[Samba] Samba_dlz: canceling trasaction on zone domain

Philip Banh Philip.Banh at oahpp.ca
Mon Nov 9 21:28:32 UTC 2015 

Hey Rowland,

Below is a cutdown version of my DHCP. As you can see, I haven't really set anything up for ddns-update. While using Samba4's internal DNS I had the setting 'ddns-update-style interim;' and it seemed to have worked fine. But with bind I'm not sure what else is needed.

Thanks for taking a look at it.
Philip

#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample
#   see 'man 5 dhcpd.conf'
#
# option definitions common to all supported networks...
option domain-name "DOMAIN";
option domain-name-servers 172.17.0.170, 172.17.0.171;

filename "pxelinux.0";
next-server 172.17.0.50;

default-lease-time 600;
max-lease-time 7200;

# Use this to enble / disable dynamic dns updates globally.
#ddns-updates on; # not really necessary, ddns-update-style is good enough
ddns-update-style interim;
deny client-updates;
ignore-client-updates;
#allow client-updates;

#update-static-leases on;
 key DHCP_UPDATER {
         algorithm HMAC-MD5.SIG-ALG.REG.INT;

         #Paste in the generated key here.   Should be in quotes 
                  secret "SECRET";
         };
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

class "Others" {

.....

}

subnet 172.17.0.0 netmask 255.255.255.0 {
  option routers 172.17.0.1;

  pool {
    range 172.17.0.201 172.17.0.254;
    option broadcast-address 172.17.0.255;
    deny members of "Others";
  }

.....The rest of vlans

log-facility local6;

________________________________________
From: samba [samba-bounces at lists.samba.org] on behalf of Rowland Penny [rowlandpenny241155 at gmail.com]
Sent: Monday, November 09, 2015 4:15 PM
To: samba at lists.samba.org
Subject: Re: [Samba] Samba_dlz: canceling trasaction on zone domain

On 09/11/15 20:48, Philip Banh wrote:
> Hi there,
>
> I'm in the process of switching from using Samba4 internal DNS to using BIND as my backend DNS. However, I'm currently running into some issues with the transition.
>
> Here's an example of the messages I'm getting from /var/log/messages logs:
>
> Nov  9 15:34:26 pho-dcpvl-01N named[27524]: samba_dlz: starting transaction on zone DOMAIN
> Nov  9 15:34:26 pho-dcpvl-01N named[27524]: client 172.17.0.30#59051: update 'DOMAIN/IN' denied
> Nov  9 15:34:26 pho-dcpvl-01N named[27524]: samba_dlz: cancelling transaction on zone DOMAIN
> Nov  9 15:35:24 pho-dcpvl-01N named[27524]: samba_dlz: starting transaction on zone DOMAIN
> Nov  9 15:35:24 pho-dcpvl-01N named[27524]: client 172.17.0.30#42206: update 'DOMAIN/IN' denied
> Nov  9 15:35:24 pho-dcpvl-01N named[27524]: samba_dlz: cancelling transaction on zone DOMAIN
> Nov  9 15:35:26 pho-dcpvl-01N named[27524]: samba_dlz: starting transaction on zone DOMAIN
> Nov  9 15:35:26 pho-dcpvl-01N named[27524]: client 172.17.0.30#51563: update 'DOMAIN/IN' denied
> Nov  9 15:35:26 pho-dcpvl-01N named[27524]: samba_dlz: cancelling transaction on zone DOMAIN
> Nov  9 15:35:32 pho-dcpvl-01N named[27524]: samba_dlz: starting transaction on zone DOMAIN
>
> * 172.17.0.30 being my DHCP server.
>
> Does anyone know what's causing the above messages? And how do you proceed in a setup with Samba4 AD / BIND with DDNS.
>
> My guess here is I'm having troubles with setting up the DHCP properly to communicate with BIND, so the DNS isn't being updated.
>
> Please let me know what other information I can provide.
>
> Thanks,
> Philip
>
>
>
>

Can you post your dhcpd.conf ?

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list