[Samba] samba_dnsupdate options: --use-samba-tool vs. --use-nsupdate, and dhcpd dynamic updates

Rowland Penny rpenny at samba.org
Thu Jan 10 20:55:38 UTC 2019 

On Thu, 10 Jan 2019 20:40:30 +0000 (UTC)
Billy Bob <billysbobs at yahoo.com> wrote:

> 
>  
> 
>     On Thursday, January 10, 2019 2:33 PM, Rowland Penny via samba
> <samba at lists.samba.org> wrote: 
> 
>  >On Thu, 10 Jan 2019 20:18:37 +0000 (UTC)>
> >Billy Bob <billysbobs at yahoo.com> wrote:
> >
> >>  
> >> 
> >>    On Thursday, January 10, 2019 2:08 PM, Billy Bob via samba
> >> <samba at lists.samba.org> wrote: 
> >> >Do you want to change your scripts to match my scripts as found on
> >> >the wiki ?
> >> >I know they work, well they have for me for the last 6 years.
> >> 
> >> 
> >> I am dropping an unedited version in now. I really should have done
> >> that before asking you to look at it.>
> >
> >I cannot offer support for something that is known to work, if it is
> >heavily edited. This doesn't mean I am not open to suggestions on
> >how to make things better, but the changes must come from a working
> >system based on what is known to work.
> >
> >Rowland
> I absolutely agree with you.
> With the script dropped in straight off Wiki, the errors are now as
> follow. NOTE: the script does, of course, provide at least an exit
> code here. Also, nothing else was generated in samba-ad-dc or bind9
> logs during this operation: 

It only logs to syslog

>Jan 10 14:31:46 dc01 dhcpd[1123]: Commit:
> IP: 172.20.10.165 DHCID: 1:d4:be:d9:22:9f:7d Name: mgmt01 

From here on the script should be run


> Jan 10 14:31:46 dc01 sh[1123]: /usr/local/bin/dhcp-dyndns.sh: line 10:
> samba: command not found 

Ah, you are (if I remember correctly) using a self compiled Samba, did
you read line 9 in the script ?
Uncomment line 10, adjust it for prefix if Samba isn't in /usr/local
and then try again.

>Jan 10 14:31:46 dc01 dhcpd[1123]:
> execute_statement argv[0] = /usr/local/bin/dhcp-dyndns.sh Jan 10
> 14:31:46 dc01 dhcpd[1123]: execute_statement argv[1] = add Jan 10
> 14:31:46 dc01 dhcpd[1123]: execute_statement argv[2] = 172.20.10.165
> Jan 10 14:31:46 dc01 dhcpd[1123]: execute_statement argv[3] =
> 1:d4:be:d9:22:9f:7d Jan 10 14:31:46 dc01 dhcpd[1123]:
> execute_statement argv[4] = mgmt01 Jan 10 14:31:46 dc01
> sh[1123]: /usr/local/bin/dhcp-dyndns.sh: line 36: /wbinfo: No such
> file or directory 

