Internal dns server changed between RC2 & 4.1.0pre1-GIT-2c3a808
Rowland Penny
repenny at f2s.com
Mon Oct 15 11:21:05 MDT 2012
On 15/10/12 17:37, Kai Blin wrote:
> On 2012-10-15 18:07, Rowland Penny wrote:
>
> Hi Rowland,
>
>> Hello, I set Samba 4 RC2 to update the internal nameserver via dhcp
>> using a script, this works ok. I have compiled and installed
>> 4.1.0pre1-GIT-2c3a808 and dhcp updating the nameserver no longer works!
> I need more details here. How did the script work?
It is one I found on the internet and altered to fit my needs, as I said
it works on RC2 but now will not work on pre1.
basically the script is run by dhcp from dhcpd.conf, it checks a
kerberos keytab then runs nsupdate to first delete the pc's nameserver
record (if there is one) then adds it into to the required zone. The
script then checks to see if the record now exists.
>
>> Everything is the same, only the version of Samba4 has changed
> Yes, we fixed https://bugzilla.samba.org/show_bug.cgi?id=9183
So, it now listens on all interfaces?
>
>> If I run netstat -nlp | grep LISTEN | grep 53 on RC2 I get:
>>
>> tcp 0 0 192.168.0.5:53 0.0.0.0:* LISTEN 810/samba
>> tcp6 0 0 fe80::e2cb:4eff:fe06:53 :::* LISTEN 810/samba
>>
>> But on 4.1.0pre1-GIT-2c3a808 I get:
>>
>> tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
>> 22350/samba
>> tcp6 0 0 :::53 :::* LISTEN 22350/samba
>>
>> If I run the script manually: /usr/local/sbin/dhcp-dyndns.sh add
>> 192.168.0.171 LinPad
>> I get:
>> root at adserver:~# dns_tkey_negotiategss: TKEY is unacceptable
>> specified zone '0.168.192.in-addr.arpa' does not exist (NXDOMAIN)
>> dhcpd: DDNS: adding records for 192.168.0.171 <LinPad.home.lan> FAILED:
>> status 10
>>
>> Why is the TKEY suddenly unacceptable? and why is it saying the reverse
>> zone does not exist when it does, as I created it and samba-tool lists it?.
> What happens if you query records from 0.168.192.in-addr.arpa outside of
> that update?
Do you mean as in:
host -t A linpad.home.lan
Host linpad.home.lan not found: 3(NXDOMAIN)
host -t PTR 192.168.0.171
171.0.168.192.in-addr.arpa has no PTR record
> Are you using the correct Kerberos keys?
Ah, what would be the correct Kerberos keys?, I am using one that I
created for a user I also created, as I said it works on RC2
>
> A network capture might help.
This would be no problem if I only knew how to do this (hint hint) ;-)
> Cheers,
> Kai
>
Thanks for any help you can give
Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba-technical
mailing list