[Samba] RNDC errors using SAMBA_INTERNAL_DNS

Rowland penny rpenny at samba.org
Thu Apr 28 17:05:01 UTC 2016 

On 28/04/16 17:21, Wayne Merricks wrote:
> Hi all,
>
> I've set up a simple domain using Samba 4.4.2 from source under Ubuntu 
> 16.04.
>
> I accepted the usual defaults and basically followed wiki.samba.org to 
> the letter.  The main thing is I'm using Samba's internal DNS and not 
> Bind (Bind is not even installed on the system).
>
> In the log.samba file on the first DC I kept getting this:
>
> [2016/04/28 17:01:02.716292,  0] 
> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>   /usr/sbin/rndc: Failed to exec child - No such file or directory
> [2016/04/28 17:01:02.717094,  0] 
> ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done)
>   ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - 
> NT_STATUS_UNSUCCESSFUL
>
> I'm not sure why dns_update would want to use rndc (bind utils) but I 
> installed rndc just to see what it would do and now I get this error:
>
> [2016/04/28 17:09:03.095642,  0] 
> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>   /usr/sbin/rndc: rndc: neither /etc/bind/rndc.conf nor 
> /etc/bind/rndc.key was found
> [2016/04/28 17:09:03.096090,  0] 
> ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done)
>   ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - 
> NT_STATUS_ACCESS_DENIED
>
> The error makes sense as Bind is not installed but I'm puzzled why it 
> wants to do this even though it is set up as Samba Internal DNS.
>
> On the second DC I get tsig verify failure messages but the Google 
> consensus seems to be that these are safely ignored under Samba 
> Internal DNS:
>
> [2016/04/27 17:35:00.113802,  0] 
> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>   /usr/local/samba/sbin/samba_dnsupdate: ; TSIG error with server: 
> tsig verify failure
> [2016/04/27 17:35:00.296862,  0] 
> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>   /usr/local/samba/sbin/samba_dnsupdate: ; TSIG error with server: 
> tsig verify failure
> [2016/04/27 17:35:00.316968,  0] 
> ../source4/dsdb/dns/dns_update.c:295(dnsupdate_nameupdate_done)
>   ../source4/dsdb/dns/dns_update.c:295: Failed DNS update - 
> NT_STATUS_UNSUCCESSFUL
>
>
> Are either of these errors worth fixing or are they something to live 
> with when using Samba Internal DNS?
>
> Regards,
>
> Wayne
>

Strange, I compiled 4.4.2 myself and I don't have /usr/bin/rndc but 
everything is working ok, mind you, I do use Bind9.

What packages did you install before compiling Samba and what where your 
./configure options ?

Rowland

More information about the samba mailing list