[Samba] client @0x7f6ed800bc20 172.16.5.86#62582: update 'campus.company.intra/IN' denied
Elias Pereira
empbilly at gmail.com
Wed Jul 4 00:53:35 UTC 2018
@Rowland Penny <rpenny at samba.org>
The link below indicates that the error message may come from windows
"In the default configuration a Windows client will try to register its
name with A record in the DNS domain it thinks it belongs to."
https://docs.menandmice.com/pages/viewpage.action?pageId=6360958
Tomorrow I'll create a GPO to disable this option. Do you think it is safe
to disable this option in windows?
https://dougrathbone.com/blog/2010/02/23/stopping-windows-from-updating-dynamic-dns
On Tue, Jul 3, 2018 at 1:28 PM Elias Pereira <empbilly at gmail.com> wrote:
> To be honest, I cannot remember just why I set it, I can just tell you
>> that I have used it that way for nearly six years now, but if you
>> insist in knowing, I will search my old notes to find the reason.
>
>
> If it's not much work for you, I'd like to know why. :)
>
> Is the above block in syslog as posted, or is it another 'grep' block.
>> If the lines are not together, please post all the lines around them.
>
>
> No. Direct from syslog and they are grouped in this way that I posted. I
> just did not post all, because there are several lines.
>
> If your pfsense thing is just providing dhcp info to clients and they
>> are supposed to update their own records, then it isn't a dhcp problem.
>
>
> ok.
>
>
> On Tue, Jul 3, 2018 at 11:02 AM Rowland Penny via samba <
> samba at lists.samba.org> wrote:
>
>> On Tue, 3 Jul 2018 10:37:29 -0300
>> Elias Pereira via samba <samba at lists.samba.org> wrote:
>>
>> > >
>> > > auth-nxdomain yes; # conform to RFC1035 =no
>> >
>> >
>> > Why do you use this variable as "yes"? :)
>>
>> To be honest, I cannot remember just why I set it, I can just tell you
>> that I have used it that way for nearly six years now, but if you
>> insist in knowing, I will search my old notes to find the reason.
>>
>> >
>> > Note the lack of './daemon.log.1:33430:'. I have '/var/log/deamon.log'
>> > > and it contains lines in the format above, they all start with the
>> > > date.
>> >
>> >
>> > I used a grep
>>
>> NEVER grep for lines in a logfile, you break the context.
>>
>> > to find the lines with "denied" and posted. If I get
>> > the logs directly from syslog, it usually appears with the date at
>> > startup.
>> >
>> > Jul 3 10:07:45 dc3 named[31128]: client @0x7fd9a0059800
>> > 172.16.4.252#51989: update 'campus.company.intra/IN' denied
>> > Jul 3 10:07:45 dc3 named[31128]: client @0x7fd9a0059800
>> > 10.10.4.119#63432: update 'campus.company.intra/IN' denied
>> > Jul 3 10:07:45 dc3 named[31128]: client @0x7fd9a0059800
>> > 172.16.4.252#62280: update 'campus.company.intra/IN' denied
>> > Jul 3 10:07:52 dc3 named[31128]: client @0x7fd9a4070a90
>> > 10.10.4.50#58891: update
>>
>> Is the above block in syslog as posted, or is it another 'grep' block.
>> If the lines are not together, please post all the lines around them.
>>
>> >
>> > The lines show that various clients are being denied updating a
>> > record,
>> > > this may be perfectly okay, they may not own the record. Do you have
>> > > anything else updating the records, DHCP for instance. If so, the
>> > > problem does not lie on the DC, it lies on the clients and they
>> > > need to be told to stop trying to update their own records.
>> >
>> >
>> > Our dchp is a pfsense and the settings are basic.
>>
>> If your pfsense thing is just providing dhcp info to clients and they
>> are supposed to update their own records, then it isn't a dhcp problem.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
> --
> Elias Pereira
>
--
Elias Pereira
More information about the samba
mailing list