[Samba] howto test ddns
Rowland Penny
rowlandpenny at googlemail.com
Sat Aug 2 02:48:56 MDT 2014
On 02/08/14 06:02, shadrock uhuru wrote:
> hi
>
> please could we start all over again,
> the nsupdate example i gave you was the output of two attempts at the
> command mixed together,
No problem, but please don't mix things up again, I am easily confused ;-)
> i will also clarify some things along the way.
> ashanti is the AD DC with a static address of 10.2.1.6.
> testserver.tissisat.co.uk is a ficticous server to test the ddns update
> with.
> i have assumed that the server line in the nsupdate command is for the
> dns server i.e. the AD DC
> which seem to work once i had a ticket for the server.
> i have included a portion of sssd startup output, if you need the full
> startup i can send,
> which shows that it still fails on ddns.
> should i uncomment "# 10.2.1.6 ashanti.tissisat.co.uk
> ashanti" in the host file?
Yes and remove the 127.0.1.1 line
Rowland
>
>> Anyway, just hoping that this is in the lab
> the AD DC is for my personal use in my network
>
> $ cat /etc/hostname
> ashanti
>
> $ cat /etc/hosts
> #
> # /etc/hosts: static lookup table for host names
> #
>
> #<ip-address> <hostname.domain.org> <hostname>
> # 127.0.0.1 localhost.localdomain localhost ashanti
> # 10.2.1.6 ashanti.tissisat.co.uk ashanti
> 127.0.0.1 localhost.localdomain localhost
> # 127.0.1.1 ashanti.tissisat.co.uk ashanti
> ::1 localhost.localdomain localhost
>
> $ hostname
> ashanti
> $ hostname -f
> ashanti.tissisat.co.uk
> $ hostname -s
> ashanti
> $ hostname -d
> tissisat.co.uk
>
> $ sudo klist -k
> Keytab name: FILE:/etc/krb5.keytab
> KVNO Principal
> ----
> --------------------------------------------------------------------------
> 1 ashanti$@TISSISAT.CO.UK
> 1 ashanti$@TISSISAT.CO.UK
> 1 ashanti$@TISSISAT.CO.UK
>
> $ cat /etc/sssd/sssd.conf
> [sssd]
> services = nss, pam
> config_file_version = 2
> domains = tissisat.co.uk
> [nss]
> filter_groups = root
> filer_users = root
> fallback_homedir = /home/%u
> default_shell = /bin/bash
> [pam]
> [domain/tissisat.co.uk]
> id_provider = ad
> auth_provider = ad
> access_provider = ad
> ldap_id_mapping = False
> ad_server= ashanti.tissisat.co.uk
> ad_domain= tissisat.co.uk
> ldap_schema = ad
> override_homedir=/home/%u
> cache_credentials = true
>
> $ samba-tool dns zonelist ashanti
> 3 zone(s) found
>
> pszZoneName : 1.2.10.in-addr.arpa
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : DomainDnsZones.tissisat.co.uk
>
> pszZoneName : tissisat.co.uk
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : DomainDnsZones.tissisat.co.uk
>
> pszZoneName : _msdcs.tissisat.co.uk
> Flags : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
> ZoneType : DNS_ZONE_TYPE_PRIMARY
> Version : 50
> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : ForestDnsZones.tissisat.co.uk
>
> $ samba-tool dns zoneinfo ashanti tissisat.co.uk
> pszZoneName : tissisat.co.uk
> dwZoneType : DNS_ZONE_TYPE_PRIMARY
> fReverse : FALSE
> fAllowUpdate : DNS_ZONE_UPDATE_SECURE
> fPaused : FALSE
> fShutdown : FALSE
> fAutoCreated : FALSE
> fUseDatabase : TRUE
> pszDataFile : None
> aipMasters : []
> fSecureSecondaries : DNS_ZONE_SECSECURE_NO_XFER
> fNotifyLevel : DNS_ZONE_NOTIFY_LIST_ONLY
> aipSecondaries : []
> aipNotify : []
> fUseWins : FALSE
