[Samba] BIND DNS Reverse Update

basti mailinglist at unix-solution.de
Wed Apr 12 10:34:32 UTC 2017


on my Samba AD with BIND DLZ backend it looks like Reverse Updates did
not work.

dig winclient.example.com resolve an IP
dig -x IP does not resolve the hostname

In the bind log I see
client update 'example.com/IN' denied

my named.conf

// This is the primary configuration file for the BIND DNS server named.
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
// If you are just adding zones, please do that in

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
// samba AD
include "/var/lib/samba/private/named.conf";
// logging
include "/etc/bind/named.conf.log";

/var/lib/samba/private/named.conf look like

dlz "AD DNS Zone" {
    # For BIND 9.8.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so";

    # For BIND 9.9.x
     database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so";

    # For BIND 9.10.x
    # database "dlopen

I have also an /var/lib/samba/private/named.conf.update with an update
policy for my zone that I have also try to include in my zonefile but
that seem not work with dlz.

How can I include an update policy to my zone?

Best Regards

More information about the samba mailing list