[Samba] Problems setting up samba bind9_dlz on Ubuntu 18.04
L.P.H. van Belle
belle at bazuin.nl
Mon Nov 25 07:56:43 UTC 2019
That link your using has few poing that needs fixing.. Its not a bad exampl.e
For example. 5. apt-get install ntpdate.. Should be : apt-get install ntp
You should configure the NTP daemon also on the AD-DC.
Point (step 3)
10.
systemctl stop samba-ad-dc smbd nmbd winbind
Also needs
systemctl stop disable smbd nmbd winbind
systemctl stop mask smbd nmbd winbind
12.
winbind enum users = yes
winbind enum groups = yes
Better use no here.
14.
Not needed.
If you read the howto as shown in this link
https://github.com/thctlo/samba4/blob/master/full-howto-Ubuntu18.04-samba-AD_DC.txt
Start reading as of line 183.
Your problems/fixes are around lines 267-315
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> David Masshardt via samba
> Verzonden: zondag 24 november 2019 13:36
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Problems setting up samba bind9_dlz on
> Ubuntu 18.04
>
> Hi,
>
> I hope someone can help me with the following problem. I
> followed the following guides to setup samba as an additional
> active directory server to my windows server with bind9 dns:
>
> https://www.tecmint.com/join-additio...r-replication/<https://
www.tecmint.com/join-additional-ubuntu-dc-to-samba4-ad-dc-> failover-replication/>
> https://wiki.samba.org/index.php/BIN...roubleshooting<https://
> wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Troubleshooting>
>
> The active directory replication works, but the dns
> replication does not. When I'm running "samba_dnsupdate
> --all-names" I get the following output:
>
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> update failed: REFUSED
> ; TSIG error with server: tsig verify failure
> update failed: REFUSED
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> ; TSIG error with server: tsig verify failure
> Failed update of 19 entries
>
> Here is a list of versions:
>
> Ubuntu: 18.04
> Samba: 4.7.6-Ubuntu
> bind9: 9.11.3-1ubuntu1.11-Ubuntu
>
> And this is my smb.conf:
>
> [global]
> netbios name = DC01
> realm = DOMAIN.COM
> server role = active directory domain controller
> workgroup = DOMAIN.COM
> dns forwarder = 172.17.1.1
> idmap_ldb:use rfc2307 = yes
>
> template shell = /bin/bash
> winbind use default domain = true
> winbind offline logon = false
> winbind nss info = rfc2307
> winbind enum users = yes
> winbind enum groups = yes
> server services = -dns
>
> [netlogon]
> path = /var/lib/samba/sysvol/domain.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> I'm not really sure if samba is even using bind9. I've
> enabled the logging of bind9, but I cannot see any logs when
> running the dns update.
>
> Did I miss a step to activate the bind9 module?
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list