[Samba] cannot update W7 or linux clients
Bob of Donelson Trophy
bob at donelsontrophy.net
Mon Jan 19 14:46:24 MST 2015
That was it! (Ugh, palm slap to forehead!!)
Thanks, Rowland.
---
-------------------------
Bob Wooden of Donelson Trophy
615.885.2846 (main)
www.donelsontrophy.com [4]
"Everyone deserves an award!!"
On 2015-01-19 14:46, Rowland Penny wrote:
> On 19/01/15 20:30, Bob of Donelson Trophy wrote:
> Here yau go: root at dc01:~# cat /etc/bind/named.conf.options // Defined ACL Begin acl thisserverip { 192.168.16.54; }; acl all-networks { 192.168.16.0/24; }; // Defined ACL End options { directory "/var/cache/bind"; version "0.0.7"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 [1] // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 208.67.222.222; 208.67.220.220; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys [2] //========================================================================
dnssec-validation auto; auth-nxdomain yes; # conform to RFC1035 =no listen-on-v6 { none; }; listen-on port 53 { "thisserverip"; 127.0.0.1; }; notify no; empty-zones-enable no; // Add any subnets or hosts you want to allow to use this DNS server allow-query { "all-networks"; 127.0.0.1/32; }; // Add any subnets or hosts you want to allow to use recursive queries allow-recursion { "all-networks"; 127.0.0.1/32; }; // https://wiki.samba.org/index.php/Dns-backend_bind [3] // DNS dynamic updates via Kerberos (optional, but recommended) tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab"; }; --- ------------------------- Bob Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [4] [1 [4]] "Everyone deserves an award!!" On 2015-01-19 14:16, Rowland Penny wrote: On 19/01/15 20:14, Bob of Donelson Trophy wrote: My DC was installed with one of Louis' scripts. So, yes, bind9 was setup and working. OK, so what is in /etc/bind/named.conf.options ? Rowland
Links: ------ [1] http://www.donelsontrophy.com [4]
OK, I had another look at what you posted earlier:
root at dc01:~# cat /etc/resolv.conf
search dtshrm.local
domain dtshrm.local
nameserver 192.168.16.54
firstly, remove the domain line, it is not required and in fact is
ignored.
secondly, you have this in smb.conf: 'realm = DTSHRM.LAN'
which is it, 'local' or 'lan' ?
Also, is there connection from the gateway to the internet ?
Rowland
Links:
------
[1] http://www.kb.cert.org/vuls/id/800113
[2] https://www.isc.org/bind-keys
[3] https://wiki.samba.org/index.php/Dns-backend_bind
[4] http://www.donelsontrophy.com
More information about the samba
mailing list