[Samba] Does automatic DNS PTR generation in Samba4 AD DC work at all?

L.P.H. van Belle belle at bazuin.nl
Wed Mar 5 05:06:24 MST 2014


Hai 
i guess this is not working correcly.. or im missing something. 

I used the windows RATS tool to create the reverse zone. ( with the first pc i joined in the domain ) 
i joined with 2 pc's ( win7 32bit and win7 64bit) with static ips.

none of these pc's got the ptr record automaticly. :-) 
any tips ? 

( debian wheezy, samba 4.1.5 backports ) 

can you explain this a bit more. 
>If you do it by hand the automatic dns update of the client 
>will be denied in your log files and will not succeed.

I've seen a denied message im my logs. 

Mar  4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#52886: update 'INTERNAL.DOMAIN.TLD/IN' denied
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: cancelling transaction on zone INTERNAL.DOMAIN.TLD
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: allowing update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=AAAA key=808-ms-7.1-6f64.302d95ec-a399-11e3-e2ad-d067e50ae371/160/0
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: allowing update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=808-ms-7.1-6f64.302d95ec-a399-11e3-e2ad-d067e50ae371/160/0
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: allowing update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=808-ms-7.1-6f64.302d95ec-a399-11e3-e2ad-d067e50ae371/160/0
Mar  4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#65459: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin-PC.INTERNAL.DOMAIN.TLD' AAAA
Mar  4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#65459: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin-PC.INTERNAL.DOMAIN.TLD' A
Mar  4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#65459: updating zone 'INTERNAL.DOMAIN.TLD/NONE': adding an RR at 'Admin-PC.INTERNAL.DOMAIN.TLD' A
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: added Admin-PC.INTERNAL.DOMAIN.TLD Admin-PC.INTERNAL.DOMAIN.TLD.#0111200#011IN#011A#01110.249.250.64
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: subtracted rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 1 900 600  86400 0'
Mar  4 13:33:26 RTD-DC1 named[32667]: samba_dlz: added rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 2 900 600 86400 0'

and

Mar  4 13:35:25 RTD-DC1 named[32667]: client 10.249.250.64#52469: RFC 1918 response from Internet for 230.250.249.10.in-addr.arpa
Mar  4 14:55:49 RTD-DC1 smbd[4586]: [2014/03/04 14:55:49.465331,  0] ../source3/rpc_server/srv_pipe.c:1395(api_rpcTNP)
Mar  4 14:55:49 RTD-DC1 smbd[4586]:   api_rpcTNP: \svcctl: SVCCTL_GETSERVICEKEYNAMEW failed.
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD
Mar  5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#61301: update 'INTERNAL.DOMAIN.TLD/IN' denied
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: cancelling transaction on zone INTERNAL.DOMAIN.TLD
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: allowing update of signer=admin32-pc\$\@INTERNAL.DOMAIN.TLD name=Admin32-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=AAAA key=1124-ms-7.1-6814.11a3bdab-a457-11e3-6e92-d067e50f1671/160/0
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: allowing update of signer=admin32-pc\$\@INTERNAL.DOMAIN.TLD name=Admin32-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=1124-ms-7.1-6814.11a3bdab-a457-11e3-6e92-d067e50f1671/160/0
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: allowing update of signer=admin32-pc\$\@INTERNAL.DOMAIN.TLD name=Admin32-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=1124-ms-7.1-6814.11a3bdab-a457-11e3-6e92-d067e50f1671/160/0
Mar  5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#55191: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin32-PC.INTERNAL.DOMAIN.TLD' AAAA
Mar  5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#55191: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin32-PC.INTERNAL.DOMAIN.TLD' A
Mar  5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#55191: updating zone 'INTERNAL.DOMAIN.TLD/NONE': adding an RR at 'Admin32-PC.INTERNAL.DOMAIN.TLD' A
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: added Admin32-PC.INTERNAL.DOMAIN.TLD Admin32-PC.INTERNAL.DOMAIN.TLD.#0111200#011IN#011A#01110.249.250.32
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: subtracted rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 2 900 600 86400 0'
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: added rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 3 900 600 86400 0'
Mar  5 12:15:03 rtd-dc1 named[32667]: samba_dlz: committed transaction on zone INTERNAL.DOMAIN.TLD

setup... 
basic samba4 setup, default config ( with rfc2307 )
default windows 7 SP1 installed with all updates, nothing changed in windows 7.


Greetz, 

Louis 

>-----Oorspronkelijk bericht-----
>Van: mueller at tropenklinik.de 
>[mailto:samba-bounces at lists.samba.org] Namens Daniel Müller
>Verzonden: woensdag 5 maart 2014 10:32
>Aan: 'Sven Geggus'; samba at lists.samba.org
>Onderwerp: Re: [Samba] Does automatic DNS PTR generation in 
>Samba4 AD DC work at all?
>
>Hello again,
>
>to make reverse DNS work on the fly with samba 4.1  you just 
>have to create the reverse lookup zone with samba-tool,ex:
>samba-tool dns zonecreate your-samba-dns-server 
>135.168.192.in-addr.arpa. 
>Then every client that register will auto get a reverse entry.
>If you do it by hand the automatic dns update of the client 
>will be denied in your log files and will not succeed.
>
>EDV Daniel Müller
>
>Leitung EDV
>Tropenklinik Paul-Lechler-Krankenhaus
>Paul-Lechler-Str. 24
>72076 Tübingen 
>Tel.: 07071/206-463, Fax: 07071/206-499
>eMail: mueller at tropenklinik.de
>Internet: www.tropenklinik.de 
>"Der Mensch ist die Medizin des Menschen"
>
>
>
>
>
>-----Ursprüngliche Nachricht-----
>Von: samba-bounces at lists.samba.org 
>[mailto:samba-bounces at lists.samba.org] Im Auftrag von Sven Geggus
>Gesendet: Mittwoch, 5. März 2014 10:21
>An: samba at lists.samba.org
>Betreff: [Samba] Does automatic DNS PTR generation in Samba4 
>AD DC work at all?
>
>Hello,
>
>I'm currently running a test setup with Samba4 internal DNS 
>(Version 4.1.5 from Debian backports) and 2 clients (Linux and 
>a Windows).
>
>Everything seems to work so far.
>
>However, I do not manage to get automatic PTR generation 
>working. I'm using the internal DNS at the moment, but I 
>wouldn't mind changing to bind if this will make it work.
>
>While reverse DNS seem to work with manually generated entries 
>(from Windows DNS Manager, samba-tool does not work for this 
>either) the automatic generation does not seem to work.
>
>When trying to trigger generation in mmc it tells me that the 
>entry already exists.
>
>Is this a known issue?
>
>Regards
>
>Sven
>
>--
>Trotz der zunehmenden Verbreitung von Linux erfreut sich der 
>Bär, und - dank Knut - insbesondere der Eisbär, deutlich 
>größerer Beliebtheit als der Pinguin. (Gefunden bei 
>http://telepolis.de/) /me is giggls at ircnet, 
>http://sven.gegg.us/ on the Web
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>



More information about the samba mailing list