[Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
Markus Roth
markusroth1983 at gmx.net
Tue Aug 26 11:59:05 MDT 2014
Hi Steve,
so i'm at home :-) I hope you had a good day and better weather than in germany :-) I added the ad_domain option and changed the /etc/hosts and /etc/hostname. getent passwd shows no AD-users :-(
Now i get the following:
[root at server1 var]# host server1.winnet.local
server1.winnet.local has address 192.168.178.130
[root at server1 var]# ping server1
PING server1.winnet.local (192.168.178.130) 56(84) bytes of data.
64 bytes from server1.winnet.local (192.168.178.130): icmp_seq=1 ttl=64 time=0.018 ms
64 bytes from server1.winnet.local (192.168.178.130): icmp_seq=2 ttl=64 time=0.047 ms
64 bytes from server1.winnet.local (192.168.178.130): icmp_seq=3 ttl=64 time=0.029 ms
^C
--- server1.winnet.local ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.018/0.031/0.047/0.012 ms
[root at server1 var]# hostname -d
winnet.local
[root at server1 var]# hostname -f
server1.winnet.local
[root at server1 var]# hostname -s
server1
sssd-log:
[root at server1 var]# sssd -i -d3
(Tue Aug 26 19:50:25 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0080): No SUDO module provided for [winnet.local] !!
(Tue Aug 26 19:50:25 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0080): No autofs module provided for [winnet.local] !!
(Tue Aug 26 19:50:25 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0020): No selinux module provided for [winnet.local] !!
(Tue Aug 26 19:50:25 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0020): No host info module provided for [winnet.local] !!
(Tue Aug 26 19:50:25 2014) [sssd[be[winnet.local]]] [be_run_online_cb] (0x0080): Going online. Running callbacks.
(Tue Aug 26 19:50:25 2014) [sssd[nss]] [sss_mc_create_file] (0x0010): Failed to lock file /var/lib/sss/mc/passwd.
(Tue Aug 26 19:50:25 2014) [sssd[nss]] [sss_mc_create_file] (0x0010): Failed to lock file /var/lib/sss/mc/group.
(Tue Aug 26 19:50:25 2014) [sssd[be[winnet.local]]] [ad_dyndns_nsupdate_done] (0x0040): DNS update finished
Gesendet: Dienstag, 26. August 2014 um 00:07 Uhr
Von: steve <steve at steve-ss.com>
An: "Markus Roth" <markusroth1983 at gmx.net>
Cc: samba at lists.samba.org
Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
On Mon, 2014-08-25 at 23:41 +0200, Markus Roth wrote:
> hi steve,
>
> ok, here we go :-)
>
> after i added the two lines in sssd.conf i get:
>
> [root at server1 run]# sssd -i -d3
> (Mon Aug 25 23:22:48:345405 2014) [sssd] [server_setup] (0x0010): Error creating pidfile: /var/run/sssd! (17 [File exists])
> [root at server1 run]# rm -dfr /var/run/sssd.pid
> [root at server1 run]# sssd -i -d3
> (Mon Aug 25 23:23:00 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0080): No SUDO module provided for [winnet.local] !!
> (Mon Aug 25 23:23:00 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0080): No autofs module provided for [winnet.local] !!
> (Mon Aug 25 23:23:00 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0020): No selinux module provided for [winnet.local] !!
> (Mon Aug 25 23:23:00 2014) [sssd[be[winnet.local]]] [be_process_init] (0x0020): No host info module provided for [winnet.local] !!
> (Mon Aug 25 23:23:00 2014) [sssd[be[winnet.local]]] [be_run_online_cb] (0x0080): Going online. Running callbacks.
> (Mon Aug 25 23:23:00 2014) [sssd[nss]] [sss_mc_create_file] (0x0010): Failed to lock file /var/lib/sss/mc/passwd.
> (Mon Aug 25 23:23:00 2014) [sssd[nss]] [sss_mc_create_file] (0x0010): Failed to lock file /var/lib/sss/mc/group.
> (Mon Aug 25 23:23:00 2014) [sssd[be[winnet.local]]] [ad_dyndns_nsupdate_done] (0x0040): DNS update finished
>
OK, the hammer did the trick. We're connected.
Did you try getent passwd <domain-user> ?
> -----------------------------------------------------------------------------------------------------------------------------------
>
> [root at server1 run]# host server1.winnet.local
> server1.winnet.local has address 192.168.178.130
>
> [root at server1 run]# ping server1
> PING server1 (192.168.178.130) 56(84) bytes of data.
> 64 bytes from server1 (192.168.178.130): icmp_seq=1 ttl=64 time=0.040 ms
> 64 bytes from server1 (192.168.178.130): icmp_seq=2 ttl=64 time=0.046 ms
> 64 bytes from server1 (192.168.178.130): icmp_seq=3 ttl=64 time=0.039 ms
>
> [root at server1 run]# hostname -d
Add:
ad_domain winnet.local
to the domain section of sssd.conf
> [root at server1 run]# hostname -f
> server1
we need:
server1.winnet.local here but let's ignore that for now.
> [root at server1 run]# hostname -s
> server1
>
> -----------------------------------------------------------------------------------------------------------------------------------
>
> Aug 25 23:35:16 server1 samba[15291]: [2014/08/25 23:35:16.725551, 0] ../source4/smbd/server.c:370(binary_smbd_main)
> Aug 25 23:35:16 server1 samba[15291]: samba version 4.1.11 started.
> Aug 25 23:35:16 server1 samba[15291]: Copyright Andrew Tridgell and the Samba Team 1992-2013
> Aug 25 23:35:16 server1 samba4: Starting samba4: [ OK ]
> Aug 25 23:35:16 server1 systemd: Started LSB: start and stop samba4.
