[Samba] samba4 internal dns Server ddns for the reverse lookup Zone
Rowland Penny
rowlandpenny at googlemail.com
Wed Aug 13 14:02:48 MDT 2014
On 13/08/14 20:53, Markus Roth wrote:
> Hi everybody,
>
> first thanks a lot for your help :-)
>
> @Dale
> I tried to compile bind directly but if i do it like the samba wiki it don't
> create any folders or the named.conf. So i loaded the
> bind-9.8.2-0.23.rc1.el6_5.1.src.rpm form y new centos6.5 server and
> installed it with rpm -i. At next i edit the bind.spec file and removed the
> line "--disable-isc-spengo". A few lines under these line i saw the option
> "--with-gssapi". At last i add the option "--with-dlopen=yes" and did
> rpmbuild -bb bind.spec. Then i installed the bind-libs and bind-9.8.2 rpms
> which are now new generated.
>
> Is this correct?
>
> @Rowland
>
> I think i have now bind with dlz support. Because after the denied message
> it does a correct ddns for my forward and reverse lookup zone.
>
> But i don't know why it shows me first the denied message?
Don't quote me on this, but I think it is a window thing, windows tries
to update dns in an unsecure way, fails and then tries again in a secure
way and succeeds.
Not really sure about this because I turned off client updates and DHCP
carries out the dns updates via a bash script.
Rowland
>
> My whole log entry for a client update looks like this:
>
> ----------------------------------------------------------------------------
> ----------------------------------------------
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: starting transaction on
> zone winnet.local
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#59988: update
> 'winnet.local/IN' denied
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: cancelling transaction on
> zone winnet.local
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: starting transaction on
> zone winnet.local
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=client1.winnet.local tcpaddr= type=AAAA
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=client1.winnet.local tcpaddr= type=A
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=client1.winnet.local tcpaddr= type=A
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#53970: updating
> zone 'winnet.local/NONE': deleting rrset at 'client1.winnet.local' AAAA
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#53970: updating
> zone 'winnet.local/NONE': deleting rrset at 'client1.winnet.local' A
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: subtracted rdataset
> client1.winnet.local
> 'client1.winnet.local.#0111200#011IN#011A#011192.168.178.127'
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#53970: updating
> zone 'winnet.local/NONE': adding an RR at 'client1.winnet.local' A
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: added rdataset
> client1.winnet.local
> 'client1.winnet.local.#0111200#011IN#011A#011192.168.178.127'
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: committed transaction on
> zone winnet.local
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: starting transaction on
> zone 178.168.192.in-addr.arpa
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#55717: update
> '178.168.192.in-addr.arpa/IN' denied
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: cancelling transaction on
> zone 178.168.192.in-addr.arpa
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: starting transaction on
> zone 178.168.192.in-addr.arpa
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=127.178.168.192.in-addr.arpa tcpaddr=
> type=PTR key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=127.178.168.192.in-addr.arpa tcpaddr=
> type=PTR key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#57170: updating
> zone '178.168.192.in-addr.arpa/NONE': deleting rrset at
> '127.178.168.192.in-addr.arpa' PTR
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#57170: updating
> zone '178.168.192.in-addr.arpa/NONE': adding an RR at
> '127.178.168.192.in-addr.arpa' PTR
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: added
> 127.178.168.192.in-addr.arpa
> 127.178.168.192.in-addr.arpa.#0111200#011IN#011PTR#011client1.winnet.local.
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: subtracted rdataset
> 178.168.192.in-addr.arpa
> '178.168.192.in-addr.arpa.#0113600#011IN#011SOA#011server1.winnet.local.
> hostmaster.winnet.local. 2 900 600 86400 3600'
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: added rdataset
> 178.168.192.in-addr.arpa
> '178.168.192.in-addr.arpa.#0113600#011IN#011SOA#011server1.winnet.local.
> hostmaster.winnet.local. 3 900 600 86400 3600'
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: committed transaction on
> zone 178.168.192.in-addr.arpa
>
> ----------------------------------------------------------------------------
> ----------------------------------------------
>
>
> -----Ursprüngliche Nachricht-----
> Von: Dale Schroeder [mailto:dale at BriannasSaladDressing.com]
> Gesendet: Dienstag, 12. August 2014 23:13
> An: Markus Roth; Samba
> Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup
> Zone
>
> Markus,
>
> See if this has what you are looking for:
> http://wiki.samba.org/index.php/DNS_Backend_BIND
>
> Dale
>
> On 08/11/2014 6:37 PM, Markus Roth wrote:
>> Hi Rowland,
>>
>> Thanks a lot for your help. Do bind need a special configuration for dlz?
> I've installed bind over the centos yum packet Manager. Than i included the
> samba named.conf and the samba dns_update List in the bind named.conf. At
> last i gave named via chgrp -r /usr/local/samba/private the permission to
> this folder. Is that wrong? If it's so do you have a dlz how to?
>> Kind. Regarts
>> Markus
>>
>> Am 10.08.14 um 20:01 schrieb Rowland Penny
>>
>>> On 10/08/14 18:32, Markus Roth wrote:
>>>
>>>> Hi everybody,
>>>> According to my ddns denied problem with bind dlz zone i tried the
> internal dns server from samba4. The forward lookup zone is still working
> correctly and do ddns updates for my win7 Client. But when i create the
> reverse zone with the windows remote admin tools and restart samba4 the ddns
> isn't working for the reverse zone. No ip adresses will be added. How can i
> configure reverse ddns?
>>>
>>> Hi, From reading your previously post and the portion of the logfile,
>>>
>>> saying 'ddns denied problem with bind dlz zone'
>>>
>>> is incorrect, you were not using bind_dlz, if you were, you would have
>>>
>>> had lines similar to these:
>>>
>>>
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: starting transaction on
>>>
>>> zone example.com
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: allowing update of
>>>
>>> signer=dhcpduser\@EXAMPLE.COM name=ThinkPad.example.com
>>>
>>> tcpaddr=127.0.0.1 type=A key=2541565829.sig-dc1.example.com/160/0
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: allowing update of
>>>
>>> signer=dhcpduser\@EXAMPLE.COM name=ThinkPad.example.com
>>>
>>> tcpaddr=127.0.0.1 type=A key=2541565829.sig-dc1.example.com/160/0
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: client 127.0.0.1#50000/key
>>>
>>> dhcpduser\@EXAMPLE.COM: updating zone 'example.com/NONE': deleting rrset
>>>
>>> at 'ThinkPad.example.com' A
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: subtracted rdataset
>>>
>>> ThinkPad.example.com
>>>
>>> 'ThinkPad.example.com.#0113600#011IN#011A#011192.168.0.215'
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: client 127.0.0.1#50000/key
>>>
>>> dhcpduser\@EXAMPLE.COM: updating zone 'example.com/NONE': adding an RR
>>>
>>> at 'ThinkPad.example.com' A
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: added rdataset
>>>
>>> ThinkPad.example.com
>>>
>>> 'ThinkPad.example.com.#0113600#011IN#011A#011192.168.0.215'
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: committed transaction on
>>>
>>> zone example.com
>>>
>>>
>>>
>>> Rowland
>>>
>>>
>>>
>>> --
>>>
>>> To unsubscribe from this list go to the following URL and read the
>>>
>>> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list