[Samba] samba_dlz: disallowing update of signer error=insufficient access rights
L.P.H. van Belle
belle at bazuin.nl
Fri Nov 27 15:44:16 UTC 2020
And in addition.
https://findproxyforurl.com/official-toolset/
Learn here more on wpad.
What i does and most important, how you can use it.
I enforce it trough dhcp.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Arnaud FLORENT via samba
> Verzonden: vrijdag 27 november 2020 16:29
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] samba_dlz: disallowing update of
> signer error=insufficient access rights
>
>
> Le 27/11/2020 à 12:13, lmloge via samba a écrit :
> > Hello,
> >
> > When I run "systemctl status bind9.service" on my
> SAMBA_SERVER, I get
> > the output below.
> >
> > - There is one problem which implies "192.168.3.249",
> > "wpad.mycompany.lan", "ecs.office.com".
> > What can this be, given that I know no "wpad" equipment in
> my network
> > and that I do not know what "ecs.office.com" is?
>
> wpad means Web Proxy Auto-Discovery
>
> it is queried by browsers to download proxy configuration file
>
>
> https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol
>
> > Can you explain to me what is the meaning of the related
> messages below?
> >
> > - There is a second problem which implies "192.168.2.55" and
> > "WELL_KNOWN_MACHINE".
> > "WELL_KNOWN_MACHINE" is a machine that is very well known, very
> > important in my network.
> > Can you explain what the problem is and how to solve it?
> > The error message says "insufficient access rights". How
> can I check
> > what's wrong?
> >
> > Thanks.
> > --
> > Léa
> >
> > root at SAMBA_SERVER:~# systemctl status bind9.service
> > ? bind9.service - BIND Domain Name Server
> > Loaded: loaded (/lib/systemd/system/bind9.service;
> enabled; vendor
> > preset: enabled)
> > Drop-In: /etc/systemd/system/bind9.service.d
> > +-override.conf
> > Active: active (running) since Thu 2020-06-11 21:33:05 CEST; 5
> > months 16 days ago
> > Docs: man:named(8)
> > Process: 431 ExecStart=/usr/sbin/named $OPTIONS (code=exited,
> > status=0/SUCCESS)
> > Main PID: 527 (named)
> > Tasks: 7 (limit: 4915)
> > Memory: 81.4M
> > CGroup: /system.slice/bind9.service
> > +-527 /usr/sbin/named -u bind -4
> >
> > Nov 27 10:12:51 SAMBA_SERVER named[527]: client @0x7f96c80d1cf0
> > 192.168.3.249#50160 (wpad.mycompany.lan): query
> > 'wpad.mycompany.lan/A/IN' denied
> > Nov 27 10:12:51 SAMBA_SERVER named[527]: client @0x7f96d0fc5d20
> > 192.168.3.249#54685
> >
> (_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mycompany.lan):
> > query
> >
> '_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mycompany
> .lan/SRV/IN'
> > denied
> > Nov 27 10:12:53 SAMBA_SERVER named[527]: client @0x7f96d0fc5d20
> > 192.168.3.249#58257 (ecs.office.com): query (cache)
> > 'ecs.office.com/A/IN' denied
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: samba_dlz: starting
> > transaction on zone mycompany.lan
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: client @0x7f96c406fed0
> > 192.168.2.55#55685: update 'mycompany.lan/IN' denied
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: samba_dlz: cancelling
> > transaction on zone mycompany.lan
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: samba_dlz: starting
> > transaction on zone mycompany.lan
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: samba_dlz:
> disallowing update
> > of signer=WELL_KNOWN_MACHINE\$\@MYCOMPANY.LAN
> > name=WELL_KNOWN_MACHINE.mycompany.lan type=AAAA error=insufficient
> > access rights
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: client @0x7f96c406fed0
> > 192.168.2.55#54935/key WELL_KNOWN_MACHINE\$\@MYCOMPANY.LAN:
> updating
> > zone 'mycompany.lan/NONE': update failed: rejected by secure update
> > (REFUSED)
> > Nov 27 10:57:31 SAMBA_SERVER named[527]: samba_dlz: cancelling
> > transaction on zone mycompany.lan
> >
> --
> Arnaud FLORENT
> IRIS Technologies
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list