[Samba] Internal DNS strangeness in 4.1.16

Mon Mar 2 09:12:10 MST 2015

Hi Andrew,

   I have a feeling I'm really close to getting this working so I don't
want to abandon it in favor of DLZ unless it's the correct way to do it.
Everything seems to work from the command line, just when the DHCP daemon
tries to call it it fails. I'm assuming all the authentication stuff is
working which is usually the tricky part. Any idea how to track down the
WERR_INTERNAL_DB_ERROR?

Thanks,
Greg

On Sat, Feb 28, 2015 at 9:47 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Fri, 2015-02-27 at 17:08 +0000, Rowland Penny wrote:
> > On 27/02/15 16:55, Greg Dickie wrote:
> > > Hi,
> > >
> > >    I have just provisioned a new samba setup with 2 DCs running ISC
> DHCPd in failover and I’m trying to get it to play nice with samba internal
> DNS but I’m having some issues.
> > >
> > > 1) I’m using on commit, etc triggers in the dhcpd config to call a
> script that calls samba-tool to add, delete or update DNS. This script
> works fine when I call it from the command line as the dhcpd user but when
> called from the dhcpd daemon it throws a WERR_INTERNAL_DB_ERROR which is
> scary. That is coming from the client I guess. What is the best way to
> figure out what is going on server side. I increased the log level but I
> get crazy amounts of info that does not seem relevant.
> > >
> > > 2) I added a reverse zone 80.16.172.in-addr.arpa and when I add
> records to it all lookups fail with samba saying it’s not authoritative for
> the lookup.I figured maybe it was a class B vs Class C thing so I created a
> 16.172.in-addr.arpa zone and tried that. It’s better, now I just get a
> SERVFAIL like it can’t find it. If I do a samba-tool query ALL I see
> records in the AD.
> > >
> > > I haven’t played with 4 since the early days, it’s come a long way.
> nice.
> > >
> > > Any ideas for the problems above?
> > >
> > > Thanks,
> > > Greg
> > >
> > > --
> > > Greg Dickie
> > > just a guy
> > > 514-983-5400
> >
> > Hi, if I remember correctly, samba-tool uses nsupdate to do the updates,
> > so why not do the same as me and script around nsupdate, I can assure
> > you this works, well it has for me for the last two years.
>
> samba-tool dns uses the RPC management interface, not nsupdate.  It also
> doesn't do a lot of error checking - for better or worse, what you put
> in will end up in the database, provided you have the right privileges
> (the username/password given to samba-tool).
>
> Andrew Bartlett
>
> --
> Andrew Bartlett                       http://samba.org/~abartlet/
> Authentication Developer, Samba Team  http://samba.org
> Samba Developer, Catalyst IT
> http://catalyst.net.nz/services/samba
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

-- 

Greg Dickie
just a guy