[Samba] cannot update W7 or linux clients

Bob of Donelson Trophy bob at donelsontrophy.net
Mon Jan 19 13:30:41 MST 2015


Here yau go: 

root at dc01:~# cat /etc/bind/named.conf.options
// Defined ACL Begin
acl thisserverip {;
acl all-networks {;
// Defined ACL End

options {
 directory "/var/cache/bind";
 version "0.0.7";

 // If there is a firewall between you and nameservers you want
 // to talk to, you may need to fix the firewall to allow multiple
 // ports to talk. See http://www.kb.cert.org/vuls/id/800113

 // If your ISP provided one or more IP addresses for stable
 // nameservers, you probably want to use them as forwarders.
 // Uncomment the following block, and insert the addresses replacing
 // the all-0's placeholder.

 forwarders {;;

 // If BIND logs error messages about the root key being expired,
 // you will need to update your keys. See https://www.isc.org/bind-keys

 dnssec-validation auto;

 auth-nxdomain yes; # conform to RFC1035 =no 
 listen-on-v6 { none; };
 listen-on port 53 { "thisserverip";; };
 notify no;
 empty-zones-enable no;

 // Add any subnets or hosts you want to allow to use this DNS server
 allow-query { "all-networks";; };
 // Add any subnets or hosts you want to allow to use recursive queries
 allow-recursion { "all-networks";; };

 // https://wiki.samba.org/index.php/Dns-backend_bind
 // DNS dynamic updates via Kerberos (optional, but recommended)
 tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";



Bob Wooden of Donelson Trophy

615.885.2846 (main)
www.donelsontrophy.com [1]

"Everyone deserves an award!!"

On 2015-01-19 14:16, Rowland Penny wrote: 

> On 19/01/15 20:14, Bob of Donelson Trophy wrote:
>> My DC was installed with one of Louis' scripts. So, yes, bind9 was setup and working.
> OK, so what is in /etc/bind/named.conf.options ?
> Rowland

[1] http://www.donelsontrophy.com

More information about the samba mailing list