[Samba] update 'domain.local/IN' denied

[Hervé Hénoch]

Hi,

We have a problem with some computers when all goes right we can see this :

client @0x7fa34406d*170 172.18.105.83*#64120: *update 'domain.local/IN'
denied*
Nov 24 09:30:33 pdc named[489]: samba_dlz: cancelling transaction on
zone domain.local
Nov 24 09:30:33 pdc named[489]: samba_dlz: starting transaction on zone
domain.local
Nov 24 09:30:33 pdc named[489]: samba_dlz: allowing update of
signer=psc194\$\@domain.local name=PSC194.domain.local
*tcpaddr=172.18.105.83 *type=AAAA
key=1304-ms-7.28-5afe7f9.627563a7-2d55-11eb-9da2-4ccc6a1d4209/160/0
Nov 24 09:30:33 pdc named[489]: samba_dlz: allowing update of
signer=psc194\$\@domain.local name=PSC194.domain.local
tcpaddr=172.18.105.83 type=A
key=1304-ms-7.28-5afe7f9.627563a7-2d55-11eb-9da2-4ccc6a1d4209/160/0
Nov 24 09:30:33 pdc named[489]: samba_dlz: allowing update of
signer=psc194\$\@domain.local name=PSC194.domain.local
tcpaddr=172.18.105.83 type=A
key=1304-ms-7.28-5afe7f9.627563a7-2d55-11eb-9da2-4ccc6a1d4209/160/0

But sometimes we only have this :

client @0x7fa34406d*170 172.18.105.83*#64120: *update 'domain.local/IN'
denied*

An idea ?

Behind the smb.conf :

# Global parameters
[global]
    netbios name = PDC
    realm = DOMAIN.LOCAL
    server role = active directory domain controller
    server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
    workgroup = DOMAIN
    winbind enum users = yes
    winbind enum groups = yes
    time server = yes

[netlogon]
    path = /var/lib/samba/sysvol/domain.local/scripts
    read only = No

[sysvol]
    path = /var/lib/samba/sysvol
    read only = No

-- 

 
Hervé Hénoch
Responsable informatique
Institut Sainte Catherine
250 chemin de Baigne-Pieds
CS 80005 — 84918 AVIGNON cedex 9
Téléphone : 04.90.27.57.44