[Samba] samba4 internal dns Server ddns for the reverse lookup Zone

L.P.H. van Belle belle at bazuin.nl
Fri Aug 22 02:38:01 MDT 2014

Hai Guys, 

Do i understand this good.. 

If we use the scripts for DDNS updates. 
The DDNS update in windows must be turnt off ( for example by GPO ) 
so you dont have that 1 denied message before the script runs. 
( this is known to me ) 

And if you use SSSD, this DDNS update from windows works ok?  
and then the script isnt needed? If so that would be nice.. 
I dont use SSSD but im thinking of it for some servers.. 

Best regards, 


>-----Oorspronkelijk bericht-----
>Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org] 
>Namens steve
>Verzonden: vrijdag 22 augustus 2014 10:30
>Aan: Markus Roth
>CC: samba at lists.samba.org
>Onderwerp: Re: [Samba] samba4 internal dns Server ddns for the 
>reverse lookup Zone
>On Fri, 2014-08-22 at 09:54 +0200, Markus Roth wrote:
>> Hi Steve,
>> oh no :-) Sicne you gave me the tip for sssd, i use it. The 
>interessting thing is that since i have sssd my server1 is 
>also doing ddns updates. Before sssd it didn't. And the ddns 
>update from my server1 is without any denied messages (server1 
>has the static IP My client1 windows7 brings 
>first the denied message with a static ip and then it's doing 
>the updates. And at this point i thougt you said my configs 
>are ok, or the best i can get with static IPs :-)
>> So i started to implement dhcp for my further tests before i 
>go to productive use. So now i have the problem with dhcp i 
>get the exit 256 message and than the denied message from my 
>client1 again. It seems that my client is doing the ddns 
>updates instead the script in the dhcp-config. :-) But i don't 
>know why. I think the exit 256 message is the problem. My 
>dhcpd-user has rw rights on the sh-script and recursive on 
>/etc/dhcp and now the sh-script is under /usr/local/sbin as 
>rowland said.
>> In the dyndns.log from the sh-script it says every time that 
>no dhcp-user exists and that the script would generate one.
>Hi Markus,
>As we see it, you use either Rowland's dhcp direct-inject-on-dc script
>and turn off ddns on your clients or you use sssd on Linux and 
>allow the
>window clients to send their own ddns requests. If the latter, you
>disable ddns updates if you run sssd on the DC.
>@Rowland Is this what we are taking about here?
>Cheers and sorry about the confusion,
>> Gesendet: Freitag, 22. August 2014 um 01:01 Uhr
>> Von: steve <steve at steve-ss.com>
>> An: samba at lists.samba.org
>> Betreff: Re: [Samba] samba4 internal dns Server ddns for the 
>reverse lookup Zone
>> On Fri, 2014-08-22 at 00:19 +0200, Markus Roth wrote:
>> > Yes I'm running sssd.conf with the dns update:
>> >
>> > [sssd]
>> > services = nss, pam
>> > config_file_version = 2
>> > domains = winnet.local
>> > [nss]
>> > [pam]
>> > [domain/winnet.local]
>> > id_provider = ad
>> > auth_provider = ad
>> > access_provider = ad
>> > ldap_id_mapping = False
>> > dyndns_update = True
>> >
>> > my /etc/krb5.keytab was generatet with the --principal server1$
>> >
>> I'm confused then. I thought you'd given up with sssd...
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list