[Samba] DHCP-DNS problems

Rowland Penny rpenny at samba.org
Tue Jan 2 17:03:50 UTC 2018

On Tue, 2 Jan 2018 16:15:14 +0000
Kristján Valur Jónsson <kristjan at rvx.is> wrote:

> Sure, here it is.
> However, notice that named appears to enter a state where it refuses
> the updates, and restarting *only *named, fixes it.  Unsure how to
> explain that. I also tried removing the cached samba credentials
> from /tmp and recreating them, etc, but no luck.  The credentials as
> used by dhcp-dyndns appear to be ok, only named won't accept them....
> Anyway, see the attached archive.

Not a lot wrong there, apart from:

/etc/hostname should only contain, the short hostname e.g. dc02

I would change /etc/hosts on dc02 to this: localhost
::1 localhost
<dc02 ipaddress> dc02.rvx.is dc02
Repeat for the other DCs

smb.conf seems to be missing 'idmap_ldb:use rfc2307  = yes'

'named.conf' has this line: recursion yes;

nine lines above it is this:

- If you are building an AUTHORITATIVE DNS server, do NOT enable

All AD DCs running a dns server are 'AUTHORITATIVE'

You seem to be running dhcp in ways I never thought of, but it should
work, I think that for some reason the kerberos ticket is expiring and
not being renewed.

Try making the changes I suggested above and see how you go on. If it
fails again, check if '/tmp/dhcp-dyndns.cc' exists and if it has
expired. If it doesn't exist or has expired, try running this as root:

kinit -F -k -t /etc/dhcpduser.keytab -c /tmp/dhcp-dyndns.cc
dhcpduser at XXX.XX

Where 'XXX.XX' is your uppercase realm name.


More information about the samba mailing list