[Samba] nsupdate & bind9 dlz

brian at grumbleranch.com brian at grumbleranch.com
Mon Mar 8 23:10:48 UTC 2021

I have Samba (version 4.13.3) running in a Docker container. I have
configured it to use Bind for DNS (version 9.16.11).


I have been troubleshooting errors in my logs similar to the following:


Mar  8 11:30:59 proliant docker-compose: #033[36msamba    |#033[0m
dnsupdate_nameupdate_done: Failed DNS update with exit code 110


When I was running with the internal Samba DNS previously, I fixed these
kinds of errors by setting "nsupdate command = /usr/bin/nsupdate -l -g" so
that nsupdate would run in localhost-only mode and override the server
provided to samba_dnsupdate. When I tried doing this after switching over to
named, nsupdate (via samba_dnsupdate) complained about "cannot reset server
in localhost-only mode".


However, updating DNS records via RPC (running samba_dnsupdate with the
"--use-samba-tool" option) does work so I'm thinking that I might just do
this instead since I have tried everything I can think of to get nsupdate to


As I look through the man page for smb.conf, it's not obvious how I might
accomplishing swapping samba-tool for nsupdate. I tried adding command line
options to the "dns update command" setting in smb.conf, but it appears that
those are stripped out when samba_dnsupdate is launched automatically. Is
there another setting in smb.conf that I can use?


I am also open to exploring further diagnosis and resolution of the problem
I am experiencing with nsupdate.


Regards, Brian


More information about the samba mailing list