[Samba] client @0x7f6ed800bc20 update 'campus.company.intra/IN' denied

Elias Pereira empbilly at gmail.com
Mon Jul 2 13:27:58 UTC 2018


The error described in the email title happens in version 9.10 of the bind
that I have installed in our main DC. In face of that, I found the samba
wiki article that talks about this problem.

I made a new installation via source with the suggested options:

root at dc3:~# fakeroot ./configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --sysconfdir=/etc/bind --localstatedir=/var
--enable-threads --enable-largefile --with-libtool --enable-shared
--enable-static --with-openssl=/usr --with-gssapi=/usr --with-gnu-ld
--with-dlz-postgres=no --with-dlz-mysql=no --with-dlz-bdb=yes
--with-dlz-filesystem=yes --with-dlz-ldap=yes --with-dlz-stub=yes
--with-dlopen=yes --with-geoip=/usr --enable-ipv6

root at dc3:~# named -v
BIND 9.12.1-P2 <id:14b0e01>

root at dc3:/etc/bind# named-checkconf OK

samba_dnsupdate --verbose --all-names OK

samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes OK

options {
        directory "/var/cache/bind";
        version "non3";

        forwarders { xxx.xxx.xxx.xxx; }; #public IP

        allow-query { internal; };

        #dnssec-enable no;
        dnssec-validation no;
        #dnssec-lookaside auto;

        tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";

        auth-nxdomain no;    # conform to RFC1035

        listen-on port 53 {; xxx.xxx.xxx.xxx; }; #public IP
        #listen-on-v6 { none; };

        zone-statistics yes;
        statistics-file "/var/log/named/stats/named_stats.log";

include "/etc/bind/rndc.key";
controls {
        inet allow { localhost; } keys { rndc-key;};

acl "internal" {;;;

For example, if the client is offline, can it cause the error?

Any idea?

Elias Pereira

More information about the samba mailing list