[Samba] Problems with replication and dns
Rowland Penny
rpenny at samba.org
Wed Mar 15 15:51:27 UTC 2017
On Wed, 15 Mar 2017 10:03:59 -0500
Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:
> Hello,
> Thank you very much for your reply.
> I have configured bind using the dlz backend and these are the
> results.
>
> named log:
>
> Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on
> 6 zones Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone'
> using driver dlopen Mar 15 09:39:42 neptuno named[13166]: samba_dlz:
> started for DN DC=pragma,DC=com,DC=co
> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure
> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
> zone 'waspruebas.proteccion.com.co'
> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
> zone 'segdllo02.suranet.com'
> Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE:
> has no NS records
> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure
> zone 'dbmed04.pragma.com.co'
> Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone
> Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error)
>
You should only have the zone records for 'pragma.com.co' in AD and
Bind must be running on the DC.
I use Devuan and the Bind files are split into four files, these are
the files I have basically been using for the last 5 years without
problem:
cat /etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
cat /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
version "0.0.7";
notify no;
empty-zones-enable no;
allow-query { 127.0.0.1; 192.168.0.0/24; };
allow-recursion { 192.168.0.0/24; 127.0.0.1/32; };
forwarders { 8.8.8.8; };
allow-transfer { none; };
dnssec-validation no;
dnssec-enable no;
listen-on-v6 { none; };
listen-on port 53 { 192.168.0.2; 127.0.0.1; };
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
};
cat /etc/bind/named.conf.local
include "/usr/local/samba/private/named.conf";
cat /etc/bind/named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
>
> As you can see in the log, the zone dbmed04.pragma.com.co does not
> have ns records according to the database.
Hang on a minute, you posted that this is the smb.conf on your DC:
realm = PRAGMA.COM.CO
Your realm must be the same as your DNS domain, so where does
'dbmed04.pragma.com.co' come from ??
Try the command like this:
samba-tool dns zonedelete neptuno.pragma.com.co
waspruebas.proteccion.com.co -U Administrator
(just in case it has spilt over two lines, the above should be on one
line)
If that works, remove the other spurious domain and then try
'samba_upgradedns --dns-backend=BIND9_DLZ'
finally delete the last wrong zone 'dbmed04.pragma.com.co'
Rowland
More information about the samba
mailing list