> fUseNbstat : FALSE
> fAging : FALSE
> dwNoRefreshInterval : 168
> dwRefreshInterval : 168
> dwAvailForScavengeTime : 0
> aipScavengeServers : []
> dwRpcStructureVersion : 0x2
> dwForwarderTimeout : 0
> fForwarderSlave : 0
> aipLocalMasters : []
> dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
> pszDpFqdn : DomainDnsZones.tissisat.co.uk
> pwszZoneDn :
> DC=tissisat.co.uk,CN=MicrosoftDNS,DC=DomainDnsZones,DC=tissisat,DC=co,DC=uk
> dwLastSuccessfulSoaCheck : 0
> dwLastSuccessfulXfr : 0
> fQueuedForBackgroundLoad : FALSE
> fBackgroundLoadInProgress : FALSE
> fReadOnlyZone : FALSE
> dwLastXfrAttempt : 0
> dwLastXfrResult : 0
>
> $ samba-tool dns serverinfo ashanti
> dwVersion : 0xece0205
> fBootMethod : DNS_BOOT_METHOD_DIRECTORY
> fAdminConfigured : FALSE
> fAllowUpdate : TRUE
> fDsAvailable : TRUE
> pszServerName : ASHANTI.tissisat.co.uk
> pszDsContainer :
> CN=MicrosoftDNS,DC=DomainDnsZones,DC=tissisat,DC=co,DC=uk
> aipServerAddrs : ['10.2.1.6 (53)']
> aipListenAddrs : ['10.2.1.6 (53)']
> aipForwarders : []
> dwLogLevel : 0
> dwDebugLevel : 0
> dwForwardTimeout : 3
> dwRpcPrototol : 0x5
> dwNameCheckFlag : DNS_ALLOW_MULTIBYTE_NAMES
> cAddressAnswerLimit : 0
> dwRecursionRetry : 3
> dwRecursionTimeout : 8
> dwMaxCacheTtl : 86400
> dwDsPollingInterval : 180
> dwScavengingInterval : 0
> dwDefaultRefreshInterval : 168
> dwDefaultNoRefreshInterval : 168
> fAutoReverseZones : FALSE
> fAutoCacheUpdate : FALSE
> fRecurseAfterForwarding : FALSE
> fForwardDelegations : TRUE
> fNoRecursion : FALSE
> fSecureResponses : FALSE
> fRoundRobin : TRUE
> fLocalNetPriority : FALSE
> fBindSecondaries : FALSE
> fWriteAuthorityNs : FALSE
> fStrictFileParsing : FALSE
> fLooseWildcarding : FALSE
> fDefaultAgingState : FALSE
> dwRpcStructureVersion : 0x2
> aipLogFilter : []
> pwszLogFilePath : None
> pszDomainName : tissisat.co.uk
> pszForestName : tissisat.co.uk
> pszDomainDirectoryPartition : DC=DomainDnsZones,DC=tissisat,DC=co,DC=uk
> pszForestDirectoryPartition : DC=ForestDnsZones,DC=tissisat,DC=co,DC=uk
> dwLocalNetPriorityNetMask : 0xff
> dwLastScavengeTime : 0
> dwEventLogLevel : 4
> dwLogFileMaxSize : 0
> dwDsForestVersion : 2
> dwDsDomainVersion : 2
> dwDsDsaVersion : 4
> fReadOnlyDC : FALSE
>
> # kinit -k ashanti$
> # nsupdate -g -D
> setup_system()
> reset_system()
> user_interaction()
>> server 10.2.1.6
> do_next_command()
>> realm TISSISAT.CO.UK
> do_next_command()
>> update delete testserver.tissisat.co.uk in A
> do_next_command()
> evaluate_update()
> update_addordelete()
>> update delete testserver.tissisat.co.uk in AAAA
> do_next_command()
> evaluate_update()
> update_addordelete()
>> update add testserver.tissisat.co.uk 3600 in A 10.2.1.50
> do_next_command()
> evaluate_update()
> update_addordelete()
>> send
> do_next_command()
> start_update()
> recvsoa()
> About to create rcvmsg
> show_message()
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46101
> ;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;testserver.tissisat.co.uk. IN SOA
>
> Out of recvsoa
> recvsoa()
> About to create rcvmsg
> show_message()
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57630
> ;; flags: qr aa ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;tissisat.co.uk. IN SOA
>
> ;; ANSWER SECTION:
> tissisat.co.uk. 3600 IN SOA ashanti.tissisat.co.uk.
