[Samba] Odd behavior with "allow dns updates" (+dhcp_dyndns.sh)

Kris Lou klou at themusiclink.net
Wed Jan 23 20:06:41 UTC 2019

> > All,
> >
> > I'm hoping somebody could help explain this:  with the Wiki
> > dhcp_dyndns.sh script and "allow dns updates = secure and nonsecure",
> > I have the following log snippet for a  single machine:
> The two have absolutely nothing to do with each other.
OK, now I'm reading that "allow dns updates" only applies to the Internal
DNS, not Bind_DLZ.

> You have identified the problem yourself:
> From what I can tell, the DHCP update script is running successfully and
> then the client is attempting to update its own DNS immediately
> afterwards.
> If you are using DHCP to update the dns records, you also need to stop
> your clients from trying to update their own records, something the
> wiki page warns about, but not obvious enough. I will fix this.

I guess that I want to have my cake and eat it too.  If I can't get it to
work, then that kinda makes my decision for me.

So let me see if I understand the execution chain correctly:
* Client (DHCP request) -> DHCPd receive/give lease -> DHCPd authenticates
against AD with keytab, then receives permission (as DNSAdmin) to execute

What does the above chain look like without DHCP-driven dynamic updates? On
"Standard" client update requests?

More information about the samba mailing list