[Samba] WERR_DNS_ERROR_RCODE_REFUSED

Carlos A. P. Cunha carlos.hollow at gmail.com
Wed Jun 29 13:48:12 UTC 2016 

Hello!


What DNS server is running on the DC windows?

Yes, to join him in Dominio, select the two options (equal in imegm wiki 
samba), amnos roadando as 2008 R2

Have you looked at the logs on the DC windows?

Yes

If you have looked in the logs on the DC windows, have you found 
anything relevant?

Nothing appears, so identified

Does the windows DC have a fixed ipaddress?

It has fixed IP in the same samba DC network.


Note: Samba my main DC with FSMO and added Windows




Thanks

Em 29-06-2016 05:00, Rowland penny escreveu:
> On 28/06/16 23:42, Carlos A. P. Cunha wrote:
>> Hello!
>>
>> Yes, Windows dns too, my dns in samba is Bind!!!
>>
>>
>> I dont understande -> "where does Bind store the zone info ? *"
>>
>> :-|
>>
>>
>> Thanks
>>
>> Em 28-06-2016 18:25, Rowland penny escreveu:
>>> On 28/06/16 21:37, Carlos A. P. Cunha wrote:
>>>> Hello!
>>>> I have Samba 4.3.3 with Windows Server 2008 R2 SP1, I cm problems 
>>>> in DNS, which in windows can not create dns entries:
>>>>
>>>>
>>>> Windows = 192.168.200.66
>>>> Samba = 192.168.200.90
>>>>
>>>> Error trying to create samba-tool:
>>>>
>>>> samba-tool dns add 192.168.200.66 _msdcs.local.domain 
>>>> 9e0c71b8-36e0-4269-a69e-1a03bdab4841 CNAME WIN2008.local.domain 
>>>> -Uadministrator
>>>> Password is [LOCAL \ administrator]
>>>> ERROR (runtime): uncaught exception - (9005, 
>>>> 'WERR_DNS_ERROR_RCODE_REFUSED')
>>>
>>> It looks like the windows DC flatly refused the update
>>>
>>>> File 
>>>> "/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", 
>>>> line 175, in _run
>>>> self.run return (* args, ** kwargs)
>>>> File "/opt/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", 
>>>> line 1073, in run
>>>> 0, server, zone, name, add_rec_buf, None)
>>>> root @ samba: /opt/samba_src/samba-4.3.3#
>>>>
>>>>
>>>>
>>>> Samba 4 logs:
>>>>
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: starting transaction 
>>>> on zone local.domain
>>>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 59830: 
>>>> update 'local.domain / IN' denied
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: canceling 
>>>> transaction on zone local.domain
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: starting transaction 
>>>> on zone local.domain
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: Allowing update of 
>>>> signer = Win2008 \ $ \ @ LOCAL.DOMAIN name = WIN2008.local.domain 
>>>> tcpaddr = type = AAAA key = 996-ms-7.3-37764d. 
>>>> e5b44e60-3d6e-11e6-02b3-080027f8e516 / 160/0
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: Allowing update of 
>>>> signer = Win2008 \ $ \ @ LOCAL.DOMAIN name = WIN2008.local.domain 
>>>> tcpaddr = type = A key = 996-ms-7.3-37764d. 
>>>> e5b44e60-3d6e-11e6-02b3-080027f8e516 / 160/0
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: Allowing update of 
>>>> signer = Win2008 \ $ \ @ LOCAL.DOMAIN name = WIN2008.local.domain 
>>>> tcpaddr = type = A key = 996-ms-7.3-37764d. 
>>>> e5b44e60-3d6e-11e6-02b3-080027f8e516 / 160/0
>>>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 50239 / 
>>>> key Win2008 \ $ \ @ LOCAL.DOMAIN: updating zone 'local.domain / 
>>>> NONE': deleting RRset at 'WIN2008.local.domain' YYYY
>>>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 50239 / 
>>>> key Win2008 \ $ \ @ LOCAL.DOMAIN: updating zone 'local.domain / 
>>>> NONE': deleting RRset at 'WIN2008.local.domain' THE
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: subtracted rdataset 
>>>> WIN2008.local.domain '. WIN2008.local.domain # 011900 # 011IN # 
>>>> 011A # 011192.168.200.66'
>>>> Jun 28 17:28:40 samba named [8988]: client 192.168.200.66 # 50239 / 
>>>> key Win2008 \ $ \ @ LOCAL.DOMAIN: updating zone 'local.domain / 
>>>> NONE': adding an RR at 'WIN2008.local.domain 'The 192.168.200.66
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: added rdataset 
>>>> WIN2008.local.domain 'WIN2008.local.domain # 0111200 # 011IN # 011A 
>>>> # 011192.168.200.66.'
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz:. Subtracted 
>>>> local.domain rdataset 'local.domain # 0113600 # # 011SOA 011IN # 
>>>> 011samba.local.domain. hostmaster.local.domain. 5900600 86400 3600 '
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: added rdataset 
>>>> local.domain 'local.domain # 0113600 # # 011SOA 011IN # 
>>>> 011samba.local.domain.. hostmaster.local.domain. 6900600 86400 3600 '
>>>> Jun 28 17:28:40 samba named [8988]: samba_dlz: committed 
>>>> transaction on zone local.domain
>>>>
>>>
>>> This log fragment is only showing the DC updating its own record on 
>>> a Samba DC, you will need to look in the logs on the windows DC.
>>>
>>> I take it that the windows DC is running a DNS server, I think you 
>>> said in an earlier post that this is Bind DNS server, if this is the 
>>> case *where does Bind store the zone info ? *
>>>
>>> Rowland
>>>
>>>> Any idea ?
>>>>
>>>> Thank you
>>>>
>>>
>>>
>>
>>
>
> OK, please answer these questions:
>
> What DNS server is running on the windows DC ?
> Have you looked at the logs on the windows DC ?
> If you have looked in the logs on the windows DC, have you found 
> anything relevant ?
>
> Does the windows DC have a fixed ipaddress ?
>
> Rowland
>
>

More information about the samba mailing list