> Aug 25 23:35:17 server1 samba[15292]: [2014/08/25 23:35:17.282959, 0] ../source4/smbd/server.c:488(binary_smbd_main)
> Aug 25 23:35:17 server1 samba[15292]: samba: using 'standard' process model
> Aug 25 23:35:17 server1 samba[15292]: [2014/08/25 23:35:17.295902, 0] ../lib/util/become_daemon.c:136(daemon_ready)
> Aug 25 23:35:17 server1 smbd[15296]: [2014/08/25 23:35:17.558980, 0] ../lib/util/become_daemon.c:136(daemon_ready)
> Aug 25 23:35:24 server1 systemd: Starting System Security Services Daemon...
> Aug 25 23:35:24 server1 sssd: Starting up
> Aug 25 23:35:24 server1 sssd[be[winnet.local]]: Starting up
> Aug 25 23:35:24 server1 sssd[nss]: Starting up
> Aug 25 23:35:24 server1 sssd[pam]: Starting up
> Aug 25 23:35:24 server1 systemd: Started System Security Services Daemon.
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: starting transaction on zone winnet.local
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: allowing update of signer=server1\$\@WINNET.LOCAL name=server1.winnet.local tcpaddr=192.168.178.130 type=A key=3076625766.sig-server1.winnet.local/160/0
> Aug 25 23:35:24 server1 named[12755]: client 192.168.178.130#35678/key server1\$\@WINNET.LOCAL: updating zone 'winnet.local/NONE': deleting rrset at 'server1.winnet.local' A
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: subtracted rdataset server1.winnet.local 'server1.winnet.local. 3600 IN A 192.168.178.130'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: subtracted rdataset winnet.local 'winnet.local. 3600 IN SOA server1.winnet.local. hostmaster.winnet.local. 67 900 600 86400 0'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: added rdataset winnet.local 'winnet.local. 3600 IN SOA server1.winnet.local. hostmaster.winnet.local. 68 900 600 86400 0'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: committed transaction on zone winnet.local
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: starting transaction on zone winnet.local
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: allowing update of signer=server1\$\@WINNET.LOCAL name=server1.winnet.local tcpaddr=192.168.178.130 type=AAAA key=1651992907.sig-server1.winnet.local/160/0
> Aug 25 23:35:24 server1 named[12755]: client 192.168.178.130#55338/key server1\$\@WINNET.LOCAL: updating zone 'winnet.local/NONE': deleting rrset at 'server1.winnet.local' AAAA
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: committed transaction on zone winnet.local
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: starting transaction on zone winnet.local
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: allowing update of signer=server1\$\@WINNET.LOCAL name=server1.winnet.local tcpaddr=192.168.178.130 type=A key=1121994789.sig-server1.winnet.local/160/0
> Aug 25 23:35:24 server1 named[12755]: client 192.168.178.130#46781/key server1\$\@WINNET.LOCAL: updating zone 'winnet.local/NONE': adding an RR at 'server1.winnet.local' A
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: added rdataset server1.winnet.local 'server1.winnet.local. 3600 IN A 192.168.178.130'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: subtracted rdataset winnet.local 'winnet.local. 3600 IN SOA server1.winnet.local. hostmaster.winnet.local. 68 900 600 86400 0'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: added rdataset winnet.local 'winnet.local. 3600 IN SOA server1.winnet.local. hostmaster.winnet.local. 69 900 600 86400 0'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: committed transaction on zone winnet.local
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: starting transaction on zone 178.168.192.in-addr.arpa
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: allowing update of signer=server1\$\@WINNET.LOCAL name=130.178.168.192.in-addr.arpa tcpaddr=192.168.178.130 type=PTR key=651940748.sig-server1.winnet.local/160/0
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: allowing update of signer=server1\$\@WINNET.LOCAL name=130.178.168.192.in-addr.arpa tcpaddr=192.168.178.130 type=PTR key=651940748.sig-server1.winnet.local/160/0
> Aug 25 23:35:24 server1 named[12755]: client 192.168.178.130#43966/key server1\$\@WINNET.LOCAL: updating zone '178.168.192.in-addr.arpa/NONE': deleting rrset at '130.178.168.192.in-addr.arpa' PTR
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: subtracted rdataset 130.178.168.192.in-addr.arpa '130.178.168.192.in-addr.arpa. 3600 IN PTR server1.winnet.local.'
> Aug 25 23:35:24 server1 named[12755]: client 192.168.178.130#43966/key server1\$\@WINNET.LOCAL: updating zone '178.168.192.in-addr.arpa/NONE': adding an RR at '130.178.168.192.in-addr.arpa' PTR
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: added rdataset 130.178.168.192.in-addr.arpa '130.178.168.192.in-addr.arpa. 3600 IN PTR server1.winnet.local.'
> Aug 25 23:35:24 server1 named[12755]: samba_dlz: committed transaction on zone 178.168.192.in-addr.arpa
>
OK, We're missing the part where sssd connects. We need to know what
ticket is being requested and which hostname is being sent.
> -----------------------------------------------------------------------------------------------------------------------------------
>
> 27.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
> ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
> 192.168.178.130 server1 server1.winnet.local
>
> -----------------------------------------------------------------------------------------------------------------------------------
>
This is a test domain no? Simplify to:
127.0.0.1 localhost
192.168.178.130 server1.winnet.local server1
> hostname shows:
>
> server1.winnet.local
change it to:
server1
Restart everything and go through the previous post again.
Oh, and don't forget to test the getent command;)
We'll be offline now 'til 06:00 CEST, so,
Cheers and good luck
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list