[Samba] samba-tool dns zoneoptions --mark-old-records-static
Rowland Penny
rpenny at samba.org
Wed Nov 8 16:58:24 UTC 2023
On Wed, 8 Nov 2023 17:41:04 +0100
Sam R via samba <samba at lists.samba.org> wrote:
> In short, I have my dns records in :
> CN=MicrosoftDNS,DC=ForestDnsZones,DC=ariane,DC=intra
That is your forest dns
>
> and I have root dns in :
> CN=MicrosoftDNS,DC=DomainDnsZones,DC=ariane,DC=intra
That is your domain dns
>
> but I don't have a "MicrosoftDNS" entry in DC=ariane,DC=intra
But I never asked to to search there, I asked you to search in this
base:
DC=example.com,CN=MicrosoftDNS,DC=DomainDNSZones,DC=example,DC=com
The first part is your dns forward zone and from what you posted above,
it should be 'DC=ariane.intra'
The last part is baseDN and again, it should be 'DC=ariane,DC=imtra'
So if you run the ldbsearch command I posted, with your dns data and it
returns the records, then as you have basically run the search that the
'samba-tool dns zoneoptions' command runs (and fails), then it looks
like a permissions problem.
Run (as root) 'kinit Administrator'
Then run your 'samba-tool dns zoneoptions' command again, but add
'--use-kerberos=required' and see if that works.
Rowland
More information about the samba
mailing list