[Samba] samab-4.10 nsupdate
James B. Byrne
byrnejb at harte-lyne.ca
Thu Jul 2 14:30:52 UTC 2020
Thank you for your patience.
On Tue, June 30, 2020 16:48, Rowland penny wrote:
>
> From 'man smb.conf':
>
> nsupdate command (G)
>
> This option sets the path to the nsupdate command which is used for
> GSS-TSIG dynamic DNS updates.
>
> Default: nsupdate command = /usr/bin/nsupdate -g
>
> dns update command (G)
>
> This option sets the command that is called when there are DNS
> updates. It should update the local machines DNS names using TSIG-GSS.
>
> Default: dns update command = ${prefix}/sbin/samba_dnsupdate
>
> Example: dns update command = /usr/local/sbin/dnsupdate
>
> You probably need both.
>
> Rowland
If I use the -g option to nsupdate then I see this:
update(nsupdate): A ForestDnsZones.brockley.harte-lyne.ca 192.168.18.161
Calling nsupdate for A ForestDnsZones.brockley.harte-lyne.ca 192.168.18.161 (add)
Successfully obtained Kerberos ticket to DNS/SMB4-1.brockley.harte-lyne.ca as
SMB4-1$
/usr/local/bin/nsupdate: cannot specify -g or -o, program not linked with GSS
API Library
Failed nsupdate: 1
When I remove the -g option then I get this:
[root at smb4-1 ~ (master)]# grep nsupdate /usr/local/etc/smb4.conf
dns update command = /usr/local/bin/nsupdate
nsupdate command = /usr/local/bin/nsupdate
And the error changes to this:
update failed: REFUSED
Failed nsupdate: 2
update(nsupdate): SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca
SMB4-1.brockley.harte-lyne.ca 389
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca
SMB4-1.brockley.harte-lyne.ca 389 (add)
Successfully obtained Kerberos ticket to DNS/SMB4-1.brockley.harte-lyne.ca as
SMB4-1$
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca.
900 IN SRV 0 100 389 SMB4-1.brockley.harte-lyne.ca.
update failed: REFUSED
Failed nsupdate: 2
Failed update of 29 entries
I have checked that resolv.conf is properly set for this host:
[root at smb4-1 ~ (master)]# cat /etc/resolv.conf
search brockley.harte-lyne.ca hamilton.harte-lyne.ca harte-lyne.ca
nameserver 192.168.18.161
nameserver 216.185.71.33
nameserver 216.185.71.34
options edns0 timeout:5 attempts:3
and that /etc/hosts is likewise set up to use the jail's assigned lo0 address:
[root at smb4-1 ~ (master)]# grep 'local\|smb4' /etc/hosts
127.0.161.1 localhost localhost.brockley.harte-lyne.ca
192.168.18.161 smb4-1.brockley.harte-lyne.ca smb4-1
192.168.18.162 smb4-2.brockley.harte-lyne.ca smb4-2
We are getting closer to the answer I think.
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the samba
mailing list