[Samba] client @0x7f6ed800bc20 172.16.5.86#62582: update 'campus.company.intra/IN' denied
Rowland Penny
rpenny at samba.org
Mon Jul 2 15:30:59 UTC 2018
On Mon, 2 Jul 2018 12:12:07 -0300
Elias Pereira via samba <samba at lists.samba.org> wrote:
> >
> > Hmm, bind 9.12.x isn't supported yet.
>
>
> He works with "dlopen
> /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so" without
> problems, at first.
I repeat, Bind 9.12.x is unsupported at this time, just because it
worked once is no reason to use it. It may have nothing to do with your
problem, but using a supported Bind version will rule it out.
>
> include "/etc/bind/rndc.key";
> > controls {
> > inet 127.0.0.1 allow { localhost; } keys { rndc-key;};
> > };
> > You do not need the four lines above
>
>
> Ok, but if I leave it, does not have problems either, I believe!?
OK, your server, but I think you should be aware that I have been using
Bind9 with Samba since December 2012 and I have never used the rndc.key
>
> You mention '#public IP' twice, are they both the same IP and is it
> > the DC ipaddress and if so, why are you trying to forward the DC to
> > itself ?
>
>
> No, two different networks.
> xxx.xxx.xxx.0/26
> xxx.xxx.xxx.128/26
>
> Sometimes the "samba_dlz: spnego update failed" appears in the log. I
> found this link talks about the problem.
> https://bugzilla.redhat.com/show_bug.cgi?id=1528867
>
> I added the "KRB5RCACHETYPE="none"" on the /etc/default/bind9, but the
> error message keeps.
>
That is if you are using the MIT kerberos with Samba, instead of the
default HEIMDAL.
Rowland
More information about the samba
mailing list