[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"

[Rowland Penny]

On Tue, 2021-09-07 at 20:25 +0100, Carlos Jesus via samba wrote:
> Hi all, once again I ask for your help since I'm out of ideas. First
> my
> setup.
> Two DC's running Debian buster and samba 4.12.11 with bind9, and
> dynamic
> dns through dhcp (in failover mode) using the wiki script. One of the
> DC's
> is physical, the other is virtual (Proxmox).
> Both DC's have very similar configurations (but we all have heard
> this a
> thousand times...) and on the physical DC all is well, let's forget
> about
> it.
> On the virtual DC, I get the error "No AD dhcp user exists"
> blablabla. If I
> run the suggested commands (kinit Administrator at SAMDOM.EXAMPLE etc),
> it
> complains that the user already exists which can be confirmed by
> wbinfo
> -u|grep dhcpduser.
> The dhcp server is working since I get things like
> DHCPINFORM from 192.168.1.147 via br0
> DHCPACK to 192.168.1.147 (00:13:72:40:50:6a) via br0
> execute: /usr/local/bin/dhcp-dyndns.sh exit status 256
> Unfortunatly I don't know what "exit status 256" is
> Now:
> 1) /etc/dhcpd.keytab exists and with right permissions (root:root
> r--------)
> 2)bind9 is up and running
> 3) /etc/resolv.conf
> options rotate timeout:5
> search SAMDOM.EXAMPLE
> nameserver 192.168.1.150
> nameserver 192.168.1.149
> 4) Running TESTUSER="$(wbinfo -u | grep 'dhcpduser')" returns
> SAMDOM/dhcpduser (as expected, so why does the script thinks TESTUSER
> is
> empty?)
> I can provide dhcpd.conf, named.conf and smb.conf however, they are
> very
> simillar on both DC's.
> 
> Any ideas?
> Best regards
> 
> Carlos

I have read somewhere that failover is broken in isc-dhcp-server on
buster, you need to compile it yourself. I am sorry, but I cannot
remember where I read this and it is late here, if you cannot find it,
I will try and find it myself tomorrow.

Rowland