[Samba] Reverse zones fail with secure updates

[lingpanda101]

On 11/28/2016 10:40 AM, L.P.H. van Belle via samba wrote:
> Hai James,
>
> So a windows xp works but Win7/10 not, at least is good hint.
>
> So, i did have a look in my setup again.
> And i'm thinking, i have disabled ipv6 for my windows 7 and win 10 pc's.
> That may be an option..
>
> A thing you can try, have a look here :
> http://www.bvanleeuwen.nl/faq/?p=1142
> ipv6 Admx to simple disable ipv6.
>
> I've set : Disable all IPv6 components.
>
> I also checked my dhcp options.
> Im sending these options
> 003 route
> 004 time
> 006 dns servers
> 015 DNS Domain Name 	( your_primary.domain.tld )
> 042 NTP
> 046 WINS Node type : (0x8)
>
> And last thing what can be different.
> I have made my own CA root and client certs, im not using the generated certs from samba.
> And the CA root is also published to all my win7/10 computers.
>
> I suggest give it a try, and report back.
>
> Greetz,
>
> Louis
>
>> -----Oorspronkelijk bericht-----
>> Van: lingpanda101 [mailto:lingpanda101 at gmail.com]
>> Verzonden: maandag 28 november 2016 15:40
>> Aan: L.P.H. van Belle; samba at lists.samba.org
> ...
>>>
>> Louis,
>>
>>       I have been unsuccessful with getting this to work. However I do
>> have a caveat to this. I have a legacy Windows XP device on my domain
>> that did register it's PTR record. My Windows 7 and 10 devices do not.
>> I'll investigate a bit further but I believe Samba is working correctly.
>> Thanks for the help.
>>
>> --
>> - James
>
>
>
>
>

I've tried every solution posted and then some and no matter what my 
Windows 7 clients will not request a PTR update. I can see in a 
wireshark capture the XP client request a PTR update. A Windows 7 client 
does not. Not even clients with static IP's. I'll chalk this up to 
strictly a windows issue.

On a side not even if I manually create a A RR and select "create 
associated pointer (PTR) record" in the Micorsoft DNS snap in. A PTR 
record does not get created.

-- 
- James