[Samba] samba Digest, Vol 172, Issue 2
Karl Heinz Wichmann
wichmann-karl at web.de
Sun Apr 2 15:26:31 UTC 2017
Hello Rowland
I removed the parameter "forward only;" and changed the setting like
below.
But the same problem.
update failed: rejected by secure update (REFUSED)
Am 02.04.2017 um 17:04 schrieb Rowland Penny:
> On Sun, 2 Apr 2017 16:36:09 +0200
> Karl Heinz Wichmann via samba <samba at lists.samba.org> wrote:
>
>> Hello Rowland
>>
>
>
>>
>>
>> Can this be a Problem with my debian 8.7 bind service?
>>
>
> No, definitely not
>
> Try making your named.conf.options look like this:
>
> options {
> directory "/var/cache/bind";
> version "0.0.7";
> notify no;
> empty-zones-enable no;
> allow-query { 127.0.0.1; 192.168.99.0/24; };
> allow-recursion { 192.168.99.0/24; 127.0.0.1/32; };
> forwarders { 8.8.8.8; };
> allow-transfer { none; };
> dnssec-validation no;
> dnssec-enable no;
>
> listen-on-v6 { none; };
> listen-on port 53 { 192.168.99.8; 127.0.0.1; };
> tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
> };
>
> There is one really big problem in your version (there are others as
> well):
>
> 'forward only;' With this, you Bind server doesn't even try to search
> AD for your domain computers, it forwards the search to what ever <IP
> of my forwarder> is.
>
> Rowland
>
More information about the samba
mailing list