[Samba] samba4 internal dns Server ddns for the reverse lookup Zone
Markus Roth
markusroth1983 at gmx.net
Wed Aug 13 14:54:18 MDT 2014
Hi Rowland,
ok, thanks to that. So do you think my config is correct? Should i post my
configuration files? How do other persons do the ddns updates? That would be
interest...
Do anybody know if ddns for a reverse lookup zone is also possible with the
internal samba dns server? I've also setup this kind of configuration and
the reverse lookup zone won't be updated...
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Rowland Penny
Gesendet: Mittwoch, 13. August 2014 22:03
An: samba at lists.samba.org
Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup
Zone
On 13/08/14 20:53, Markus Roth wrote:
> Hi everybody,
>
> first thanks a lot for your help :-)
>
> @Dale
> I tried to compile bind directly but if i do it like the samba wiki it
> don't create any folders or the named.conf. So i loaded the
> bind-9.8.2-0.23.rc1.el6_5.1.src.rpm form y new centos6.5 server and
> installed it with rpm -i. At next i edit the bind.spec file and
> removed the line "--disable-isc-spengo". A few lines under these line
> i saw the option "--with-gssapi". At last i add the option
> "--with-dlopen=yes" and did rpmbuild -bb bind.spec. Then i installed
> the bind-libs and bind-9.8.2 rpms which are now new generated.
>
> Is this correct?
>
> @Rowland
>
> I think i have now bind with dlz support. Because after the denied
> message it does a correct ddns for my forward and reverse lookup zone.
>
> But i don't know why it shows me first the denied message?
Don't quote me on this, but I think it is a window thing, windows tries to
update dns in an unsecure way, fails and then tries again in a secure way
and succeeds.
Not really sure about this because I turned off client updates and DHCP
carries out the dns updates via a bash script.
Rowland
>
> My whole log entry for a client update looks like this:
>
> ----------------------------------------------------------------------
> ------
> ----------------------------------------------
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: starting transaction
> on zone winnet.local Aug 13 21:39:26 Server1 named[11383]: client
> 192.168.178.127#59988: update 'winnet.local/IN' denied Aug 13 21:39:26
> Server1 named[11383]: samba_dlz: cancelling transaction on zone
> winnet.local Aug 13 21:39:26 Server1 named[11383]: samba_dlz: starting
> transaction on zone winnet.local Aug 13 21:39:26 Server1 named[11383]:
> samba_dlz: allowing update of signer=client1\$\@WINNET.LOCAL
> name=client1.winnet.local tcpaddr= type=AAAA
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=client1.winnet.local tcpaddr=
> type=A
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=client1.winnet.local tcpaddr=
> type=A
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#53970:
> updating zone 'winnet.local/NONE': deleting rrset at
> 'client1.winnet.local' AAAA Aug 13 21:39:26 Server1 named[11383]:
> client 192.168.178.127#53970: updating zone 'winnet.local/NONE':
> deleting rrset at 'client1.winnet.local' A Aug 13 21:39:26 Server1
> named[11383]: samba_dlz: subtracted rdataset client1.winnet.local
> 'client1.winnet.local.#0111200#011IN#011A#011192.168.178.127'
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#53970:
> updating zone 'winnet.local/NONE': adding an RR at
> 'client1.winnet.local' A Aug 13 21:39:26 Server1 named[11383]:
> samba_dlz: added rdataset client1.winnet.local
> 'client1.winnet.local.#0111200#011IN#011A#011192.168.178.127'
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: committed transaction
> on zone winnet.local Aug 13 21:39:26 Server1 named[11383]: samba_dlz:
> starting transaction on zone 178.168.192.in-addr.arpa Aug 13 21:39:26
> Server1 named[11383]: client 192.168.178.127#55717: update
> '178.168.192.in-addr.arpa/IN' denied Aug 13 21:39:26 Server1
> named[11383]: samba_dlz: cancelling transaction on zone
> 178.168.192.in-addr.arpa Aug 13 21:39:26 Server1 named[11383]:
> samba_dlz: starting transaction on zone 178.168.192.in-addr.arpa Aug
> 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=127.178.168.192.in-addr.arpa
> tcpaddr= type=PTR
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: allowing update of
> signer=client1\$\@WINNET.LOCAL name=127.178.168.192.in-addr.arpa
> tcpaddr= type=PTR
> key=1084-ms-7.1-688d.8856a952-2321-11e4-96a6-000c29a4b410/160/0
> Aug 13 21:39:26 Server1 named[11383]: client 192.168.178.127#57170:
> updating zone '178.168.192.in-addr.arpa/NONE': deleting rrset at
> '127.178.168.192.in-addr.arpa' PTR Aug 13 21:39:26 Server1
> named[11383]: client 192.168.178.127#57170: updating zone
> '178.168.192.in-addr.arpa/NONE': adding an RR at
> '127.178.168.192.in-addr.arpa' PTR Aug 13 21:39:26 Server1
> named[11383]: samba_dlz: added 127.178.168.192.in-addr.arpa
>
127.178.168.192.in-addr.arpa.#0111200#011IN#011PTR#011client1.winnet.local.