> hostmaster.tissisat.co.uk. 13 900 600 86400 0
>
> Found zone name: tissisat.co.uk
> The master is: ashanti.tissisat.co.uk
> start_gssrequest
> send_gssrequest
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7248
> ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; QUESTION SECTION:
> ;394905254.sig-ashanti.tissisat.co.uk. ANY TKEY
>
> ;; ADDITIONAL SECTION:
> 394905254.sig-ashanti.tissisat.co.uk. 0 ANY TKEY gss-tsig. 1406951079
> 1406951079 3 NOERROR 1337
> YIIFNQYGKwYBBQUCoIIFKTCCBSWgDTALBgkqhkiG9xIBAgKiggUSBIIF
> DmCCBQoGCSqGSIb3EgECAgEAboIE+TCCBPWgAwIBBaEDAgEOogcDBQAg
> AAAAo4ID8GGCA+wwggPooAMCAQWhEBsOVElTU0lTQVQuQ08uVUuiKDAm
> oAMCAQGhHzAdGwNETlMbFmFzaGFudGkudGlzc2lzYXQuY28udWujggOj
> MIIDn6ADAgEXoQMCAQGiggORBIIDjRrQh9iYzuxJqaG5EdQq3L1w2k/U
> SLaDdlP617Ug6JUQKYTovVNmDvEo9pPZ9oJ2vUzNwHAHwn+ULXu7bRFw
> AhPxtbHM+tpH1G2XsaR/hu99u10EVs+gyu7CIG2glv8Z/rJBK9EHLD3/
> cDK3WKTTlVh7XP8pCu+eW19FuEi8llX4W/iR27wI4h2Uj6i/vpndf4uf
> 9koJhala18VmK5aCr7ZPcaO1pe9E6zeyC7tS44N6XPpRnBZ1FR7o1QwZ
> 3W9icCtd+k3LjK0hpjonXI6E87vTXw3cqjYosTP5F301w5/iXWG8/D/l
> rIqL75I6Rj8KzQMIO+N4W8g0H2m8YbzWxfafctaBgXN2iPpERixFWuDW
> xRpJq35Ao2pIoDL+A29pveNTHqvjUmI8i3ZjMoCsZsYWluxIs4ivV9JQ
> 4BA+t8vcyhJrS/xe76L0rDdNA1tTjzqxM0o97P/Cb2J1/4gEt0ttWf5O
> 92Z5WwvXbMqW2kxcUVEvRsSTzHe2B0+du3NZHx8CbxR2ivfkYLGOunR4
> Gx5ZiZ+r9WhOsF8zvl/pUp01CHmFj0bc2Y1d/qQV3aLsdueESzg+GiEA
> WRQg7GvAdFLpK/lbWOLnqzGjULBqxTuWdHqD6SrQUcxLp7HQTzGJivUA
> 1f6u21xpHTogvLqceEay68g2xExbQ+8hjBfQRT/9WTLh7GDWbboLSP2S
> avIcaAKyI4WZ7/CXu3L9JpufsX3C3qhyyKZCE50sqCHktOc/nPoZPY7p
> 45jXWcbLM2J/XHThkl34kYIb8lX2oVsvTKJVHym459BxzA5fPW9Ij6pV
> KtXW97VdirC85YUVEqXWKKJlDLyRAawZ8ehNCfdkC+O7DVM5IWIngiQQ
> 5PzMTJSJF06iVzZSvZAhOMjHrt+8J4NBH0ao0reaEDq7cSFySXPyRjkj
> vsOz59ORLaMtA+v01bAmRo4mgnN9A6/tUsCmet3khg91au3DB02Os5/9
> tALWOahvL207WgialVlH5lBQ/gP2Ex0hZMqnkuyZ0pkrbuto7b9jEuph
> 4FvA1GEVhiWnzKGxa83sQgN9xZm3yH1lqAnGrhYgQGd6bQP27YtVuzPD
> ymTPhXJRRS5B/bAXZzmeRq7p43GZihzYHVJ5A4SKXsAzEJcol/EkB75K
> VIlXlIGApmxwLgBzZsnYEReQw0iixMSXNA62tb1UjUOytEdI6VUrOSD0
> k6q28e3PAqSB6zCB6KADAgEXooHgBIHdrTTZitRcV7UsCvDl5zuDVvyB
> ZG5XB8fcEZDH/pBKRHlhLWkl0G+sgdBwtRL0oQRMN8fo6r+gLslvEsuS
> yZ4043uDywzDMNMgvsGm6Psqdo0Ksdp78H92iupN9TLM0A5btYrxtEEZ
> lm7gzbGROYt5/AxsWWMqps3Zvj0a/caC9ijwcusum8/02vnv7xtBV/U1
> TirestQNloTwGjyoN4akUwQeiIqCRHaRO7HFlICeBzdY5FarEx5LPdNU
> 73Re5ru8xk9IkPCvQ5vAe2LeoXAt9Gwj/Sj/X+NxD0qnd6M= 0
>
> Out of recvsoa
> recvgss()
> recvgss creating rcvmsg
> show_message()
> recvmsg reply from GSS-TSIG query
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7248
> ;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> ;; QUESTION SECTION:
> ;394905254.sig-ashanti.tissisat.co.uk. ANY TKEY
>
> ;; ANSWER SECTION:
> 394905254.sig-ashanti.tissisat.co.uk. 0 ANY TKEY gss-tsig. 1406951079
