[Samba] DNS Update Failed

Marcio Demetrio Bacci marciobacci at gmail.com
Fri Aug 2 18:51:48 UTC 2019 

Hi

I believe I am having DNS upgrade issues, as noticed below:

 /etc/init.d/samba-ad-dc status
● samba-ad-dc.service - Samba AD Daemon
   Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled; vendor
preset: enabled)
   Active: active (running) since Fri 2019-08-02 10:04:24 -03; 5h 20min ago
     Docs: man:samba(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 9284 (samba)
   Status: "smbd: ready to serve connections..."
    Tasks: 24 (limit: 4720)
   CGroup: /system.slice/samba-ad-dc.service
           ├─ 9284 /usr/sbin/samba
           ├─ 9285 /usr/sbin/samba
           ├─ 9286 /usr/sbin/samba
           ├─ 9287 /usr/sbin/samba
           ├─ 9288 /usr/sbin/samba
           ├─ 9289 /usr/sbin/samba
           ├─ 9290 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ├─ 9291 /usr/sbin/samba
           ├─ 9292 /usr/sbin/samba
           ├─ 9293 /usr/sbin/samba
           ├─ 9294 /usr/sbin/samba
           ├─ 9295 /usr/sbin/samba
           ├─ 9296 /usr/sbin/samba
           ├─ 9297 /usr/sbin/samba
           ├─ 9298 /usr/sbin/samba
           ├─ 9300 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
           ├─ 9319 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
           ├─ 9320 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ├─ 9321 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ├─ 9323 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ├─ 9461 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
           ├─11089 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
           ├─12656 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           └─13701 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground

ago 02 15:04:26 samba4-dc samba[9297]: [2019/08/02 15:04:26.226295,  0]
../source4/dsdb/dns/dns_update.c:290(dnsupdate_nameupdate_done)
ago 02 15:04:26 samba4-dc samba[9297]:
../source4/dsdb/dns/dns_update.c:290: Failed DNS update - with error code 1
ago 02 15:14:26 samba4-dc samba[9297]: [2019/08/02 15:14:26.193049,  0]
../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
ago 02 15:14:26 samba4-dc samba[9297]:   /usr/sbin/samba_dnsupdate:
dns_tkey_negotiategss: TKEY is unacceptable
ago 02 15:14:26 samba4-dc samba[9297]: [2019/08/02 15:14:26.214295,  0]
../source4/dsdb/dns/dns_update.c:290(dnsupdate_nameupdate_done)
ago 02 15:14:26 samba4-dc samba[9297]:
../source4/dsdb/dns/dns_update.c:290: Failed DNS update - with error code 1
ago 02 15:24:26 samba4-dc samba[9297]: [2019/08/02 15:24:26.148273,  0]
../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
ago 02 15:24:26 samba4-dc samba[9297]:   /usr/sbin/samba_dnsupdate:
dns_tkey_negotiategss: TKEY is unacceptable
ago 02 15:24:26 samba4-dc samba[9297]: [2019/08/02 15:24:26.179684,  0]
../source4/dsdb/dns/dns_update.c:290(dnsupdate_nameupdate_done)
ago 02 15:24:26 samba4-dc samba[9297]:
../source4/dsdb/dns/dns_update.c:290: Failed DNS update - with error code 1


........


ago 02 15:35:42 samba4-dc samba[689]: [2019/08/02 15:35:42.239661,  0]
../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
ago 02 15:35:42 samba4-dc samba[689]:   /usr/sbin/samba_dnsupdate: update
failed: REFUSED
ago 02 15:35:42 samba4-dc samba[689]: [2019/08/02 15:35:42.272622,  0]
../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
ago 02 15:35:42 samba4-dc samba[689]:   /usr/sbin/samba_dnsupdate: ; TSIG
error with server: tsig verify failure
ago 02 15:35:42 samba4-dc samba[689]: [2019/08/02 15:35:42.272708,  0]
../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
ago 02 15:35:42 samba4-dc samba[689]:   /usr/sbin/samba_dnsupdate: update
failed: NOTIMP
ago 02 15:35:42 samba4-dc samba[689]: [2019/08/02 15:35:42.305040,  0]
../source4/dsdb/dns/dns_update.c:290(dnsupdate_nameupdate_done)
ago 02 15:35:42 samba4-dc samba[689]:
../source4/dsdb/dns/dns_update.c:290: Failed DNS update - with error code 2
ago 02 15:35:42 samba4-dc smbd[680]: [2019/08/02 15:35:42.693498,  0]
../lib/util/become_daemon.c:124(daemon_ready)
ago 02 15:35:42 samba4-dc smbd[680]:   STATUS=daemon 'smbd' finished
starting up and ready to serve connections


Everything was OK, but now I also noticed that inconsistencies started to
appear between the DC Master bases (Windows Server 2008) and Samba 4 after
I removed another Windows DC server.

Would anyone have an idea how to solve this problem?

Regards,

Márcio Bacci.

More information about the samba mailing list