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: subtracted rdataset
> 178.168.192.in-addr.arpa
> '178.168.192.in-addr.arpa.#0113600#011IN#011SOA#011server1.winnet.local.
> hostmaster.winnet.local. 2 900 600 86400 3600'
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: added rdataset
> 178.168.192.in-addr.arpa
> '178.168.192.in-addr.arpa.#0113600#011IN#011SOA#011server1.winnet.local.
> hostmaster.winnet.local. 3 900 600 86400 3600'
> Aug 13 21:39:26 Server1 named[11383]: samba_dlz: committed transaction
> on zone 178.168.192.in-addr.arpa
>
> ----------------------------------------------------------------------
> ------
> ----------------------------------------------
>
>
> -----Ursprüngliche Nachricht-----
> Von: Dale Schroeder [mailto:dale at BriannasSaladDressing.com]
> Gesendet: Dienstag, 12. August 2014 23:13
> An: Markus Roth; Samba
> Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse
> lookup Zone
>
> Markus,
>
> See if this has what you are looking for:
> http://wiki.samba.org/index.php/DNS_Backend_BIND
>
> Dale
>
> On 08/11/2014 6:37 PM, Markus Roth wrote:
>> Hi Rowland,
>>
>> Thanks a lot for your help. Do bind need a special configuration for dlz?
> I've installed bind over the centos yum packet Manager. Than i
> included the samba named.conf and the samba dns_update List in the
> bind named.conf. At last i gave named via chgrp -r
> /usr/local/samba/private the permission to this folder. Is that wrong? If
it's so do you have a dlz how to?
>> Kind. Regarts
>> Markus
>>
>> Am 10.08.14 um 20:01 schrieb Rowland Penny
>>
>>> On 10/08/14 18:32, Markus Roth wrote:
>>>
>>>> Hi everybody,
>>>> According to my ddns denied problem with bind dlz zone i tried the
> internal dns server from samba4. The forward lookup zone is still
> working correctly and do ddns updates for my win7 Client. But when i
> create the reverse zone with the windows remote admin tools and
> restart samba4 the ddns isn't working for the reverse zone. No ip
> adresses will be added. How can i configure reverse ddns?
>>>
>>> Hi, From reading your previously post and the portion of the
>>> logfile,
>>>
>>> saying 'ddns denied problem with bind dlz zone'
>>>
>>> is incorrect, you were not using bind_dlz, if you were, you would
>>> have
>>>
>>> had lines similar to these:
>>>
>>>
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: starting transaction on
>>>
>>> zone example.com
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: allowing update of
>>>
>>> signer=dhcpduser\@EXAMPLE.COM name=ThinkPad.example.com
>>>
>>> tcpaddr=127.0.0.1 type=A key=2541565829.sig-dc1.example.com/160/0
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: allowing update of
>>>
>>> signer=dhcpduser\@EXAMPLE.COM name=ThinkPad.example.com
>>>
>>> tcpaddr=127.0.0.1 type=A key=2541565829.sig-dc1.example.com/160/0
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: client 127.0.0.1#50000/key
>>>
>>> dhcpduser\@EXAMPLE.COM: updating zone 'example.com/NONE': deleting
>>> rrset
>>>
>>> at 'ThinkPad.example.com' A
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: subtracted rdataset
>>>
>>> ThinkPad.example.com
>>>
>>> 'ThinkPad.example.com.#0113600#011IN#011A#011192.168.0.215'
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: client 127.0.0.1#50000/key
>>>
>>> dhcpduser\@EXAMPLE.COM: updating zone 'example.com/NONE': adding an
>>> RR
>>>
>>> at 'ThinkPad.example.com' A
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: added rdataset
>>>
>>> ThinkPad.example.com
>>>
>>> 'ThinkPad.example.com.#0113600#011IN#011A#011192.168.0.215'
>>>
>>> Aug 10 18:29:24 dc1 named[19739]: samba_dlz: committed transaction
>>> on
>>>
>>> zone example.com
>>>
>>>
>>>
>>> Rowland
>>>
>>>
>>>
>>> --
>>>
>>> To unsubscribe from this list go to the following URL and read the
>>>
>>> instructions: https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list