[Samba] Win 10 Pro /registerdns issue with Samba 4.3.9 / TKEY Refused SOA

D Grealish dev.grealish at gmail.com
Tue Aug 23 12:58:55 UTC 2016


Hi,

We have an issue where an existing Win 10 client is already part of the
domain, however it's DNS entry isn't updated,
Is this bug related? https://bugzilla.samba.org/show_bug.cgi?id=11520

please see details below

Ubuntu: 16.04.01 LTS
Samba: Version 4.3.9-Ubuntu
Samba Internal DNS

'allow dns updates = nonsecure' is not specified

>ipconfig /registerdns

Samba-Log: sudo tail -f /var/log/samba/log.samba
[2016/08/16 14:57:53.551309, 2]
../source4/dns_server/dns_update.c:773(dns_server_process_update)
Got a dns update request.
[2016/08/16 14:57:53.551714, 2]
../source4/dns_server/dns_update.c:730(dns_update_allowed)
Update not allowed for unsigned packet.
[2016/08/16 14:57:53.566702, 1]
../source4/dns_server/dns_query.c:523(handle_tkey)
Tkey handshake completed
[2016/08/16 14:57:53.570610, 3]
../source4/smbd/service_stream.c:66(stream_terminate_connection)
Terminating connection - 'dns_tcp_call_loop: tstream_read_pdu_blob_recv() -
NT_STATUS_CONNECTION_DISCONNECTED'
[2016/08/16 14:57:53.570808, 3]
../source4/smbd/process_single.c:114(single_terminate)
single_terminate: reason[dns_tcp_call_loop: tstream_read_pdu_blob_recv() -
NT_STATUS_CONNECTION_DISCONNECTED]

in the wireshark dump we see:

71 4.964295 172.16.10.5 172.20.0.39 DNS 156 Dynamic update response
0x4806 *Refused
SOA *testsamba.domain.com CNAME AAAA A A 172.20.0.39

77 4.970157 172.20.0.39 172.16.10.5 DNS 448 Standard query 0x59f6 TKEY
1116-ms-7.90-49f0535.97c7139d-6398-11e6-30bf-a01d48f78dbb TKEY

80 4.978315 172.16.10.5 172.20.0.39 DNS 412 Standard query response 0x59f6
TKEY 1116-ms-7.90-49f0535.97c7139d-6398-11e6-30bf-a01d48f78dbb TKEY TSIG

Refused SOA is interesting above

Thanks in Advance

Grealish


More information about the samba mailing list