[Samba] A and/or PTR record deleted after pc wake-up

Thu Mar 6 03:13:21 MST 2014

Hai, 

Thank you for your responce. 
yes, i see the denied, but ive tested everything is all my checks are ok. 

The only thing i can try now is upgrading bind9 (  9.8.4 ) to 9.9.5. 
All the checks with krb5 are ok, so im a bit in the dark here. 

iv removed my samba install, and i do it again. 
but now with bind9 (9.9.5) 

i'll report back. 

thanks for your responce sofar

Louis

>-----Oorspronkelijk bericht-----
>Van: Peter Serbe [mailto:peter at serbe.ch] 
>Verzonden: donderdag 6 maart 2014 10:31
>Aan: L.P.H. van Belle; samba at lists.samba.org
>Onderwerp: Re: [Samba] A and/or PTR record deleted after pc wake-up
>
>Hi Louis, 
>
>> So its normal that after a pc woke up my A and PTR records 
>gets deleted ?? 
>
>It doesn't look like the records were deleted...
>The very first lines of Your log seem to indicate that the 
>authentication of the 
>bind doesn't work. I'd fix this first. 
>
>> Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: starting 
>transaction on zone INTERNAL.DOMAIN.TLD
>> Mar  5 15:43:13 rtd-dc1 named[3717]: client 
>10.249.250.64#49271: update 'INTERNAL.DOMAIN.TLD/IN' denied
>> Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: cancelling 
>transaction on zone INTERNAL.DOMAIN.TLD
>
>After I had fixed my installation (both bind9.9.5 and 
>samba4.1.5 compiled from sources, 
>caveat: the necessary configure switches for bind), my log 
>files of the starting bind 
>looks like this (nothing snipped in between, after it folloing 
>about 100 lines telling 
>about automatically created zones): 
>
>Mar  6 09:22:58 ulysses named[2218]: reading built-in trusted 
>keys from file '/etc/bind/bind.keys'
>Mar  6 09:22:58 ulysses named[2218]: using default UDP/IPv4 
>port range: [1024, 65535]
>Mar  6 09:22:58 ulysses named[2218]: using default UDP/IPv6 
>port range: [1024, 65535]
>Mar  6 09:22:58 ulysses named[2218]: listening on IPv6 
>interfaces, port 53
>Mar  6 09:22:58 ulysses named[2218]: listening on IPv4 
>interface lo, 127.0.0.1#53
>Mar  6 09:22:58 ulysses named[2218]: listening on IPv4 
>interface eth0, 192.168.41.10#53
>Mar  6 09:22:58 ulysses named[2218]: generating session key 
>for dynamic DNS
>Mar  6 09:22:58 ulysses named[2218]: sizing zone task pool 
>based on 8 zones
>Mar  6 09:22:58 ulysses named[2218]: Loading 'AD DNS Zone' 
>using driver dlopen
>Mar  6 09:22:59 ulysses samba[1998]: [2014/03/06 
>09:22:59.551610,  0] ../source4/smbd/server.c:370(binary_smbd_main)
>Mar  6 09:22:59 ulysses samba[1998]:   samba version 4.1.5 started.
>Mar  6 09:22:59 ulysses samba[1998]:   Copyright Andrew 
>Tridgell and the Samba Team 1992-2013
>Mar  6 09:23:00 ulysses ntpd[2293]: Listen normally on 5 eth0 
>fe80::beae:c5ff:fe76:903e UDP 123
>Mar  6 09:23:00 ulysses ntpd[2293]: peers refreshed
>Mar  6 09:23:02 ulysses named[2218]: samba_dlz: started for DN 
>DC=serbe,DC=local
>Mar  6 09:23:02 ulysses named[2218]: samba_dlz: starting configure
>Mar  6 09:23:02 ulysses named[2218]: samba_dlz: configured 
>writeable zone 'serbe.local'
>Mar  6 09:23:02 ulysses named[2218]: samba_dlz: configured 
>writeable zone '_msdcs.serbe.local'
>Mar  6 09:23:02 ulysses named[2218]: set up managed keys zone 
>for view _default, file 'managed-keys.bind'
>Mar  6 09:23:02 ulysses named[2218]: automatic empty zone: 
>10.IN-ADDR.ARPA
>
>Before fixing it my installation did halfway work. But now it 
>runs much smoother, 
>only one annoying entry in daemon.log*). 
>
>I'd also check the principals in the keytab used for 
>authentication of bind. 
>
>Best regards
>Peter
>
>
>
>*) something weired is going on during startup with the 
>netlogon service. 
>I googled around, but found no really fitting information
>Mar  6 09:23:05 ulysses samba[2502]: [2014/03/06 
>09:23:05.069996,  0] 
>../source4/librpc/rpc/dcerpc_util.c:681(dcerpc_pipe_auth_recv)
>Mar  6 09:23:05 ulysses samba[2502]:   Failed to bind to uuid 
>12345678-1234-abcd-ef00-01234567cffb for 
>12345678-1234-abcd-ef00-01234567cffb at ncalrpc:192.168.41.10[DEFA
>ULT,sign,seal] NT_STATUS_ACCESS_DENIED
>
>