[Samba] Samba_dlz DNS update permissions
Wayne Andersen
waynea at clima-tech.com
Thu Mar 20 11:36:05 MDT 2014
I have configured my samba system to use bind_dlz, and it works great, I
do have a question about workstation initiated DNS updates.
When I do a ipconfig /registerdns I get.
20-Mar-2014 11:20:36.347 samba_dlz: starting transaction on zone
corp.mydomain.com
20-Mar-2014 11:20:36.355 client 192.168.1.78#52450: update
'corp.mydomain.com/IN' denied
20-Mar-2014 11:20:36.355 samba_dlz: cancelling transaction on zone
corp.mydomain.com
20-Mar-2014 11:20:36.373 samba_dlz: starting transaction on zone
corp.mydomain.com
20-Mar-2014 11:20:36.378 samba_dlz: disallowing update of
signer=j81wby1\$\@CORP.mydomain.COM name=J81WBY1.corp.mydomain.com
type=AAAA error=insufficient access rights
20-Mar-2014 11:20:36.379 client 192.168.1.78#50807/key
j81wby1\$\@CORP.mydomain.COM: updating zone 'corp.mydomain.com/NONE':
update failed: rejected by secure update (REFUSED)
20-Mar-2014 11:20:36.379 samba_dlz: cancelling transaction on zone
corp.mydomain.com
samba_dnsupdate works great.
So when it flags the 'insufficient access rights' which rights is it
referring to, AD rights, NAMED permissions...?
Do I need to change permissions for Domain Computers to allow these updates?
More information about the samba
mailing list