From here on has nothing to do with dhcp-dyndns.sh

>Jan 10 14:31:46 dc01 sh[1123]: Reply from SOA
> query: Jan 10 14:31:46 dc01 sh[1123]: ;; ->>HEADER<<- opcode: QUERY,
> status: NXDOMAIN, id:  33781 Jan 10 14:31:46 dc01 sh[1123]: ;; flags:
> qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 Jan 10
> 14:31:46 dc01 sh[1123]: ;; QUESTION SECTION: Jan 10 14:31:46 dc01
> sh[1123]: ;mgmt01.corp.wjci.com.                IN        SOA Jan 10
> 14:31:46 dc01 sh[1123]: ;; AUTHORITY SECTION: Jan 10 14:31:46 dc01
> sh[1123]: corp.wjci.com.                0        IN        SOA
> dc01.corp.wjci.com. hostmaster.corp.wjci.com. 38 900 600 86400 3600
> Jan 10 14:31:46 dc01 sh[1123]: Found zone name: corp.wjci.com Jan 10
> 14:31:46 dc01 sh[1123]: The master is: dc01.corp.wjci.com Jan 10
> 14:31:46 dc01 sh[1123]: start_gssrequest Jan 10 14:31:46 dc01
> sh[1123]: send_gssrequest Jan 10 14:31:46 dc01 sh[1123]: Outgoing
> update query: Jan 10 14:31:46 dc01 sh[1123]: ;; ->>HEADER<<- opcode:
> QUERY, status: NOERROR, id:  22771 Jan 10 14:31:46 dc01 sh[1123]: ;;
> flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 Jan 10
> 14:31:46 dc01 sh[1123]: ;; QUESTION SECTION: Jan 10 14:31:46 dc01
> sh[1123]: ;2934920924.sig-dc01.corp.wjci.com. ANY        TKEY Jan 10
> 14:31:46 dc01 sh[1123]: ;; ADDITIONAL SECTION: Jan 10 14:31:46 dc01
> sh[1123]: 2934920924.sig-dc01.corp.wjci.com. 0 ANY TKEY
> gss-tsig. 1547152306 1547152306 3 NOERROR 1397
> YIIFcQYGKwYBBQUCoIIFZTCCBWGgDTALBgkqhkiG9xIBAgKiggVOBIIF
> SmCCBUYGCSqGSIb3EgECAgEAboIFNTCCBTGgAwIBBaEDAgEOo Jan 10 14:31:46
> dc01 sh[1123]: recvmsg reply from GSS-TSIG query Jan 10 14:31:46 dc01
> sh[1123]: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  22771
> Jan 10 14:31:46 dc01 sh[1123]: ;; flags: qr ra; QUESTION: 1, ANSWER:
> 1, AUTHORITY: 0, ADDITIONAL: 0 Jan 10 14:31:46 dc01 sh[1123]: ;;
> QUESTION SECTION: Jan 10 14:31:46 dc01
> sh[1123]: ;2934920924.sig-dc01.corp.wjci.com. ANY        TKEY Jan 10
> 14:31:46 dc01 sh[1123]: ;; ANSWER SECTION: Jan 10 14:31:46 dc01
> sh[1123]: 2934920924.sig-dc01.corp.wjci.com. 0 ANY TKEY
> gss-tsig. 0 0 3 BADKEY 0  0 Jan 10 14:31:46 dc01 sh[1123]:
> dns_tkey_gssnegotiate: TKEY is unacceptable Jan 10 14:31:46 dc01
> sh[1123]: Reply from SOA query: Jan 10 14:31:46 dc01 sh[1123]: ;;
> ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  15626 Jan 10
> 14:31:46 dc01 sh[1123]: ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0,
> AUTHORITY: 1, ADDITIONAL: 0 Jan 10 14:31:46 dc01 sh[1123]: ;;
> QUESTION SECTION: Jan 10 14:31:46 dc01
> sh[1123]: ;165.10.20.172.in-addr.arpa.        IN        SOA Jan 10
> 14:31:46 dc01 sh[1123]: ;; AUTHORITY SECTION: Jan 10 14:31:46 dc01
> sh[1123]: 10.20.172.in-addr.arpa.        0        IN
> SOA        dc01.corp.wjci.com. hostmaster.corp.wjci.com. 2 900 600
> 86400 3600 Jan 10 14:31:46 dc01 sh[1123]: Found zone name:
> 10.20.172.in-addr.arpa Jan 10 14:31:46 dc01 sh[1123]: The master is:
> dc01.corp.wjci.com Jan 10 14:31:46 dc01 sh[1123]: start_gssrequest
> Jan 10 14:31:46 dc01 sh[1123]: send_gssrequest Jan 10 14:31:46 dc01
> sh[1123]: Outgoing update query: Jan 10 14:31:46 dc01 sh[1123]: ;;
> ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  55177 Jan 10
> 14:31:46 dc01 sh[1123]: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY:
> 0, ADDITIONAL: 1 Jan 10 14:31:46 dc01 sh[1123]: ;; QUESTION SECTION:
> Jan 10 14:31:46 dc01 sh[1123]: ;2939413633.sig-dc01.corp.wjci.com.
> ANY        TKEY Jan 10 14:31:46 dc01 sh[1123]: ;; ADDITIONAL SECTION:
> Jan 10 14:31:46 dc01 sh[1123]: 2939413633.sig-dc01.corp.wjci.com. 0
> ANY TKEY        gss-tsig. 1547152306 1547152306 3 NOERROR 1397
> YIIFcQYGKwYBBQUCoIIFZTCCBWGgDTALBgkqhkiG9xIBAgKiggVOBIIF
> SmCCBUYGCSqGSIb3EgECAgEAboIFNTCCBTGgAwIBBaEDAgEOo Jan 10 14:31:46
> dc01 sh[1123]: recvmsg reply from GSS-TSIG query Jan 10 14:31:46 dc01
> sh[1123]: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  55177
> Jan 10 14:31:46 dc01 sh[1123]: ;; flags: qr ra; QUESTION: 1, ANSWER:
> 1, AUTHORITY: 0, ADDITIONAL: 0 Jan 10 14:31:46 dc01 sh[1123]: ;;
> QUESTION SECTION: Jan 10 14:31:46 dc01
> sh[1123]: ;2939413633.sig-dc01.corp.wjci.com. ANY        TKEY Jan 10
> 14:31:46 dc01 sh[1123]: ;; ANSWER SECTION: Jan 10 14:31:46 dc01
> sh[1123]: 2939413633.sig-dc01.corp.wjci.com. 0 ANY TKEY
> gss-tsig. 0 0 3 BADKEY 0  0 Jan 10 14:31:46 dc01 sh[1123]:
> dns_tkey_gssnegotiate: TKEY is unacceptable Jan 10 14:31:46 dc01
> dhcpd[1123]: execute: /usr/local/bin/dhcp-dyndns.sh exit status 2816
> Jan 10 14:31:46 dc01 dhcpd[1123]: reuse_lease: lease age 6601 (secs)
> under 25% threshold, reply with unaltered, existing lease for
> 172.20.10.165 

The next lines are from DHCP

>Jan 10 14:31:46 dc01 dhcpd[1123]: DHCPREQUEST for
> 172.20.10.165 from d4:be:d9:22:9f:7d (mgmt01) via eno1 Jan 10
> 14:31:46 dc01 dhcpd[1123]: DHCPACK on 172.20.10.165 to
> d4:be:d9:22:9f:7d (mgmt01) via eno1
> 

Rowland

More information about the samba mailing list