[Samba] Reverse Lookup Zone Not Loaded by DNS Server
L.P.H. van Belle
belle at bazuin.nl
Thu May 27 07:30:23 UTC 2021
Hai Roy,
Im wondering.. did you fully disable IPv6 on the system?
These are all IPv6 related.
[2021/05/26 17:20:23.985592, 0] ../../source4/rpc_server/dcerpc_server.c:509(add_socket_rpc_tcp_iface)
service_setup_stream_socket(address=::,port=0) for netlogon mgmt failed - NT_STATUS_INVALID_PARAMETER_MIX
[2021/05/26 17:20:23.993753, 0] ../../source4/rpc_server/dcerpc_server.c:509(add_socket_rpc_tcp_iface)
service_setup_stream_socket(address=::,port=0) for dnsserver backupkey eventlog6 browser unixinfo dssetup drsuapi lsarpc mgmt failed - NT_STATUS_INVALID_PARAMETER_MIX
[2021/05/26 17:20:23.996454, 0] ../../source4/rpc_server/dcerpc_server.c:509(add_socket_rpc_tcp_iface)
service_setup_stream_socket(address=::,port=0) for samr rpcecho wkssvc mgmt failed - NT_STATUS_INVALID_PARAMETER_MIX
[2021/05/26 17:20:23.998398, 0] ../../source4/rpc_server/dcerpc_server.c:509(add_socket_rpc_tcp_iface)
service_setup_stream_socket(address=::,port=135) for epmapper mgmt failed - NT_STATUS_INVALID_PARAMETER_MIX
[2021/05/26 17:20:24.007882, 0] ../../source4/kdc/kdc-server.c:585(kdc_add_socket)
Failed to bind to :::88 TCP - NT_STATUS_INVALID_PARAMETER_MIX
[2021/05/26 17:20:24.008072, 0] ../../source4/cldap_server/cldap_server.c:130(cldapd_add_socket)
Failed to bind to ipv6::::389 - NT_STATUS_INVALID_PARAMETER_MIX
[2021/05/26 17:20:24.010407, 0] ../../source4/kdc/kdc-server.c:585(kdc_add_socket)
Failed to bind to :::464 TCP - NT_STATUS_INVALID_PARAMETER_MIX
And
2021/05/26 17:20:24.299833, 0] ../../source3/lib/util_sock.c:265(open_socket_in)
open_socket_in(): socket() call failed: Address family not supported by protocol
So pretty sure this is ipv4/ipv6 related.
Try these in steps..
In /etc/bind9/named.conf.options where you have "ipv6 none", set listen-on-v6 { ::1; };
systemctl stop samba-ad-dc bind9
systemctl start samba-ad-dc bind9
Did it work, if not, next,
# Set BindDNS to only ipv4.
sed -i 's/OPTIONS="-u bind/OPTIONS="-u bind -4/g' /etc/default/bind9
systemctl stop samba-ad-dc bind9
systemctl start samba-ad-dc bind9
Did it work, if not, next,
First, change your server service line to this, just this.
# meaning, all defaults, minus samba internal dns
server services = -dns
(optinal add server services = -dns -spoolss if you also dont want printer parts disabled in ad-dc)
But thats more to make it more clear, the line you have "is" correct.
Try again, still not working.. ?
Reboot server..
After that im out of options. :-/
But try all above in order, see that the problem is.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Roy
> Eastwood via samba
> Verzonden: woensdag 26 mei 2021 23:20
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Reverse Lookup Zone Not Loaded by DNS Server
>
> On 26 May 2021 20:02 Rowland penny wrote:
> > Works for myself, so can you post your smb.conf and named.conf files
> >
> > Rowland
>
> Yes, here they are:
> From tiger-db (DC owning the FSMA roles)
> ======================
> smb.conf:
> # Global parameters
> [global]
> netbios name = TIGER-DB
> realm = MICROLYNX.ORG
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap,
> kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
> workgroup = MICROLYNX
> # prevent CUPS errors in syslog
> printcap name = /dev/null
> load printers = no
>
> # add the following two lines for testing – remove for production
> # winbind enum users = yes
> # winbind enum groups = yes
>
> # allow clients to update their DNS records
> allow dns updates = nonsecure
>
> # allow AD users to log on
> template shell = /bin/bash
> template homedir = /home/%D/%U
>
> winbind refresh tickets = yes
>
> log file = /var/log/samba/log.samba
> log level = 1 dns:10
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [netlogon]
> path = /var/lib/samba/sysvol/microlynx.org/scripts
> read only = No
> ============ end smb.conf ===================
> named.conf:
> include "/etc/bind/named.conf.options";
> include "/etc/bind/named.conf.local";
> include "/etc/bind/named.conf.default-zones";
> =============end named.conf================
> named/conf.options:
> options {
> directory "/var/cache/bind";
>
> auth-nxdomain yes;
> notify no;
> empty-zones-enable no;
>
> allow-query { 127.0.0.1; 192.168.2.0/24;
> 192.168.10.0/24; 10.16.0.0/24; };
> allow-update { 127.0.0.1; 192.168.2.0/24; };
> allow-recursion { 127.0.0.1; 192.168.2.0/24;
> 192.168.10.0/24; 10.16.0.0/24; };
> allow-transfer { none; };
>
> listen-on port 53 { any; };
> listen-on-v6 port 53 { none; };
>
> forwarders {
> 192.168.2.2;
> };
>
> // for updates to AD zone
> tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
> minimal-responses yes;
> };
>
> # below added to aid debugging " Reverse Lookup Zone Not
> Loaded by DNS Server"
> logging {
> channel default_file {
> file "/var/log/named/default.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel general_file {
> file "/var/log/named/general.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel database_file {
> file "/var/log/named/database.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel security_file {
> file "/var/log/named/security.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel config_file {
> file "/var/log/named/config.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel resolver_file {
> file "/var/log/named/resolver.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel xfer-in_file {
> file "/var/log/named/xfer-in.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel xfer-out_file {
> file "/var/log/named/xfer-out.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel notify_file {
> file "/var/log/named/notify.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel client_file {
> file "/var/log/named/client.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel unmatched_file {
> file "/var/log/named/unmatched.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> # channel queries_file {
> # file "/var/log/named/queries.log" versions 3 size 5m;
> # severity dynamic;
> # print-time yes;
> # };
> channel network_file {
> file "/var/log/named/network.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel update_file {
> file "/var/log/named/update.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel dispatch_file {
> file "/var/log/named/dispatch.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel dnssec_file {
> file "/var/log/named/dnssec.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
> channel lame-servers_file {
> file "/var/log/named/lame-servers.log" versions 3 size 5m;
> severity dynamic;
> print-time yes;
> };
>
> category default { default_file; };
> category general { general_file; };
> category database { database_file; };
> category security { security_file; };
> category config { config_file; };
> category resolver { resolver_file; };
> category xfer-in { xfer-in_file; };
> category xfer-out { xfer-out_file; };
> category notify { notify_file; };
> category client { client_file; };
> category unmatched { unmatched_file; };
> # category queries { queries_file; };
> category network { network_file; };
> category update { update_file; };
> category dispatch { dispatch_file; };
> category dnssec { dnssec_file; };
> category lame-servers { lame-servers_file; };
> };
> ===========end named.conf.options=================
> named.conf.local:
> # self-compiled version: include
> "/usr/local/samba/bind-dns/named.conf";
> include "/var/lib/samba/bind-dns/named.conf";
> ===========end named.conf.local===================
>
> Thanks.
> Roy
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list