />/ on the server set to a fixed ip with correct records in /etc/hosts and
> />/ then try again from a CLIENT!
> />/
> />/ Rowland
> />/
> /
> OMG, really?
> We're with you down to here:
>
> >>>/ update delete ashanti. in A
> /ashanti is we think, the DC
> but then there is the more reasonable:
> >/ >>> update add testserver. 3600 in A 10.2.1.50
> /
> Under the latter circumstance, we could believe:
> update delete testserver.tissisat.co.uk in A
> followed by the quoted update.
>
> Anyway, just hoping that this is in the lab;)
> Cheers,
> Steve
More information about the samba
mailing list