[Samba] bind9 refuses to start -> zone has no NS records

Rowland penny rpenny at samba.org
Thu Apr 30 12:27:15 UTC 2020 

On 30/04/2020 13:09, Benedikt Kaleß via samba wrote:
> Hi,
>
> I have to add a second DC to a Zone.
> I use the sernet packages Version 4.11 on a debian 10 host.
>
> The bind refuses to start:
>
> root at addc-zone02:~# systemctl status bind9
> ● bind9.service - BIND Domain Name Server
>     Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
>     Active: failed (Result: exit-code) since Thu 2020-04-30 14:51:58 EEST; 5s ago
>       Docs: man:named(8)
>    Process: 3733 ExecStart=/usr/sbin/named $OPTIONS (code=exited, status=1/FAILURE)
>      Tasks: 0 (limit: 4701)
>     Memory: 624.0K
>     CGroup: /system.slice/bind9.service
>
> Apr 30 14:51:58 addc-zone02 named[3734]: Loading 'AD DNS Zone' using driver dlopen
> Apr 30 14:51:58 addc-zone02 named[3734]: samba_dlz: started for DN DC=example,DC=com
> Apr 30 14:51:58 addc-zone02 named[3734]: samba_dlz: starting configure
> Apr 30 14:51:58 addc-zone02 named[3734]: zone 21.168.192.in-addr.arpa/NONE: has no NS records
> Apr 30 14:51:58 addc-zone02 named[3734]: samba_dlz: Failed to configure zone '21.168.192.in-addr.arpa'
> Apr 30 14:51:58 addc-zone02 named[3734]: loading configuration: bad zone
> Apr 30 14:51:58 addc-zone02 named[3734]: exiting (due to fatal error)
> Apr 30 14:51:58 addc-zone02 systemd[1]: bind9.service: Control process exited, code=exited, status=1/FAILURE
> Apr 30 14:51:58 addc-zone02 systemd[1]: bind9.service: Failed with result 'exit-code'.
> Apr 30 14:51:58 addc-zone02 systemd[1]: Failed to start BIND Domain Name Server.
>
> 21.168.192.in-addr.arpa is an empty zone and I deleted that zone with the Windows DNS tool.
>
> I have another DC where bind9 is running. I copied /etc/bind/named.conf.options and /etc/bind/named.conf.local
> I also double checked permissions in /var/lib/samba/bind-dns and /var/lib/samba/private
>
> Any tips are welcome. How can I start bind9 or where should I look for errors?
>
> Best
> Benedikt
>
The reverse zone is the easiest to fix, just delete it (which you say 
you have) and then recreate it.

Get Louis's script and run it, the output should show any potential 
configuration problems.

Rowland

More information about the samba mailing list