> 1406951079 3 NOERROR 182
> oYGzMIGwoAMKAQChCwYJKoZIhvcSAQICooGbBIGYYIGVBgkqhkiG9xIB
> AgICAG+BhTCBgqADAgEFoQMCAQ+idjB0oAMCAReibQRrM1d9domzVkPg
> 0MbfKRGIvEiUE4xiuCfFYxLTIXjxCHNwmJF8rkjTkJX81McGgzsU8S3t
> Hcd25uGtnUkfugmaIoJNSU6c5yf5m+3q05iRdaqGiWj+5VnhOwtOTuu/
> MidkzQ3UeQE5G3cjYVc= 0
>
> ;; TSIG PSEUDOSECTION:
> 394905254.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1406951079
> 300 28 BAQF//////8AAAAAKxIK7kjLo8P0jKfr2q6iBg== 7248 NOERROR 0
>
> send_update()
> Sending update to 10.2.1.6#53
> show_message()
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 26172
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 3, ADDITIONAL: 1
> ;; UPDATE SECTION:
> testserver.tissisat.co.uk. 0 ANY A
> testserver.tissisat.co.uk. 0 ANY AAAA
> testserver.tissisat.co.uk. 3600 IN A 10.2.1.50
>
> ;; TSIG PSEUDOSECTION:
> 394905254.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1406951079
> 300 28 BAQE//////8AAAAAAlr7IeB/cAWO/xOOLUaD/Q== 26172 NOERROR 0
>
> Out of recvgss
> update_completed()
> ; TSIG error with server: tsig verify failure
> show_message()
>
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 26172
> ;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 3, ADDITIONAL: 1
> ;; ZONE SECTION:
> ;tissisat.co.uk. IN SOA
>
> ;; UPDATE SECTION:
> testserver.tissisat.co.uk. 0 ANY A
> testserver.tissisat.co.uk. 0 ANY AAAA
> testserver.tissisat.co.uk. 3600 IN A 10.2.1.50
>
> ;; TSIG PSEUDOSECTION:
> 394905254.sig-ashanti.tissisat.co.uk. 0 ANY TSIG gss-tsig. 1406951080
> 300 28 BAQF//////8AAAAAKxIK793acE0CbzAW2johtQ== 26172 NOERROR 0
>
> done_update()
> reset_system()
> user_interaction()
>
> # sssd -i -d7
>
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [be_nsupdate_timer_schedule] (0x0200): Timer already scheduled
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [ad_dyndns_update_send] (0x0400): Performing update
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of
> 'ashanti' in DNS
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [resolv_gethostbyname_dns_parse] (0x1000): Parsing an A reply
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [request_watch_destructor] (0x0400): Deleting request watch
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve AAAA record
> of 'ashanti' in DNS
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [request_watch_destructor] (0x0400): Deleting request watch
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [resolv_gethostbyname_next] (0x0200): No more address families to retry
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [resolv_gethostbyname_next] (0x0100): No more hosts databases to retry
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [nsupdate_msg_create_common] (0x0200): Creating update message for realm
> [TISSISAT.CO.UK].
