[Samba] cannot update W7 or linux clients

Rowland Penny rowlandpenny at googlemail.com
Mon Jan 19 13:46:03 MST 2015 

On 19/01/15 20:30, Bob of Donelson Trophy wrote:
>   
>
> Here yau go:
>
> root at dc01:~# cat /etc/bind/named.conf.options
> // Defined ACL Begin
> acl thisserverip {
>   192.168.16.54;
>   };
> acl all-networks {
>   192.168.16.0/24;
>   };
> // Defined ACL End
>
> options {
>   directory "/var/cache/bind";
>   version "0.0.7";
>
>   // If there is a firewall between you and nameservers you want
>   // to talk to, you may need to fix the firewall to allow multiple
>   // ports to talk. See http://www.kb.cert.org/vuls/id/800113
>
>   // If your ISP provided one or more IP addresses for stable
>   // nameservers, you probably want to use them as forwarders.
>   // Uncomment the following block, and insert the addresses replacing
>   // the all-0's placeholder.
>
>   forwarders {
>   208.67.222.222; 208.67.220.220;
>   };
>
>
> //========================================================================
>   // If BIND logs error messages about the root key being expired,
>   // you will need to update your keys. See https://www.isc.org/bind-keys
>
> //========================================================================
>   dnssec-validation auto;
>
>   auth-nxdomain yes; # conform to RFC1035 =no
>   listen-on-v6 { none; };
>   listen-on port 53 { "thisserverip"; 127.0.0.1; };
>   notify no;
>   empty-zones-enable no;
>
>   // Add any subnets or hosts you want to allow to use this DNS server
>   allow-query { "all-networks"; 127.0.0.1/32; };
>   // Add any subnets or hosts you want to allow to use recursive queries
>   allow-recursion { "all-networks"; 127.0.0.1/32; };
>
>   // https://wiki.samba.org/index.php/Dns-backend_bind
>   // DNS dynamic updates via Kerberos (optional, but recommended)
>   tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
>
> };
> ---
>
> -------------------------
>
> Bob Wooden of Donelson Trophy
>
> 615.885.2846 (main)
> www.donelsontrophy.com [1]
>
> "Everyone deserves an award!!"
>
> On 2015-01-19 14:16, Rowland Penny wrote:
>
>> On 19/01/15 20:14, Bob of Donelson Trophy wrote:
>>
>>> My DC was installed with one of Louis' scripts. So, yes, bind9 was setup and working.
>> OK, so what is in /etc/bind/named.conf.options ?
>>
>> Rowland
>   
>
> Links:
> ------
> [1] http://www.donelsontrophy.com

OK, I had another look at what you posted earlier:

root at dc01:~# cat /etc/resolv.conf
search dtshrm.local
domain dtshrm.local
nameserver 192.168.16.54

firstly, remove the domain line, it is not required and in fact is ignored.

secondly, you have this in smb.conf: 'realm = DTSHRM.LAN'

which is it, 'local' or 'lan' ?

Also, is there connection from the gateway to the internet ?

Rowland

More information about the samba mailing list