[Samba] WERR_DNS_ERROR_RCODE_REFUSED
Carlos A. P. Cunha
carlos.hollow at gmail.com
Tue Jun 28 22:42:24 UTC 2016
Hello!
Yes, Windows dns too, my dns in samba is Bind!!!
I dont understande -> "where does Bind store the zone info ? *"
:-|
Thanks
Em 28-06-2016 18:25, Rowland penny escreveu:
> On 28/06/16 21:37, Carlos A. P. Cunha wrote:
>> Hello!
>> I have Samba 4.3.3 with Windows Server 2008 R2 SP1, I cm problems in
>> DNS, which in windows can not create dns entries:
>>
>>
>> Windows = 192.168.200.66
>> Samba = 192.168.200.90
>>
>> Error trying to create samba-tool:
>>
>> samba-tool dns add 192.168.200.66 _msdcs.local.domain
>> 9e0c71b8-36e0-4269-a69e-1a03bdab4841 CNAME WIN2008.local.domain
>> -Uadministrator
>> Password is [LOCAL \ administrator]
>> ERROR (runtime): uncaught exception - (9005,
>> 'WERR_DNS_ERROR_RCODE_REFUSED')
>
> It looks like the windows DC flatly refused the update
>
>> File
>> "/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>> line 175, in _run
>> self.run return (* args, ** kwargs)
>> File "/opt/samba/lib/python2.7/site-packages/samba/netcmd/dns.py",
>> line 1073, in run
>> 0, server, zone, name, add_rec_buf, None)
>> root @ samba: /opt/samba_src/samba-4.3.3#
>>
>>
>>
>> Samba 4 logs:
>>
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: starting transaction
>> on zone local.domain
>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 59830:
>> update 'local.domain / IN' denied
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: canceling transaction
>> on zone local.domain
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: starting transaction
>> on zone local.domain
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: Allowing update of
>> signer = Win2008 \ $ \ @ LOCAL.DOMAIN name = WIN2008.local.domain
>> tcpaddr = type = AAAA key = 996-ms-7.3-37764d.
>> e5b44e60-3d6e-11e6-02b3-080027f8e516 / 160/0
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: Allowing update of
>> signer = Win2008 \ $ \ @ LOCAL.DOMAIN name = WIN2008.local.domain
>> tcpaddr = type = A key = 996-ms-7.3-37764d.
>> e5b44e60-3d6e-11e6-02b3-080027f8e516 / 160/0
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: Allowing update of
>> signer = Win2008 \ $ \ @ LOCAL.DOMAIN name = WIN2008.local.domain
>> tcpaddr = type = A key = 996-ms-7.3-37764d.
>> e5b44e60-3d6e-11e6-02b3-080027f8e516 / 160/0
>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 50239 /
>> key Win2008 \ $ \ @ LOCAL.DOMAIN: updating zone 'local.domain /
>> NONE': deleting RRset at 'WIN2008.local.domain' YYYY
>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 50239 /
>> key Win2008 \ $ \ @ LOCAL.DOMAIN: updating zone 'local.domain /
>> NONE': deleting RRset at 'WIN2008.local.domain' THE
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: subtracted rdataset
>> WIN2008.local.domain '. WIN2008.local.domain # 011900 # 011IN # 011A
>> # 011192.168.200.66'
>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 50239 /
>> key Win2008 \ $ \ @ LOCAL.DOMAIN: updating zone 'local.domain /
>> NONE': adding an RR at 'WIN2008.local.domain 'The 192.168.200.66
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: added rdataset
>> WIN2008.local.domain 'WIN2008.local.domain # 0111200 # 011IN # 011A #
>> 011192.168.200.66.'
>> Jun 28 17:28:40 samba named [8988]: samba_dlz:. Subtracted
>> local.domain rdataset 'local.domain # 0113600 # # 011SOA 011IN #
>> 011samba.local.domain. hostmaster.local.domain. 5900600 86400 3600 '
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: added rdataset
>> local.domain 'local.domain # 0113600 # # 011SOA 011IN #
>> 011samba.local.domain.. hostmaster.local.domain. 6900600 86400 3600 '
>> Jun 28 17:28:40 samba named [8988]: samba_dlz: committed transaction
>> on zone local.domain
>>
>
> This log fragment is only showing the DC updating its own record on a
> Samba DC, you will need to look in the logs on the windows DC.
>
> I take it that the windows DC is running a DNS server, I think you
> said in an earlier post that this is Bind DNS server, if this is the
> case *where does Bind store the zone info ? *
>
> Rowland
>
>> Any idea ?
>>
>> Thank you
>>
>
>
More information about the samba
mailing list