[Samba] Bind9 issue
Robert Wooden
wdn2420systm at gmail.com
Thu Oct 1 17:05:38 UTC 2020
Everyone,
I discovered one of the "sed" lines in /etc/bind/named.conf.options was
missing.
Correcting that and all works as expected, now.
Thanks everyone for your suggestions.
On Thu, Oct 1, 2020 at 1:49 AM L.P.H. van Belle <belle at bazuin.nl> wrote:
> Hi Bob,
>
> Ok, things are looking ok again?
> dpkg-reconfiure krb5.conf , doesnt do much expect installing and
> configuringing krb5.conf which basicly only sets the REALM.
>
> "init administrator" will not connect to kerberos?
> If the DNS isnt running, its unable to resolv the servernames for the
> REALM.
> Resulting in, you not able to kinit.
>
> Greetz,
>
> Louis
>
>
>
>
> ------------------------------
> *Van:* Robert Wooden [mailto:wdn2420systm at gmail.com]
> *Verzonden:* woensdag 30 september 2020 17:21
> *Aan:* L.P.H. van Belle
> *CC:* samba at lists.samba.org
> *Onderwerp:* Re: [Samba] Bind9 issue
>
> It appears to be loading:
>
> root at dtdc1:~# cat /etc/bind/named.conf.local
>> //
>> // Do any local configuration here
>> //
>>
>> // Consider adding the 1918 zones here, if they are not used in your
>> // organization
>> //include "/etc/bind/zones.rfc1918";
>>
>> // adding the dlopen ( Bind DLZ ) module for samba.
>> // at install debian already sets the correct bind9.XX version in this
>> file below.
>> *include "/var/lib/samba/bind-dns/named.conf"*;
>>
>
> I did find that there were issues with file permissions for some of the
> bind9 files. I may have missed one.
>
> Still stumped as to why I cannot "dpkg-reconfiure krb5.conf" ??? And "init
> administrator" will not connect to kerberos?
>
> On Wed, Sep 30, 2020 at 10:02 AM L.P.H. van Belle <belle at bazuin.nl> wrote:
>
>> Bind_DLZ is not loaded
>> Which makes sence if we see the errors..
>>
>> Verify if this is loaded..
>>
>> I have it in named.conf.local
>>
>> // adding the dlopen ( Bind DLZ ) module for samba, beware, if you using
>> bind9.9 then you need to change this manualy
>> include "/var/lib/samba/bind-dns/named.conf";
>>
>>
>>
>> > -----Oorspronkelijk bericht-----
>> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> > Robert Wooden via samba
>> > Verzonden: woensdag 30 september 2020 16:55
>> > CC: SAMBA MailList
>> > Onderwerp: Re: [Samba] Bind9 issue
>> >
>> > Louis,
>> >
>> > (Un-sanitized)
>> >
>> > root at dtdc1:~# systemctl status bind9
>> > > ??? bind9.service - BIND Domain Name Server
>> > > Loaded: loaded (/lib/systemd/system/bind9.service;
>> > enabled; vendor
>> > > preset: enabled)
>> > > Active: active (running) since Wed 2020-09-30 07:19:21
>> > CDT; 2h 26min ago
>> > > Docs: man:named(8)
>> > > Process: 375 ExecStart=/usr/sbin/named $OPTIONS (code=exited,
>> > > status=0/SUCCESS)
>> > > Main PID: 395 (named)
>> > > Tasks: 5 (limit: 2249)
>> > > Memory: 27.7M
>> > > CGroup: /system.slice/bind9.service
>> > > ??????395 /usr/sbin/named -u bind
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:2f::f#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:503:c27::2:30#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:2d::d#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:9f::42#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:200::b#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:7fd::1#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:2::c#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:dc3::35#53
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:12::d0d#53
>> > > Sep 30 07:19:28 dtdc1 named[395]: resolver priming query complete
>> > >
>> >
>> > Add the log from this morning
>> >
>> > > Sep 30 07:19:21 dtdc1 named[395]: starting BIND
>> > > 9.11.5-P4-5.1+deb10u2-Debian (Extended Support Version) <id:998753c>
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: running on Linux x86_64
>> > 4.19.0-11-amd64
>> > > #1 SMP Debian 4.19.146-1 (2020-09-17)
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: built with
>> > '--build=x86_64-linux-gnu'
>> > > '--prefix=/usr' '--includedir=/usr/include'
>> > '--mandir=/usr/share/man'
>> > > '--infodir=/usr/share/info' '--sysconfdir=/etc'
>> > '--localstatedir=/var'
>> > > '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu'
>> > > '--libexecdir=/usr/lib/x86_64-linux-gnu' '--disable-maintainer-mode'
>> > > '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu'
>> > > '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/'
>> > > '--enable-threads' '--enable-largefile' '--with-libtool'
>> > '--enable-shared'
>> > > '--enable-static' '--with-gost=no' '--with-openssl=/usr'
>> > > '--with-gssapi=/usr' '--with-libidn2' '--with-libjson=/usr'
>> > > '--with-lmdb=/usr' '--with-gnu-ld' '--with-geoip=/usr'
>> > '--with-atf=no'
>> > > '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa'
>> > > '--enable-native-pkcs11'
>> > '--with-pkcs11=/usr/lib/softhsm/libsofthsm2.so'
>> > > '--with-randomdev=/dev/urandom' '--enable-dnstap'
>> > > 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2
>> > > -fdebug-prefix-map=/build/bind9-pbRECD/bind9-9.11.5.P4+dfsg=.
