[Samba] Reverse zones fail with secure updates
lingpanda101 at gmail.com
Wed Dec 7 15:33:27 UTC 2016
On 11/28/2016 10:40 AM, L.P.H. van Belle via samba wrote:
> Hai James,
> So a windows xp works but Win7/10 not, at least is good hint.
> So, i did have a look in my setup again.
> And i'm thinking, i have disabled ipv6 for my windows 7 and win 10 pc's.
> That may be an option..
> A thing you can try, have a look here :
> ipv6 Admx to simple disable ipv6.
> I've set : Disable all IPv6 components.
> I also checked my dhcp options.
> Im sending these options
> 003 route
> 004 time
> 006 dns servers
> 015 DNS Domain Name ( your_primary.domain.tld )
> 042 NTP
> 046 WINS Node type : (0x8)
> And last thing what can be different.
> I have made my own CA root and client certs, im not using the generated certs from samba.
> And the CA root is also published to all my win7/10 computers.
> I suggest give it a try, and report back.
>> -----Oorspronkelijk bericht-----
>> Van: lingpanda101 [mailto:lingpanda101 at gmail.com]
>> Verzonden: maandag 28 november 2016 15:40
>> Aan: L.P.H. van Belle; samba at lists.samba.org
>> I have been unsuccessful with getting this to work. However I do
>> have a caveat to this. I have a legacy Windows XP device on my domain
>> that did register it's PTR record. My Windows 7 and 10 devices do not.
>> I'll investigate a bit further but I believe Samba is working correctly.
>> Thanks for the help.
>> - James
I've tried every solution posted and then some and no matter what my
Windows 7 clients will not request a PTR update. I can see in a
wireshark capture the XP client request a PTR update. A Windows 7 client
does not. Not even clients with static IP's. I'll chalk this up to
strictly a windows issue.
On a side not even if I manually create a A RR and select "create
associated pointer (PTR) record" in the Micorsoft DNS snap in. A PTR
record does not get created.
More information about the samba