[Samba] samba Digest, Vol 172, Issue 2

Rowland Penny rpenny at samba.org
Sun Apr 2 14:01:32 UTC 2017

On Sun, 2 Apr 2017 15:22:31 +0200
Karl Heinz Wichmann via samba <samba at lists.samba.org> wrote:

> Hallo Rowland

> client006\$\@MY.DOMAIN.DE: updating zone 'MY.DOMAIN.DE/NONE': update 
> failed: rejected by secure update (REFUSED)

This shows your problem

> Are the rights ok?


> I created the dns entry with samba-tool. Is this a problem?


> How can i check if i had problems with access rights? For example if 
> bind can not read or write a file. Currently i check the bind with " 
> named -u bind -f -g 2>&1 | tee /etc/bind/named.log ".

Your problem isn't the actual permissions on the directories, you do
not seem to have the right to update AD. This could be something as
simple as a time difference between the clients and the DC. Are you
running an ntp server on the DC and are your windows clients using this
as their timeserver ?

If time isn't the problem, can you please post your Bind conf files.


More information about the samba mailing list