>> > > -fstack-protector-strong -Wformat -Werror=format-security
>> > > -fno-strict-aliasing -fno-delete-null-pointer-checks
>> > -DNO_VERSION_DATE
>> > > -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now'
>> > 'CPPFLAGS=-Wdate-time
>> > > -D_FORTIFY_SOURCE=2'
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: running as: named -u bind
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: compiled by GCC 8.3.0
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: compiled with OpenSSL
>> > version: OpenSSL
>> > > 1.1.1d 10 Sep 2019
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: linked to OpenSSL version: OpenSSL
>> > > 1.1.1d 10 Sep 2019
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: compiled with libxml2
>> > version: 2.9.4
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: linked to libxml2 version: 20904
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: compiled with libjson-c
>> > version: 0.12.1
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: linked to libjson-c
>> > version: 0.12.1
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: threads support is enabled
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]:
>> > > ----------------------------------------------------
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: BIND 9 is maintained by
>> > Internet Systems
>> > > Consortium,
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: Inc. (ISC), a non-profit 501(c)(3)
>> > > public-benefit
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: corporation. Support and
>> > training for
>> > > BIND 9 are
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: available at
>> > https://www.isc.org/support
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]:
>> > > ----------------------------------------------------
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: adjusted limit on open
>> > files from 524288
>> > > to 1048576
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: found 2 CPUs, using 2
>> > worker threads
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: using 1 UDP listener per interface
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: using up to 4096 sockets
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: loading configuration from
>> > > '/etc/bind/named.conf'
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: reading built-in trust
>> > anchors from file
>> > > '/etc/bind/bind.keys'
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: initializing GeoIP
>> > Country (IPv4) (type
>> > > 1) DB
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GEO-106FREE 20181108 Build
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: initializing GeoIP
>> > Country (IPv6) (type
>> > > 12) DB
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GEO-106FREE 20181108 Build
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP City (IPv4) (type 2) DB not
>> > > available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP City (IPv4) (type 6) DB not
>> > > available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP City (IPv6) (type 30) DB not
>> > > available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP City (IPv6) (type 31) DB not
>> > > available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP Region (type 3) DB
>> > not available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP Region (type 7) DB
>> > not available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP ISP (type 4) DB not
>> > available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP Org (type 5) DB not
>> > available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP AS (type 9) DB not available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP Domain (type 11) DB
>> > not available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: GeoIP NetSpeed (type 10)
>> > DB not available
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: using default UDP/IPv4 port range:
>> > > [32768, 60999]
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: using default UDP/IPv6 port range:
>> > > [32768, 60999]
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: listening on IPv4 interface lo,
>> > > 127.0.0.1#53
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: listening on IPv4
>> > interface enp1s0,
>> > > 192.168.16.41#53
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: generating session key
>> > for dynamic DNS
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: sizing zone task pool
>> > based on 5 zones
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: set up managed keys zone for view
>> > > _default, file 'managed-keys.bind'
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: command channel listening on
>> > > 127.0.0.1#953
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: managed-keys-zone: loaded serial 7
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: zone 0.in-addr.arpa/IN:
>> > loaded serial 1
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: zone 127.in-addr.arpa/IN:
>> > loaded serial 1
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: zone 255.in-addr.arpa/IN:
>> > loaded serial 1
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: zone localhost/IN: loaded serial 2
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: all zones loaded
>> > >
>> > > Sep 30 07:19:21 dtdc1 named[395]: running
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:7fe::53#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:7fe::53#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:1::53#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:1::53#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:503:ba3e::2:30#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:a8::e#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:2f::f#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:503:ba3e::2:30#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:a8::e#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:2f::f#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:503:c27::2:30#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:2d::d#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:9f::42#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:200::b#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:503:c27::2:30#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:7fd::1#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:7fe::53#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:2d::d#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:1::53#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:9f::42#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:503:ba3e::2:30#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:200::b#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:a8::e#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:7fd::1#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:2f::f#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:2::c#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:503:c27::2:30#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:dc3::35#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:2::c#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:2d::d#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:dc3::35#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable
>> > resolving './NS/IN':
>> > > 2001:500:12::d0d#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/A/IN': 2001:500:12::d0d#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:9f::42#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:200::b#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:7fd::1#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:2::c#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:dc3::35#53
>> > >
>> > > Sep 30 07:19:25 dtdc1 named[395]: network unreachable resolving '
>> > > 0.us.pool.ntp.org/AAAA/IN': 2001:500:12::d0d#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:7fe::53#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:1::53#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:503:ba3e::2:30#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:a8::e#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:2f::f#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:503:c27::2:30#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:2d::d#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:9f::42#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:200::b#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:7fd::1#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:2::c#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:dc3::35#53
>> > >
>> > > Sep 30 07:19:27 dtdc1 named[395]: network unreachable resolving '
>> > > dtdc1.ad.dtntwk.work/A/IN': 2001:500:12::d0d#53
>> > >
>> > > Sep 30 07:19:28 dtdc1 named[395]: resolver priming query complete
>> > >
>> > > (END
>> > >
>> >
>> > Anyones thoughts??
