[Samba] Configure DHCP to update DNS records with BIND9
L.P.H. van Belle
belle at bazuin.nl
Tue Aug 13 14:25:58 UTC 2019
Hai,
Can you post your bind9 config also.
Might be handy because i think you missing something there.
For example.
named.conf.options
options {
.....
// https://wiki.samba.org/index.php/Dns-backend_bind
// DNS dynamic updates via Kerberos (optional, but recommended)
//tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab"; // before samba 4.9
tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab"; // after samba 4.9 or an upgraded samba as of 4.9.
};
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc-key;};
//inet ::1 allow { localhost; } keys { rndc-key;};
};
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Joerg via samba
> Verzonden: dinsdag 13 augustus 2019 15:50
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Configure DHCP to update DNS records with BIND9
>
> Hello everyone,
>
>
>
> I have configured my Samba as AD with BIND9_DLZ as backend
> and trying to
> configure the ISC-DHCP-server to add the leases to BIND_DLZ
>
> As described in the samba wiki:
> https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_
> records_with_B
> IND9
>
>
>
> Everything is working fine so far, but I get an error message
> as shown below
> in syslog:
>
>
>
> Aug 13 14:32:28 SAMBA dhcpd[4635]: DHCPDISCOVER from 60:6d:3c:09:6a:52
> (amazon-b550a4de2) via home.lan
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: DHCPOFFER on 192.168.0.104 to
> 60:6d:3c:09:6a:52 (amazon-b550a4de2) via home.lan
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: Commit: IP: 192.168.0.104 DHCID:
> 60:6d:3c:09:6a:52 Name: amazon-b550a4de2
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: execute_statement argv[0] =
> /usr/local/bin/dhcp-dyndns.sh
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: execute_statement argv[1] = add
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: execute_statement argv[2]
> = 192.168.0.104
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: execute_statement argv[3] =
> 60:6d:3c:09:6a:52
>
> Aug 13 14:32:29 SAMBA dhcpd[4635]: execute_statement argv[4] =
> amazon-b550a4de2
>
> Aug 13 14:32:29 SAMBA named[11842]: samba_dlz: allowing update of
> signer=dhcpduser\@HOME.LAN name=amazon-b550a4de2.HOME.LAN
> tcpaddr=127.0.0.1
> type=A key=365897329.sig-samba.home.lan/160/0
>
> Aug 13 14:32:29 SAMBA named[11842]: samba_dlz: allowing update of
> signer=dhcpduser\@HOME.LAN name=amazon-b550a4de2.HOME.LAN
> tcpaddr=127.0.0.1
> type=A key=365897329.sig-samba.home.lan/160/0
>
> Aug 13 14:32:29 SAMBA named[11842]: client @0x7f118109b250
> 127.0.0.1#47097/key dhcpduser\@HOME.LAN: updating zone
> 'home.lan/NONE':
> deleting rrset at 'amazon-b550a4de2.HOME.LAN' A
>
> Aug 13 14:32:29 SAMBA named[11842]: client @0x7f118109b250
> 127.0.0.1#47097/key dhcpduser\@HOME.LAN: updating zone
> 'home.lan/NONE':
> adding an RR at 'amazon-b550a4de2.HOME.LAN' A 192.168.0.104
>
> Aug 13 14:32:29 SAMBA named[11842]: client @0x7f118104d710
> 127.0.0.1#54253/key dhcpduser\@HOME.LAN: signer
> "dhcpduser\@HOME.LAN" denied
>
> Aug 13 14:32:29 SAMBA named[11842]: client @0x7f118104d710
> 127.0.0.1#54253/key dhcpduser\@HOME.LAN: update
> '0.168.192.in-addr.arpa/IN'
> denied
>
> Aug 13 14:32:29 SAMBA dhcpd: DHCP-DNS Update failed: 02
>
>
>
> This is my dhcpd.conf:
>
>
>
> ddns-update-style none;
>
> update-static-leases on;
>
> allow unknown-clients;
>
> use-host-decl-names on;
>
> default-lease-time 86400; #24 hours
>
> max-lease-time 86400;
>
> supersede domain-name "home.lan";
>
> prepend domain-name-servers 127.0.0.1;
>
> authoritative;
>
> log-facility local7;
>
>
>
> subnet 192.168.0.0 netmask 255.255.255.0 {
>
> option domain-name "HOME.LAN";
>
> option domain-name-servers 192.168.0.1;
>
> option subnet-mask 255.255.255.0;
>
> option routers 192.168.0.254;
>
> option netbios-name-servers 192.168.0.1;
>
> option ntp-servers 192.168.0.1;
>
> option broadcast-address 192.168.0.255;
>
> option time-offset 0;
>
> ddns-domainname "HOME.LAN. <http://HOME.LAN.> ";
>
> ddns-rev-domainname "0.168.192.in-addr.arpa.";
>
> option ntp-servers 192.168.0.1;
>
> pool {
>
> range 192.168.0.100 192.168.0.200;
>
> }
>
> }
>
>
>
> on commit {
>
> set noname = concat("dhcp-", binary-to-ascii(10, 8, "-",
> leased-address));
>
> set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
>
> set ClientDHCID = concat (
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,1,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,2,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,3,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,4,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,5,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,6,1))),2)
>
> );
>
> set ClientName = pick-first-value(option host-name,
> config-option-host-name,
> client-name, noname);
>
> log(concat("Commit: IP: ", ClientIP, " DHCID: ", ClientDHCID,
> " Name: ",
> ClientName));
>
> execute("/usr/local/bin/dhcp-dyndns.sh", "add", ClientIP, ClientDHCID,
> ClientName);
>
> }
>
>
>
> on release {
>
> set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
>
> set ClientDHCID = concat (
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,1,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,2,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,3,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,4,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,5,1))),2), ":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "",
> substring(hardware,6,1))),2)
>
> );
>
> log(concat("Release: IP: ", ClientIP));
>
> execute("/usr/local/bin/dhcp-dyndns.sh", "delete", ClientIP,
> ClientDHCID);
>
> }
>
>
>
> on expiry {
>
> set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
>
> # cannot get a ClientMac here, apparently this only works
> when actually
> receiving a packet
>
> log(concat("Expired: IP: ", ClientIP));
>
> # cannot get a ClientName here, for some reason that always fails
>
> execute("/usr/local/bin/dhcp-dyndns.sh", "delete", ClientIP, "", "0");
>
> }
>
>
>
> Hostname resolution is working for all devices after the IP
> is provided by
> the dhcp server.
>
> Please could you help me to find out what is wrong or why I'm
> getting this
> error and where it is comming from.???
>
> Any help and suggestion is much appreciated. thanks you in advance.
>
>
>
> Best regards,
>
> Joerg
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list