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [be_nsupdate_create_fwd_msg] (0x0400): -- Begin nsupdate message --
> realm TISSISAT.CO.UK
> update delete ashanti. in A
> send
> update delete ashanti. in AAAA
> send
> update add ashanti. 3600 in A 10.2.1.6
> send
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [be_nsupdate_create_fwd_msg] (0x0400): -- End nsupdate message --
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_args]
> (0x0200): nsupdate auth type: GSS-TSIG
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [write_pipe_handler] (0x0400): All data has been sent!
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [nsupdate_child_stdin_done] (0x1000): Sending nsupdate data complete
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [ad_online_cb]
> (0x0400): The AD provider is online
> tkey query failed: GSSAPI error: Major = Unspecified GSS failure. Minor
> code may provide more information, Minor = Server not found in Kerberos
> database.
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [child_sig_handler] (0x1000): Waiting for child [1581].
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [child_sig_handler] (0x0020): child [1581] failed with status [1].
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status
> [256]
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_done]
> (0x0040): nsupdate child execution failed [1432158228]: Dynamic DNS
> update failed
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [sdap_dyndns_update_done] (0x0080): nsupdate failed, retrying with
> server name
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [nsupdate_msg_create_common] (0x0200): Creating update message for
> server [ashanti.tissisat.co.uk] and realm [TISSISAT.CO.UK]
> .(Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [be_nsupdate_create_fwd_msg] (0x0400): -- Begin nsupdate message --
> server ashanti.tissisat.co.uk
> realm TISSISAT.CO.UK
> update delete ashanti. in A
> send
> update delete ashanti. in AAAA
> send
> update add ashanti. 3600 in A 10.2.1.6
> send
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [be_nsupdate_create_fwd_msg] (0x0400): -- End nsupdate message --
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [write_pipe_handler] (0x0400): All data has been sent!
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [nsupdate_child_stdin_done] (0x1000): Sending nsupdate data complete
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_args]
> (0x0200): nsupdate auth type: GSS-TSIG
> could not find enclosing zone
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [child_sig_handler] (0x1000): Waiting for child [1585].
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [child_sig_handler] (0x0020): child [1585] failed with status [1].
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status
> [256]
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_done]
> (0x0040): nsupdate child execution failed [1432158228]: Dynamic DNS
> update failed
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [ad_dyndns_sdap_update_done] (0x0040): Dynamic DNS update failed
> [1432158228]: Dynamic DNS update failed
> (Sat Aug 2 04:12:06 2014) [sssd[be[tissisat.co.uk]]]
> [ad_dyndns_nsupdate_done] (0x0040): Updating DNS entry failed
> [1432158228]: Dynamic DNS update failed
>
> shadrock
>
>> On Fri, 2014-08-01 at 22:45 +0100, Rowland Penny wrote:
>>> / On 01/08/14 22:10, steve wrote:
>> />/ > On Fri, 2014-08-01 at 19:11 +0100, shadrock uhuru wrote:
>> />/ >> Hi Steve
>> />/ >>
>> />/ >> nsupdate -g -D
>> />/ >> setup_system()
>> />/ >> reset_system()
>> />/ >> user_interaction()
