[Samba] AD DC DynDns update problem

me at tdiehl.org me at tdiehl.org
Wed Jun 23 16:33:18 UTC 2021


Hi,

I have an AD domain running a 4.12.15 DC that I am trying to get the dyndns update
script working on. I have it configured as per
https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_with_BIND9

Kerberos appears to be working as the script does not complain that it cannot get
a ticket but when the script try's to run samba-tool I get the following:

Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]: samba-tool dns add pht-vdc1 mydomain.com DESKTOP-9L3AOBC A 192.168.1.194 -k yes
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]: ERROR(runtime): uncaught exception - (5, 'WERR_ACCESS_DENIED')
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]:  File "/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/__init__.py", line 186, in _run
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]:    return self.run(*args, **kwargs)
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]:  File "/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/dns.py", line 945, in run
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]:    raise e
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]:  File "/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/dns.py", line 941, in run
Jun 23 11:49:27 pht-vdc1 dhcpd[1397671]:    0, server, zone, name, add_rec_buf, None)

I added an echo statement before the samba-tool command for debugging.

I realize this is some kind of permissions problem but I do not understand what
permissions are wrong.

As expected, if I run the samba-tool command above as root it works as expected.

I have this same setup running on 2 other domains and it works as as expected.
I am at a loss.

Does anyone have any idea how to troubleshoot this? Any help would be appreciated.

Regards

-- 
Tom			me at tdiehl.org



More information about the samba mailing list