[Samba] Samba 4.12.0 on Fedora32: bind DNS still say "named: client @...: update 'fedora.loc/IN' denied"

Dario Lesca d.lesca at solinos.it
Thu Mar 5 15:51:39 UTC 2020 

Il giorno gio, 05/03/2020 alle 15.07 +0000, Rowland penny via samba ha
scritto:
> I think I said use either the dhcp script or allow your clients to 
> update their own records. The problem is, if you previously used the 
> DHCP script, the clients records no longer belong to the clients, so 
> they will not be able to update them. Try deleting the records and
> allow 
> the clients to recreate them.

Into DNS now there is no reference for these win10 clients or IP.

I have remove the first win10 client (win10a) from DNS before join it,
and I have try with another new win10 pc (win10b), before join it to
domain its IP/name does not exist into domain and DNS

This is the output of samba-tool dns query 

cmd=[samba-tool dns query localhost fedora.loc @ ALL -Uadministrator]
  Name=, Records=3, Children=0
    SOA: serial=7, refresh=900, retry=600, expire=86400, minttl=3600, ns=addc1.fedora.loc., email=hostmaster.fedora.loc. (flags=600000f0, serial=7, ttl=3600)
    NS: addc1.fedora.loc. (flags=600000f0, serial=4, ttl=900)
    A: 192.168.122.100 (flags=600000f0, serial=4, ttl=900)
  Name=_msdcs, Records=0, Children=0
  Name=_sites, Records=0, Children=1
  Name=_tcp, Records=0, Children=4
  Name=_udp, Records=0, Children=2
  Name=addc1, Records=1, Children=0
    A: 192.168.122.100 (flags=f0, serial=1, ttl=900)
  Name=centos8, Records=1, Children=0
    A: 192.168.122.11 (flags=f0, serial=2, ttl=900)
  Name=DomainDnsZones, Records=0, Children=2
  Name=ForestDnsZones, Records=0, Children=2
  Name=test, Records=1, Children=0
    A: 192.168.122.33 (flags=f0, serial=5, ttl=3600)


What other check I can do ?

> Finally, do not use the Fedora Samba packages as a DC in production, 
> only use them for testing, they are marked experimental for a reason.

Yes, I know, this is a test envinroment for test Fedora Package and MIT
Kerberos in order to make it, sooner or later, stop being experimental 

Thanks

-- 
Dario Lesca
(inviato dal mio Linux Fedora 31 Workstation)

More information about the samba mailing list