>> />/ >>> server 10.2.1.6
>> />/ >> do_next_command()
>> />/ >>> realm TISSISAT.CO.UK
>> />/ >> do_next_command()
>> />/ >>> update delete ashanti. in A
>> />/ >> do_next_command()
>> />/ >> evaluate_update()
>> />/ >> update_addordelete()
>> />/ >>> update delete ashanti. in AAAA
>> />/ >> do_next_command()
>> />/ >> evaluate_update()
>> />/ >> update_addordelete()
>> />/ >>> update add testserver. 3600 in A 10.2.1.50
>> />/ >> do_next_command()
>> />/ >> evaluate_update()
>> />/ >> update_addordelete()
>> />/ >>> send
>> />/ >> do_next_command()
>> />/ >> start_update()
>> />/ >> recvsoa()
>> />/ >> About to create rcvmsg
>> />/ >> show_message()
>> />/ >> Reply from SOA query:
>> />/ >> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52577
>> />/ >> ;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>> />/ >> ;; QUESTION SECTION:
>> />/ >> ;testserver. IN SOA
>> />/ >>
>> />/ >> Out of recvsoa
>> />/ >> recvsoa()
>> />/ >> About to create rcvmsg
>> />/ >> show_message()
>> />/ >> Reply from SOA query:
>> />/ >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45464
>> />/ >> ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>> />/ >> ;; QUESTION SECTION:
>> />/ >> ;. IN SOA
>> />/ >>
>> />/ >> could not find enclosing zone
>> />/ >>
>> />/ >>
>> />/ >> this is my hosts file, ashanti is the AD
>> />/ >>
>> />/ >> #
>> />/ >> # /etc/hosts: static lookup table for host names
>> />/ >> #
>> />/ >>
>> />/ >> #<ip-address> <hostname.domain.org> <hostname>
>> />/ >> # 127.0.0.1 localhost.localdomain localhost ashanti
>> />/ >> # 10.2.1.6 ashanti.tissisat.co.uk ashanti
>> />/ >> 127.0.0.1 localhost.localdomain localhost
>> />/ >> 127.0.1.1 ashanti.tissisat.co.uk ashanti
>> />/ >> ::1 localhost.localdomain localhost
>> />/ > Hi
>> />/ > comment the 127.0.1.1 entry then look at your hostname as follows:
>> />/ > What do the following give us?
>> />/ > hostname
>> />/ > hostname -f
>> />/ > hostname -s
>> />/ > hostname -d
>> />/ >
>> />/ > What does klist -k give and please post sssd.conf
>> />/ >
>> />/ > Before you send the update, add the domain to the record. Don't worry
>> />/ > about the AAAA. For now, let's get the A working.
>> />/ > HTH
>> />/ > Steve
>> />/ >
>> />/ Hi Steve, getting the A record working should be easy, I think that the
>> />/ OP is trying to get sssd to update the ipaddress of the AD DC !
>> />/
>> />/ He initially posted (in the log extract):
>> />/
>> />/ [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record
>> />/ of 'ashanti' in DNS
>> />/
>> />/ He then posted:
>> />/
>> />/ nsupdate -g -D
>> />/ setup_system()
>> />/ reset_system()
>> />/ user_interaction()
>> />/ server 10.2.1.6
>> />/
>> />/
>> />/ And a bit lower down:
>> />/
>> />/ this is my hosts file, ashanti is the AD
>> />/
>> />/ # 10.2.1.6 ashanti.tissisat.co.uk ashanti
>> />/
>> />/ So, unless I am greatly mistaken, the OP is trying to update the record
>> />/ for the AD DC, something he shouldn't be doing, he needs to get dns info
>> />/ on the server set to a fixed ip with correct records in /etc/hosts and
>> />/ then try again from a CLIENT!
>> />/
>> />/ Rowland
>> />/
>> /
>> OMG, really?
>> We're with you down to here:
>>
>>>>> / update delete ashanti. in A
>> /ashanti is we think, the DC
>> but then there is the more reasonable:
>>> / >>> update add testserver. 3600 in A 10.2.1.50
>> /
>> Under the latter circumstance, we could believe:
>> update delete testserver.tissisat.co.uk in A
>> followed by the quoted update.
>>
>> Anyway, just hoping that this is in the lab;)
>> Cheers,
>> Steve
More information about the samba
mailing list