[Samba] Internal DNS, update of reverse zone fails
kaffeesurrogat
kaffeesurrogat at posteo.de
Mon Feb 17 10:01:31 UTC 2020
On 17/02/2020 10:24, Rowland penny via samba wrote:
> On 17/02/2020 08:42, kaffeesurrogat wrote:
>> Dear Rowland,
>>
>> Yes, I did. I'm reading a lot. Docs, books, ... Updates of the
>> dns-server via DHCP is up and running, both for the reverse lookup zone
>> and the forward lookup mechanism. I've set the lease time to a very low
>> value to make shure the dhcp-script has something to do and I can see
>> entries changing.
>> I've tested the entries with nslookup HOSTNAME and nslookup IP. This is
>> working for IPse managed by dhcp. If i give a static ip to my client,
>> nslookup HOSTNAMESTATIC is working. nslookup IPSTATIC does not.
>>
>> That is the thing which is a bit confusing. I'm not using BIND9, i'm
>> using the internal dns of samba.
>>
>> Have fun,
>>
>> blubberbaer
>
> Sorry, concentrated on the dhcp and missed 'static' :-(
>
> Yes, this is how it is supposed to be, you are supposed to create the
> static dns records in AD yourself. Also, if you are using dhcp to update
> records, you need to stop your Windows trying to update their own records.
>
> Rowland
>
>
Many thanks Rowland, you know I'm quite a newbie to samba and i'm
working hard on getting it up and running .... ;-)
Can I savely ignore that
samba_dnsupdate --verbose --all-names
fails with
; TSIG error with server: tsig verify failure
Failed nsupdate: 2
update(nsupdate): SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.lfa.ls
plfa1.lfa.ls 389
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.lfa.ls
plfa1.lfa.ls 389 (add)
Successfully obtained Kerberos ticket to DNS/plfa1.lfa.ls as PLFA1$
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.lfa.ls. 900 IN
SRV 0 100 389 plfa1.lfa.ls.
; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Failed update of 29 entries
????
It looks strange for me, since I'm using INTERNAL SAMBA DNS. Why are
there errors about TSIG ? TSIG is not supported, thus I believed
samba_dnsupdate would not use it in the first place .
Using
samba_upgradedns -s /smbaddc/etc/smb.conf --verbose
--dns-backend=SAMBA_INTERNAL
to fix the error doesn't help.
It answers with:
lpcfg_load: refreshing parameters from /smbaddc/etc/smb.conf
Reading domain information
lpcfg_load: refreshing parameters from /smbaddc/etc/smb.conf
DNS accounts already exist
No zone file /smbaddc/bind-dns/dns/LFA.LS.zone
DNS records will be automatically created
DNS partitions already exist
Could not remove /smbaddc/bind-dns/dns.keytab: No such file or directory
Could not remove /smbaddc/bind-dns/named.conf: No such file or directory
Could not remove /smbaddc/bind-dns/named.txt: No such file or directory
Could not delete dir /smbaddc/bind-dns/dns: No such file or directory
Finished upgrading DNS
Because it still looking for bind-dns, I believe the command silently
ignores --dns-backend=SAMBA_INTERNAL.
I guess, this is not the way it supposed to be .....
Awfully sorry for all this questions.
Have fun,
blubberbaer
More information about the samba
mailing list