[Samba] RNDC errors using SAMBA_INTERNAL_DNS
lingpanda101 at gmail.com
lingpanda101 at gmail.com
Thu Apr 28 17:32:51 UTC 2016
On 4/28/2016 1:05 PM, Rowland penny wrote:
> On 28/04/16 17:21, Wayne Merricks wrote:
>> Hi all,
>>
>> I've set up a simple domain using Samba 4.4.2 from source under
>> Ubuntu 16.04.
>>
>> I accepted the usual defaults and basically followed wiki.samba.org
>> to the letter. The main thing is I'm using Samba's internal DNS and
>> not Bind (Bind is not even installed on the system).
>>
>> In the log.samba file on the first DC I kept getting this:
>>
>> [2016/04/28 17:01:02.716292, 0]
>> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>> /usr/sbin/rndc: Failed to exec child - No such file or directory
>> [2016/04/28 17:01:02.717094, 0]
>> ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done)
>> ../source4/dsdb/dns/dns_update.c:91: Failed rndc update -
>> NT_STATUS_UNSUCCESSFUL
>>
>> I'm not sure why dns_update would want to use rndc (bind utils) but I
>> installed rndc just to see what it would do and now I get this error:
>>
>> [2016/04/28 17:09:03.095642, 0]
>> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>> /usr/sbin/rndc: rndc: neither /etc/bind/rndc.conf nor
>> /etc/bind/rndc.key was found
>> [2016/04/28 17:09:03.096090, 0]
>> ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done)
>> ../source4/dsdb/dns/dns_update.c:91: Failed rndc update -
>> NT_STATUS_ACCESS_DENIED
>>
>> The error makes sense as Bind is not installed but I'm puzzled why it
>> wants to do this even though it is set up as Samba Internal DNS.
>>
>> On the second DC I get tsig verify failure messages but the Google
>> consensus seems to be that these are safely ignored under Samba
>> Internal DNS:
>>
>> [2016/04/27 17:35:00.113802, 0]
>> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>> /usr/local/samba/sbin/samba_dnsupdate: ; TSIG error with server:
>> tsig verify failure
>> [2016/04/27 17:35:00.296862, 0]
>> ../lib/util/util_runcmd.c:328(samba_runcmd_io_handler)
>> /usr/local/samba/sbin/samba_dnsupdate: ; TSIG error with server:
>> tsig verify failure
>> [2016/04/27 17:35:00.316968, 0]
>> ../source4/dsdb/dns/dns_update.c:295(dnsupdate_nameupdate_done)
>> ../source4/dsdb/dns/dns_update.c:295: Failed DNS update -
>> NT_STATUS_UNSUCCESSFUL
>>
>>
>> Are either of these errors worth fixing or are they something to live
>> with when using Samba Internal DNS?
>>
>> Regards,
>>
>> Wayne
>>
>
> Strange, I compiled 4.4.2 myself and I don't have /usr/bin/rndc but
> everything is working ok, mind you, I do use Bind9.
>
> What packages did you install before compiling Samba and what where
> your ./configure options ?
>
> Rowland
>
>
I use Ubuntu 12.04 with Samba 4.4.2 and do not have this issue. It's as
if Samba thinks you are using Bind. What is the output of
samba-tool testparm -v | grep |"server services ="
Is bind installed and or running on this system inadvertently? I'm
curious if switching to bind and back to the internal DNS would solve this?
'samba_upgradedns --dns-backend=BIND9_DLZ'
then
'samba_upgradedns --dns-backend=SAMBA_INTERNAL'
Shutdown Samba first.
The tsig error you can safely ignore. Secure updates last I checked
still don't work.
--
-James
More information about the samba
mailing list