[Samba] bind9 and isc-dhcp-Server for dynamic DNS-updates Error

Siovel Rodríguez Morales siovel at softel.cu
Sun Oct 8 21:30:49 UTC 2017 

Hi Rowland, I resolve the problem partially. 

The problem was due to the fact that I do not have winbind installed because Samba 4, Bind9 and isc-dhcp-server are on the same server.
I commented on these lines in the script dhcp-dyndns.sh and it worked (on commit and on release but not on expiry )
#TESTUSER=$(wbinfo -u | grep dhcpduser)
#if [ -z "${TESTUSER}" ]; then
#    echo "No AD dhcp user exists, need to create it first.. exiting."
#    echo "you can do this by typing the following commands"
#    echo "kinit Administrator@${REALM}"
#    echo "samba-tool user create dhcpduser --random-password --description=\"Unprivileged user for DNS updates via ISC DHCP server\""
#    echo "samba-tool user setexpiry dhcpduser --noexpiry"
#    echo "samba-tool group addmembers DnsAdmins dhcpduser"
#    exit 1
#else
#    echo "TESTUSER: ${TESTUSER}" >> /tmp/Update.txt
#fi

Now when an IP address expires, the dns is not update. I execute manually the script and don't work
/etc/dhcp/bin/dhcp-dyndns.sh delete 192.168.16.37  0              

This is the /tmp/Update.txt  file

DOMAIN: sco.cu
REALM: SCO.CU
KRB5CCNAME: /tmp/dhcp-dyndns.cc
Keytab exists
ACTION: delete
IP: 192.168.16.37
DHCID: 
NAME: 0

This is the /var/log/syslog
Oct  8 17:22:35 samba467 dhcpd: Expired: IP: 192.168.16.37
Oct  8 17:22:35 samba467 dhcpd: execute_statement argv[0] = /etc/dhcp/bin/dhcp-dyndns.sh
Oct  8 17:22:35 samba467 dhcpd: execute_statement argv[1] = delete
Oct  8 17:22:35 samba467 dhcpd: execute_statement argv[2] = 192.168.16.37
Oct  8 17:22:35 samba467 dhcpd: execute_statement argv[3] =
Oct  8 17:22:35 samba467 dhcpd: execute_statement argv[4] = 0
Oct  8 17:22:35 samba467 dhcpd: execute: /etc/dhcp/bin/dhcp-dyndns.sh exit status 256


Maybe these lines should be commented:
# Exit if no ip address or mac-address
if [ -z "${ip}" ] || [ -z "${DHCID}" ]; then
    usage
    exit 1
fi


Thanks for the valuable help,
  

----- Mensaje original -----
De: "samba" <samba at lists.samba.org>
Para: "samba" <samba at lists.samba.org>
Enviados: Domingo, 8 de Octubre 2017 4:36:24
Asunto: Re: [Samba] bind9 and isc-dhcp-Server for dynamic DNS-updates Error

On Sat, 7 Oct 2017 20:08:26 -0400 (CDT)
Siovel Rodríguez Morales <siovel at softel.cu> wrote:

> Hi Rowland, I have not another dhcp server. dnsmasq is not configured.

No, do you have a line in /etc/Network-Manager/Network-Manager.conf
with 'dnsmasq' in it ?
If so, comment it out and restart Network-Manager

What is in /etc/hosts and /etc/resolv.conf ?

> 
> I think the problem may be permissions. Which distribution linux do
> you use, Ubuntu? I was tracing the script code dhcp-dyndns.sh, when
> the execution on the first line fails

You could be right, is apparmor running ?
I use Devuan

> 
> Is correct this instructions in Debian:
>  chown root:root  /etc/dhcp/dhcpduser.keytab
>  chmod 400  /etc/dhcp/dhcpduser.keytab
> 

It is correct on Devuan, so should be correct on debian, but check who
runs DHCP on your system.

I will send you a script to replace the /etc/dhcp/bin/dhcp-dyndns.sh.
It is the same as the one on the wikipage, but it will output
information to a text file in /tmp: /tmp/Update.txt
It also has '-d' hardcoded.

If you can try this script and then send me /tmp/Update.txt and
anything relevant from /var/log/syslog, I will see if I can work out
what is going wrong.

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list