[Samba] No DNS UPdate possible Fedora 34 samba 4.14
Robert Marcano
robert at marcanoonline.com
Wed May 12 14:04:24 UTC 2021
On 5/12/21 9:49 AM, Mueller via samba wrote:
> Dear all,
>
> I set up a test os , fedora 34 with bind 9.16.
> I installed the packages from fedora repo: samba-dc abd samba-bind-dlz.
> I provisioned with bind9_dlz. All with no errors.
>
> samba-tool domain provision --dns-backend=BIND9_DLZ --realm=EXAMPLE.COM
> --domain=EXAMPLE --server-role=dc --adminpass=Password
> I Set in my /etc/named.conf :
>
> tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
> include "/var/lib/samba/bind-dns/named.conf";
> my /etc/krb5.conf is named readable
>
> A normal lookup was working on the fly, but if tried to join a new windows
> client to my domain bind keeps me telling
>
> client @0x7f44ec000cc8 XXX.XXX.XXX.XXX#62786: update 'plk.loc/IN' denied
> samba_dlz: cancelling transaction on zone plk.loc
>
> What i recognised is, file named.conf.update was not created on
> provisioning!?
> Do I need the file anymore!?
Fedora build Samba AD with the experimental MIT backend. IIRC Windows
clients use GSS for DNS updates. Fedora provided packages have many
issues still, because of the experimental nature.
If you can try with a package build with the embedded Heimdal Kerberos
for Fedora, see if the problem persist, and report the issue so the
people that works on the experimental backend know about the issue.
>
> Greetings
> Daniel
>
>
>
>
>
More information about the samba
mailing list