[Samba] once again reverse DNS - bind_dlz

Rowland penny rpenny at samba.org
Mon May 17 19:27:44 UTC 2021 

On 17/05/2021 20:11, Jan JMPBL via samba wrote:
> Hi everyone,
> test environment based on Debian 10.9 with bind_dlz and van-belle
> repositories - a lot of good work.
> I've been working on it for two days - without success.
>
> Forward lookup DNS zones are working properly. Added hosts display
> correctly in RSAT DNS in forward lookup zones. Everything looks fine except
> for two log entries that always show up when updating the zone
>
>
> *May 17 20:21:48 ad named [453]: client @ 0x7f73400703d0 10/10/10.160 #
> 56059: update 'TEST.lan / IN' deniedMay 17 20:21:48 ad named [453]:
> samba_dlz: canceling transaction on zone TEST.lan*
> May 17 20:21:48 ad named [453]: samba_dlz: starting transaction on zone
> TEST.lan
> May 17 20:21:48 ad named [453]: samba_dlz: allowing update of signer = RSAT
> \ $ \ @ TEST.LAN name = rsat.TEST.lan tcpaddr = 10.10.10.160 type = AAAA
> key = 1336-ms-7.9 -24efa0.2b809d3a-b737-11eb-ae6f-525400a13ecb / 160/0
> May 17 20:21:48 ad named [453]: samba_dlz: allowing update of signer = RSAT
> \ $ \ @ TEST.LAN name = rsat.TEST.lan tcpaddr = 10.10.10.160 type = A key =
> 1336-ms-7.9 -24efa0.2b809d3a-b737-11eb-ae6f-525400a13ecb / 160/0
> May 17 20:21:48 ad named [453]: samba_dlz: allowing update of signer = RSAT
> \ $ \ @ TEST.LAN name = rsat.TEST.lan tcpaddr = 10.10.10.160 type = A key =
> 1336-ms-7.9 -24efa0.2b809d3a-b737-11eb-ae6f-525400a13ecb / 160/0
> May 17 20:21:48 ad named [453]: client @ 0x7f73480c6ee0 10/10/10.160 #
> 54323 / key RSAT \ $ \ @ TEST.LAN: updating zone 'TEST.lan / NONE':
> deleting rrset at 'rsat.TEST. lan 'AAAA
> May 17 20:21:48 ad named [453]: client @ 0x7f73480c6ee0 10/10/10.160 #
> 54323 / key RSAT \ $ \ @ TEST.LAN: updating zone 'TEST.lan / NONE':
> deleting rrset at 'rsat.TEST. lan 'A
> May 17 20:21:48 ad named [453]: samba_dlz: subtracted rdataset
> rsat.TEST.lan 'rsat.TEST.lan. # 0111200 # 011IN # 011A # 01110.10.10.160'
>
> I added via RSAT to the reverse lookup zone according to the SAMBA4 wiki.
> It does not work.
>
> samba-tool dns zonelist 10.10.10.50 -U Administrator
>
>    3 zone (s) found
>
>    pszZoneName: 10.10.10.in-addr.arpa
>    Flags: DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>    ZoneType: DNS_ZONE_TYPE_PRIMARY
>    Version: 50
>    dwDpFlags: DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
>    pszDpFqdn: DomainDnsZones.TEST.lan
>
>    pszZoneName: TEST.lan
>    Flags: DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>    ZoneType: DNS_ZONE_TYPE_PRIMARY
>    Version: 50
>    dwDpFlags: DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
>    pszDpFqdn: DomainDnsZones.TEST.lan
>
>    pszZoneName: _msdcs.TEST.lan
>    Flags: DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
>    ZoneType: DNS_ZONE_TYPE_PRIMARY
>    Version: 50
>    dwDpFlags: DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>    pszDpFqdn: ForestDnsZones.TEST.lan
>
> where should I look for the problem?
>
> Thanks,
> Jan


Please go here: 
https://github.com/thctlo/samba4/blob/master/samba-collect-debug-info.sh

Download the script and run it on the DC, post the output (sanitised if 
required) into a reply to this, do not attach it, this list strips 
attachments.

Rowland

More information about the samba mailing list