[Samba] Samba_dlz DNS update permissions

Wayne Andersen waynea at clima-tech.com
Mon Mar 24 10:34:40 MDT 2014 

I am not sure what you mean by this, I did not create any DNS entries, 
just joined machines to the domain from the computers themselves.

By remove, do you mean remove it from the Domain and re-add it or, just 
remove the DNS entry.

If just the DNS entry, what would be the command to do that?

Wayne

On 03/21/2014 01:10 AM, Daniel Müller wrote:
> Did you set the dns entry of the machine by hand?
> This would be the a tipical error then.
> Just remove the machine and let it do the job.
>
> Good luck
> Daniel
>
>
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Wayne Andersen
> Gesendet: Donnerstag, 20. März 2014 18:36
> Cc: samba at lists.samba.org
> Betreff: [Samba] Samba_dlz DNS update permissions
>
> I have configured my samba system to use bind_dlz, and it works great, I do
> have a question about workstation initiated DNS updates.
>
> When I do a ipconfig /registerdns I get.
>
> 20-Mar-2014 11:20:36.347 samba_dlz: starting transaction on zone
> corp.mydomain.com
> 20-Mar-2014 11:20:36.355 client 192.168.1.78#52450: update
> 'corp.mydomain.com/IN' denied
> 20-Mar-2014 11:20:36.355 samba_dlz: cancelling transaction on zone
> corp.mydomain.com
> 20-Mar-2014 11:20:36.373 samba_dlz: starting transaction on zone
> corp.mydomain.com
> 20-Mar-2014 11:20:36.378 samba_dlz: disallowing update of
> signer=j81wby1\$\@CORP.mydomain.COM name=J81WBY1.corp.mydomain.com type=AAAA
> error=insufficient access rights
> 20-Mar-2014 11:20:36.379 client 192.168.1.78#50807/key
> j81wby1\$\@CORP.mydomain.COM: updating zone 'corp.mydomain.com/NONE':
> update failed: rejected by secure update (REFUSED)
> 20-Mar-2014 11:20:36.379 samba_dlz: cancelling transaction on zone
> corp.mydomain.com
>
> samba_dnsupdate works great.
>
> So when it flags the 'insufficient access rights' which rights is it
> referring to, AD rights, NAMED permissions...?
>
> Do I need to change permissions for Domain Computers to allow these updates?
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list