[Samba] samba4 internal dns Server ddns for the reverse lookup Zone

Fri Aug 22 02:53:24 MDT 2014

On 22/08/14 09:38, L.P.H. van Belle wrote:
> Hai Guys,
>
> Do i understand this good..
>
> If we use the scripts for DDNS updates.
> The DDNS update in windows must be turnt off ( for example by GPO )
> so you dont have that 1 denied message before the script runs.
> ( this is known to me )
>
> And if you use SSSD, this DDNS update from windows works ok?
> and then the script isnt needed? If so that would be nice..
> I dont use SSSD but im thinking of it for some servers..
>
As far as I can see, which ever way you go, you need to stop the windows 
clients trying to update their dns records, unless you do not use either 
sssd or a variation to the script I use AND do not have a reverse zone.
The problem is the reverse zone, windows (unless someone knows better) 
does not update the reverse zone, so you need something else to do this.

Rowland

> Best regards,
>
> Louis
>
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org]
>> Namens steve
>> Verzonden: vrijdag 22 augustus 2014 10:30
>> Aan: Markus Roth
>> CC: samba at lists.samba.org
>> Onderwerp: Re: [Samba] samba4 internal dns Server ddns for the
>> reverse lookup Zone
>>
>> On Fri, 2014-08-22 at 09:54 +0200, Markus Roth wrote:
>>> Hi Steve,
>>>   
>>> oh no :-) Sicne you gave me the tip for sssd, i use it. The
>> interessting thing is that since i have sssd my server1 is
>> also doing ddns updates. Before sssd it didn't. And the ddns
>> update from my server1 is without any denied messages (server1
>> has the static IP 192.168.178.130). My client1 windows7 brings
>> first the denied message with a static ip and then it's doing
>> the updates. And at this point i thougt you said my configs
>> are ok, or the best i can get with static IPs :-)
>>>   
>>> So i started to implement dhcp for my further tests before i
>> go to productive use. So now i have the problem with dhcp i
>> get the exit 256 message and than the denied message from my
>> client1 again. It seems that my client is doing the ddns
>> updates instead the script in the dhcp-config. :-) But i don't
>> know why. I think the exit 256 message is the problem. My
>> dhcpd-user has rw rights on the sh-script and recursive on
>> /etc/dhcp and now the sh-script is under /usr/local/sbin as
>> rowland said.
>>> In the dyndns.log from the sh-script it says every time that
>> no dhcp-user exists and that the script would generate one.
>>>   
>> Hi Markus,
>> As we see it, you use either Rowland's dhcp direct-inject-on-dc script
>> and turn off ddns on your clients or you use sssd on Linux and
>> allow the
>> window clients to send their own ddns requests. If the latter, you
>> disable ddns updates if you run sssd on the DC.
>> @Rowland Is this what we are taking about here?
>> Cheers and sorry about the confusion,
>> Steve
>>
>>>   
>>>
>>> Gesendet: Freitag, 22. August 2014 um 01:01 Uhr
>>> Von: steve <steve at steve-ss.com>
>>> An: samba at lists.samba.org
>>> Betreff: Re: [Samba] samba4 internal dns Server ddns for the
>> reverse lookup Zone
>>> On Fri, 2014-08-22 at 00:19 +0200, Markus Roth wrote:
>>>
>>>> Yes I'm running sssd.conf with the dns update:
>>>>
>>>> [sssd]
>>>> services = nss, pam
>>>> config_file_version = 2
>>>> domains = winnet.local
>>>> [nss]
>>>> [pam]
>>>> [domain/winnet.local]
>>>> id_provider = ad
>>>> auth_provider = ad
>>>> access_provider = ad
>>>> ldap_id_mapping = False
>>>> dyndns_update = True
>>>>
>>>> my /etc/krb5.keytab was generatet with the --principal server1$
>>>>
>>> I'm confused then. I thought you'd given up with sssd...
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>