>> >
>> >
>> > On Wed, Sep 30, 2020 at 9:43 AM Robert Wooden <wdn2420systm at gmail.com>
>> > wrote:
>> >
>> > > Rowland,
>> > > To answer you first, my "example.com" registered host is a
>> > wildcat " *.
>> > > example.com". Everything example.com returns my external ip address.
>> > >
>> > > Both bind9 and samba are running.
>> > >
>> > > Might add your "options" but for now, solving my problem, first.
>> > >
>> > > Louis, your answer in a few minutes.
>> > >
>> > > On Wed, Sep 30, 2020 at 8:09 AM Rowland penny via samba <
>> > > samba at lists.samba.org> wrote:
>> > >
>> > >> On 30/09/2020 13:22, Robert Wooden via samba wrote:
>> > >> > Yesterday I had an issue with Samba v 4.13.0.
>> > >> >
>> > >> > I cannot figure out why bind9 will not "host -t SRV _ldap._
>> > >> > tcp.ad.dtntwk.work." or "host -t SRV
>> > _kerberos._udp.ad.dtntwk.work."
>> > >> >
>> > >> > root at dc1:~# host -t SRV _ldap._tcp.subdom.example.com.
>> > >> Hmm, is 'subdom.example.com' really 'ad.dtntwk.work' ?
>> > >> >> dc1.subdom.example.com has address 164.98.xxx.xxx
>> > >> >>
>> > >> > This ip address is my external ip provided from the ISP.
>> > It should be a
>> > >> > local ip (192.168.0.xx)
>> > >> How is your internal device getting an external IP ?
>> > >> >
>> > >> > root at dc1:~# cat /etc/bind/named.conf
>> > >>
>> > >> Your bind files are the same as mine, except I have these
>> > in 'options' :
>> > >>
>> > >> dnssec-enable no;
>> > >> dnssec-lookaside no;
>> > >> allow-transfer { none; };
>> > >>
>> > >> >> // rndc.key is installed by default on debian.
>> > Just a matter
>> > >> of
>> > >> >> enableing it.
>> > >> >> include "/etc/bind/rndc.key";
>> > >> >> controls {
>> > >> >> inet 127.0.0.1 allow { localhost; } keys
>> > { rndc-key; };
>> > >> >> // inet ::1 allow { ::1; } keys { rndc-key; };
>> > >> >> };
>> > >> I also do not have the rndc lines, they are not required.
>> > >>
>> > >> > And "dpkg-reconfigure krb5-user" will not reconfigure.
>> > >> Strange.
>> > >> >
>> > >> > root at dc1:~# kinit administrator
>> > >> >> kinit: Cannot find KDC for realm "SUBDOM.EXAMPLE.COM"
>> > while getting
>> > >> >> initial credentials
>> > >> Are Samba and Bind9 running ?
>> > >>
>> > >> Is 'subdom.example.com' a registered domain, or is
>> > 'example.com' the
>> > >> registered domain ?
>> > >>
>> > >> Rowland
>> > >>
>> > >>
>> > >>
>> > >>
>> > >> --
>> > >> To unsubscribe from this list go to the following URL and read the
>> > >> instructions: https://lists.samba.org/mailman/options/samba
>> > >>
>> > >
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions: https://lists.samba.org/mailman/options/samba
>> >
>> >
>>
>>
More information about the samba
mailing list